Mr. Cooper cyberattack hits every current — and former — customer

The mortgage servicer expects vendor expenses related to its response and recovery to reach $25 million this quarter. Almost 14.7 million people were impacted.

By Matt Kapko • Dec. 18, 2023

State-linked cyber actors behind SolarWinds plant seeds for new malicious campaign

U.S. authorities are raising alarms that the 2020 Sunburst attack threat actors are exploiting a CVE in JetBrains TeamCity in preparation for future supply chain compromises.

By David Jones • Dec. 15, 2023

Kraft Heinz probes ransomware attack claim

The food and beverage company attributed the potential attack to a decommissioned marketing site and said internal systems are operating normally.

By Matt Kapko • Dec. 15, 2023

Credit unions recover from outages caused by third-party ransomware attack

While Ongoing Operations said some of its data was compromised and notified impacted customers, credit unions have yet to disclose damages downstream.

By Matt Kapko • Dec. 14, 2023

Check Point Software in SEC settlement talks in connection with SolarWinds probe

The cybersecurity firm provided documents and other information related to the 2020 supply chain hack of the SolarWinds Orion platform.

By David Jones • Dec. 13, 2023

Henry Schein says 29K people affected in September cyberattack

The ransomware group AlphV/BlackCat claimed responsibility for the data breach and a second incident involving the company.

By Susan Kelly • Dec. 11, 2023

Red Roof claims cybersecurity incident did not involve guest data

The hotel company experienced a ransomware attack in September that targeted personal data.

By Jenna Graber • Dec. 11, 2023

Norton Healthcare ransomware attack exposes 2.5M people

Ransomware attacks are soaring in the healthcare sector, impacting more than 88 million people in the first 10 months of 2023, according to HHS.

By Matt Kapko • Dec. 11, 2023

White House wants to set minimum cyber standards for hospitals, healthcare

The sector has faced a wave of ransomware linked to the critical CitrixBleed vulnerability, which has led to major attacks from LockBit and other threat groups.

By David Jones • Dec. 11, 2023

Court approves Cargill’s $2.4M settlement of Kronos outage wage claims

Employees alleged that the Kronos Private Cloud ransomware attack resulted in unpaid wages and overtime, among other damages.

By Ryan Golden • Dec. 8, 2023

Data breaches fallout reach new heights as the number of exposed records soars

The increased threat to and exposure of personal data is linked to two key factors: a rise in ransomware and attacks against vendors, an MIT study found.

By Matt Kapko • Dec. 8, 2023

Fidelity National Financial still assessing cyberattack impact, but is insured

The company acknowledged real estate closings were briefly impacted, however committed to protect customer data and prioritize cybersecurity investments.

By David Jones • Dec. 7, 2023

Water utility cyberattacks underscore ongoing threat to OT

U.S. officials urged water utilities and industrial sites to employ basic configuration safeguards like securing internet-facing devices and changing default passwords following a series of attacks.

By David Jones • Dec. 5, 2023

Payments processor Tipalti investigating ransomware attack

The AlphV ransomware group claimed responsibility for the attack on Saturday and threatened to extort Tipalti customers with allegedly stolen data.

By Matt Kapko • Dec. 4, 2023

Dozens of credit unions confront outages linked to third-party ransomware attack

CitrixBleed ensnared another industry, leading to a network incident at Ongoing Operations, which provides business continuity services.

By Matt Kapko • Dec. 4, 2023

Fidelity National Financial restoring operations after containing cyberattack

The company, one of the largest title insurance firms in the U.S., is still assessing whether the attack will have a material impact on its business.

By David Jones • Dec. 4, 2023

Staples hit by cyberattack during critical Cyber Week sales push

The office supply retailer expects to fully catch up on back orders after online processing and deliveries were briefly disrupted.

By David Jones • Dec. 1, 2023

Okta again promises it is taking security seriously

CEO Todd McKinnon used the company's earnings call to once again pledge improvements and address a culture of lax security.

By Matt Kapko • Nov. 30, 2023

North Texas water utility the latest suspected industrial ransomware target

Federal authorities are investigating multiple attacks against water and wastewater treatment facilities in the U.S. following an Iran-linked attack in Pennsylvania.

By David Jones • Nov. 30, 2023

MGM CFO expects insurance to cover cyberattack costs

The Las Vegas-based casino and resort operator has pegged the costs of the September cyberattack that temporarily impeded operations at about $100 million. 

By Suman Bhattacharyya • Nov. 29, 2023

All Okta support system customers caught in previously disclosed breach

The single sign-on provider significantly widened the scope of the attack two months after customers first reported suspicious activity on their Okta environments.

By Matt Kapko • Nov. 29, 2023

CISA warns of threat groups exploiting Unitronics PLCs in water treatment hacks

The Unitronics warning follows an Iran-linked hack of a Pennsylvania water treatment facility.

By David Jones • Updated Nov. 29, 2023

Fidelity National Financial investigating cyberattack that led to service disruption

AlphV/BlackCat claimed responsibility for the attack on the title insurance giant, which is trying to determine whether the attack will have a material impact.

By David Jones • Nov. 27, 2023

SMBs hit by rise in legitimate tool-based attacks

Attackers are moving away from malware and evading detection by abusing remote monitoring and management software, according to Huntress research.

By Matt Kapko • Nov. 21, 2023

‘Honesty’: Estes details its playbook for responding to a cyberattack

Being open about the incident engendered goodwill from customers and colleagues, executives said.

By Colin Campbell • Nov. 20, 2023