Tag: week | Page 2

LoanDepot outage drags into second week after ransomware attack

January 19, 2024/in Internet Security

Image Credits: Rafael Henrique / SOPA Images / LightRocket / Getty Images

LoanDepot customers say they have been unable to make mortgage payments or access their online accounts following a suspected ransomware attack on the company last week.

The mortgage and loan giant said on January 8 that it was working to “restore normal business operations as quickly as possible” following a security incident that involved the “encryption of data,” a common hallmark of a ransomware attack.

Users on social media and forums discussing the incident say they have struggled to access their account information or submit payments. Some say they have been unable to close deals during the ongoing disruption at LoanDepot, while others had better luck on the phone with the company.

LoanDepot’s updating cyber incident page says several LoanDepot customer portals returned online as of Thursday, albeit with limited functionality.

When reached by email, LoanDepot spokesperson Jonathan Fine declined to comment, but did not dispute that the incident was linked to ransomware. Fine would not say if the company was aware of a ransom demand, or say if the company yet knows what kind of customer data was compromised.

LoanDepot has not yet updated regulators on the company’s recovery since its initial disclosure to the SEC on January 8.

According to its website, LoanDepot has millions of customers.

Read more on TechCrunch:

Source…

Ubisoft reportedly shutdown a “data security incident” earlier this week

December 23, 2023/in Computer Security

Ubisoft is reportedly investigating an “unknown threat actor” who allegedly gained access to the company’s Microsoft Teams, Confluence, Atlas, and SharePoint channels for 48 hours before access was revoked.

According to the Gaming Leaks and Rumours subreddit and as reported by Bleeping Computer, screenshots allegedly taken during the 20th December hack have since been leaked online. Ubisoft has reportedly confirmed it is investigating an “alleged data security incident”.

“December 20th, an unknown Threat Actor compromised Ubisoft,” tweeted vx-underground. “The individual had access for roughly 48 hours until administration realised something was off, and access was revoked.

“They aimed to exfiltrate roughly 900GB of data but lost access,” vx-underground adds. It’s not clear what, if any, data the hacker obtained before they were kicked from the system.

December 20th an unknown Threat Actor compromised Ubisoft. The individual had access for roughly 48 hours until administration realized something was off and access was revoked.

They aimed to exfiltrate roughly 900gb of data but lost access.

— vx-underground (@vxunderground) December 22, 2023

Apparently, the “threat actor” would not share how they got initial access, but upon entry into Ubisoft’s internal systems, the hacker “audited users access rights and spent time thoroughly reviewing Microsoft Teams, Confluence, and SharePoint”.

Access was revoked before the threat actor successfully exfiltrated Rainbow Six Siege user data.

“We are aware of an alleged data security incident and are currently investigating. We don’t have more to share at this time,” Ubisoft said in a statement to BleepingComputer.

Marvel’s Spider-Man developer Insomniac Games has now released a statement addressing the ransomware attack on its studio earlier this month, the release of stolen data this week, and the spread of information on upcoming projects now circulating the internet.

The PlayStation studio had stayed silent until now, something it said was a result of it being “focused inward” to support team members. Personal data was included in…

Source…

City of Palm Coast Urges Residents to Use Caution Online During International Fraud Awareness Week

November 13, 2023/in Internet Security

The City of Palm Coast is encouraging residents to safeguard their personal information and remain vigilant against potential fraud while shopping online this holiday season, particularly during International Fraud Awareness Week.

The City of Palm Coast Information Technology Department takes internet security seriously, as demonstrated in October when the department proudly collaborated with Cyber Florida to host an essential cybersecurity training event. This event brought together counties and municipalities, fostering a community of resilience against cyberattacks.

“The internet plays a crucial role in our daily lives, and it’s vital that we understand the associated risks,” said Doug Akins, Director of Information Technology. “As systems and processes continue to evolve, so do the tactics of online scammers. We at the City of Palm Coast are committed to empowering our community with the knowledge and tools to stay safe online during International Fraud Awareness Week and year-round.”

Throughout International Fraud Awareness Week, residents of Palm Coast can expect to see informative videos from members of the Information and Technology City staff, offering valuable tips on how to protect themselves online. These expert insights are especially relevant as we approach the busy holiday shopping season when cyberattacks and fraud attempts tend to rise.

Stay tuned for these helpful videos and join us in taking a stand against fraud and practicing internet security. Together, we can build a safer and more resilient community.

Stay informed with the latest news and information from the City of Palm Coast by following us on Facebook, Instagram, Twitter, YouTube, and LinkedIn. You can sign up for weekly updates by visiting www.palmcoastgov.com/government/city-manager/week-in-review.

Source…

Feel-good story of the week: 2 ransomware gangs meet their demise

October 22, 2023/in Internet Security

A ransom note is plastered across a laptop monitor.

From the warm-and-fuzzy files comes this feel-good Friday post, chronicling this week’s takedown of two hated ransomware groups. One vanished on Tuesday, allegedly after being hacked by a group claiming allegiance to Ukraine. The other was taken out a day later thanks to an international police dragnet.

The first group, calling itself Trigona, saw the content on its dark web victim naming-and-shaming site pulled down and replaced with a banner proclaiming: “Trigona is gone! The servers of Trigona ransomware gang has been infiltrated and wiped out.” An outfit calling itself Ukrainian Cyber Alliance took credit and included the tagline: “disrupting Russian criminal enterprises (both public and private) since 2014.”

Poor operational security

A social media post from a user claiming to be a Ukrainian Cyber Alliance press secretary said his group targeted ransomware groups partly because they consider themselves out of reach of Western law enforcement.

“We just found one gang like that and did to them as they do to the rest,” the press secretary wrote. “Downloaded their servers (ten of them), deleted everything and defaced for the last time. TOR didn’t help them or even knowing they had a hole in it. Their entire infrastructure is completely blown away. Such a hunt forward.’”

A separate social media post dumped what the press secretary said was an administrative panel key and said the group wiped out Trigona’s “landing, blog, leaks site, internal server (rocketchat, atlassian), wallets and dev servers.” The person also claimed that the Ukrainian Cyber Alliance hacked a Confluence server Trigona used.

Screenshot showing purported hacker's control of Trigona Confluence server. — Enlarge / Screenshot showing purported hacker’s control of Trigona Confluence server.

By Friday, the Trigona site was unavailable, as evidenced by the message “Onionsite not found.”

Trigona first surfaced in 2022 with close ties to ransomware groups known as CryLock and BlackCat and looser ties to ALPHV. It primarily hacked companies in the US and India, followed by Israel, Turkey, Brazil, and Italy. It was known for compromising MYSQL servers,…

Source…

Tag Archive for: week

Poor operational security