This week: A hacker claims to have 20 million OpenAI logins, Sweden clears ship in Baltic cable damage, researchers find ways to bypass GitHub Copilot's protections, Netgear patches router flaws, undetectable Mac backdoor raises alarms, Spain nabs hacker, and Deloitte pays $5M for RIBridges breach.
Ransomware may still be raking in massive cryptocurrency profits for practitioners, but 2024 turned out to be less of a banner year than predicted, with blockchain researchers reporting that the sum total of known ransom payments to ransomware groups in 2024 plummeted by 35%.
Security researchers predict threat actors will use artificial intelligence and large language models to enhance phishing attacks and create convincing fake personas, while defensive AI enters a new phase of semiautonomous operations.
The slice of organizations opting to pay extortion after being hit by ransomware dropped to an all-time low of 25%. Underpinning the drop is a combination of better defenses, improved business resilience as well as organizations simply deciding to not pay criminals.
A New York blood center and its divisions that serves hospitals in several states are dealing with ransomware attack disrupting donations and other activities. The attack - the latest assault on a blood supplier - comes just days after the center declared a blood shortage emergency.
UnitedHealth Group says its previously eye-popping estimate of 100 million people affected by last year's attack on its Change Healthcare unit nearly doubled in recent months to a staggering 190 million victims. Why did it take so long for the company to figure out the extent of the compromise?
A chain of more than two dozen skilled nursing and rehabilitation facilities is notifying tens of thousands of patients whose information was compromised in a hacking incident last fall. Russian-speaking cybercriminal gang RansomHub claims to have published 250GB of data stolen in the heist.
One of the biggest data breaches of 2024 is even worse than previously reported, as the tally of Change Healthcare breach victims has now reached 190 million individuals. The cost tied to the attack is $3.1 billion, according to its owner, U.S. health insurance giant UnitedHealth Group.
The European Union Agency for Cybersecurity is at the center of rolling out new cybersecurity frameworks for critical infrastructure providers across Europe. But a major priority, according to ENISA's Marnix Dekker, is helping smaller vendors withstand supply chain attacks.
The European Commission has a new action plan to strengthen cybersecurity of hospitals and other healthcare providers in the European Union amid rising cyberthreats and attacks. The plan includes a cybersecurity support center to offer guidance and other resources to the EU's health sector.
In this week's update, ISMG editors discussed a U.K. proposal to mandate ransomware payment reporting, tackling financial crime by bringing together fraud and AML teams, and the global AI arms race as countries compete to lead innovation while balancing regulation and ethics.
Biden’s final cybersecurity order expands sanctions authorities to better target ransomware hackers and the financial facilitators and infrastructure providers enabling their attacks, a White House official said Thursday, as the administration aims to disrupt the broader cybercrime ecosystem.
A medical supply firm will pay $3 million to settle issues found by a HIPAA investigation into a breach. Also, a public health system will pay $60,000 to resolve a right-of-access dispute. The cases are among the latest in a spate of HIPAA enforcement actions as the Biden administration wraps up.
While ransomware groups' data-leak sites regularly lie, if taken at face value, in December 2024 they collectively listed the largest number of victims ever seen in a one-month period, dominated by RansomHub, Play and Akira operations, plus a bevy of newcomers, researchers report.
Six months after a ransomware attack temporarily crippled its blood donation and distribution activities, Florida-based nonprofit OneBlood is reporting a data breach to regulators that affected donors' personal information. Why is the incident reawakening healthcare supply chain concerns?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.
