This breach occurred when GetSchooled, a charity founded by the Bill & Melinda Gates Foundation in collaboration with Viacom, left a database open to anyone with a browser and internet connection.
The archive was leaked on November 27-28. It appears to have been posted on the hacker forum after Door Controls USA seemingly refused to pay ransom to attackers who breached the company’s network.
The Virginia senator, Mark Warner, said gaps in U.S, and international law are making it difficult for the government to prevent large-scale hacks and called for tighter controls to be enacted.
The internal networks of Lithuania’s National Center for Public Health (NVSC) and several municipalities have been infected with Emotet following a large campaign targeting the country’s institutions.
T-Mobile states that the breach did not expose account holders’ names, physical addresses, email addresses, financial data, credit card details, social security numbers, tax IDs, passwords, or PINs.
FireEye has named the threat actor “UNC2452,” and Volexity dubbed the threat actor “Dark Halo,” stating that the actor is the same as UNC2452, though FireEye has not substantiated that claim.
The unprecedented cyber attack on U.S. government agencies reported this month may have started earlier than last spring as previously believed, a U.S. senator involved in cybersecurity said.
In an update posted late last night, CISA said that all US government agencies that still run SolarWinds Orion platforms must update to the latest 2020.2.1HF2 version by the end of the year.
The files DataBreaches.net saw contain a lot of operational files and documents, including human resources files involving named personnel who were tested for COVID-19 and their test results.
Security consulting firm Cerberus Cyber Sentinel Corporation has acquired penetration testing company Alpine Security, to beef up their penetration testing and regulatory compliance offerings.