Dateline Kyiv, Moscow, Minsk: Deterrence, defense, and retribution in hybrid war.
Deterrence and retaliation in Russia's hybrid campaign against Ukraine. (The CyberWire) Hacktivism as irregular cyber warfare during a period of hybrid conflict.
Russia conducts new military exercises as Biden, Europeans intensify diplomacy on Ukraine (Washington Post) Kremlin spokesman Dmitry Peskov Tuesday blamed the United States for “building up tension” over Ukraine, as Russia launched new military exercises in the west of the country that include short-range ballistic missile units.
For Ukrainian Soldiers, a Nervous Guessing Game on the Front (New York Times) Given Russia’s penchant for misdirection, it’s unclear how a military incursion would start. And that keeps the Ukrainian troops on edge.
On the Brink of War With Russia, Ukrainians Are Resigned and Prepared (Wall Street Journal) The nation has struggled to maintain a sense of stability since it became an independent country in 1991 and has been at war since 2014. But with 100,000 Russian troops gathered nearby, threatening Europe’s biggest land war since the 1940s, people there say something feels different this time.
UK says Russia has ‘placed gun to Ukraine’s head’ (Al Jazeera) PM Boris Johnson says UK will look to support any NATO deployment in event of invasion, threatens toughened sanctions.
Macron Plans Putin Call; Pentagon Readies Troops: Ukraine Update (Bloomberg) EU foreign ministers met in Brussels to talk Russia response. Blinken joined the meeting by video to discuss Ukraine.
Lawmakers: US submarine force can help check Russian ambitions in Ukraine (Defense News) U.S. subs can help deter Russia's overall ambitions today, even as focus remains on Ukraine's ground borders as the most immediate threat to peace in Europe, American lawmakers said.
Biden says European leaders in 'total unanimity' after call on Russia-Ukraine situation (Fox Business) President Biden said Monday that European leaders are in "total unanimity" over the approach to the situation with Russia and Ukraine, as concerns heighten over the prospect of military action in the region.
UK warns of ‘unprecedented sanctions’ against Russia as Biden says west is united on Ukraine (the Guardian) Virtual meeting between western powers comes as the US put 8,500 troops on alert and as France prepares to host a meeting of Russian and Ukrainian officials
Explainer: The U.S. export rule that hammered Huawei teed up to hit Russia (Reuters) The Biden administration is readying a U.S. export rule used against Chinese telecoms equipment maker Huawei (HWT.UL) that could curb Russia's access to global electronics supplies if President Vladimir Putin decides to invade Ukraine.
German Navy chief resigns following Ukraine comments (Defense News) Defence Minister Christine Lambrecht accepted the resignation and appointed Vice Adm. Kay-Achim Schönbach's deputy as interim naval chief.
Concerns Grow Over Potential New Russian Cyberattacks (Decipher) The Russian incursion into Ukraine is prompting warnings from the DHS and security researchers about the potential for Russian cyberattacks on U.S. companies.
A Level-Set on Russia-Borne Cyber Threats (Dark Reading) As hostilities mount between Russia and Ukraine, new and more dangerous cyberattacks are likely to develop. Pinpointing sources and motives will remain elusive, but enterprises should prepare for an escalation in cyberspace.
Ukraine Attack: Hackers Had Access for Months Before Causing Damage (SecurityWeek) In the recent Ukraine attacks, threat actors leveraged stolen credentials and they likely had access to the targeted network for months before causing damage.
Ukraine Campaign Delivers Defacement and Wipers, in Continued Escalation (Cisco Talos) A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Russia could launch cyber attacks on U.S. if Biden sends wrong signals: intel (Newsweek) "Once the shots are fired, there is no putting the genie back in the bottle," former National Security Council Eastern European Affairs director Alexander Vindman told Newsweek.
DHS warns of Russian cyberattack on US if it responds to Ukraine invasion (ABC News) The Department of Homeland Security has warned of a Russian cyberattack against the U.S. if it responds to an invasion of Ukraine.
DHS warns of potential Russia cyberattacks amid tensions (CNN) Russia would consider conducting a cyberattack on the US homeland if Moscow perceived that a US or NATO response to a potential Russian invasion of Ukraine "threatened [Russia's] long-term national security," according to a Department of Homeland Security intelligence bulletin obtained by CNN.
Potential for Russian cyberattack against U.S. ‘not to be taken lightly’ (VentureBeat) The Dept. of Homeland Security reportedly warned of a potential for Russia to launch a cyberattack against the U.S. over Ukraine tensions.
DHS Sounds Alarm on Potential for Major Russian Cyberattacks on US (Dark Reading) Latest bulletin out of DHS advises state and local governments, critical infrastructure operators to be on alert.
DHS says U.S. on "heightened alert" for Russian cyberattack (KTVQ) With more than 100,000 Russian troops poised at the Ukrainian border, the Department of Homeland Security is warning that Russia could conduct a cyberattack against the United States if it feels threatened by further actions the U.S. takes in response to a possible Russian invasion of Ukraine.
Hactivists say they hacked Belarus rail system to stop Russian military buildup (Ars Technica) If confirmed, the attack would be one of the first times ransomware has been used this way.
Belarusian hacktivist group attacks Belarusian Railways as military frictions mount - CyberScoop (CyberScoop) A group of Belarusian hackers claim to have encrypted the servers, databases and workstations of Belarusian Railways with the aim of slowing down Russian troop movements as tensions continue to mount toward a potential Russian invasion of Ukraine.
Only Putin Knows What Happens Next (The Atlantic) He alone can make the choice to bring Europe back from the brink of a major war.
Stop Panicking About Ukraine—and Putin (Foreign Policy) Russia has its own limits and logic that make war unlikely.
The West Fell Into Putin’s Trap (Foreign Policy) Even if Russia never invades Ukraine, it is accomplishing one of its major goals in Europe.
Attacks, Threats, and Vulnerabilities
DDoS attacks on Andorra's internet linked to Squid Game Minecraft tournament (The Record by Recorded Future) A high-stakes Minecraft tournament is believed to be the cause of a series of DDoS attacks that have hit Andorra's only internet provider for the last four days in what experts believe has been an attempt to prevent local gamers from participating.
Canada's foreign affairs department targeted in 'significant' cyber attack (National Post) The attack occured on the same day Canada's Communications Security Establishment warned of Russia-backed cyber threats
Canada's foreign ministry hacked, services hit (Reuters) Hackers launched a cyber attack on Canada's foreign ministry last week and some services are still down, officials said on Monday without disclosing who Ottawa thought was responsible.
Canada confirms cyber-attack on foreign affairs ministry (The Record by Recorded Future) The Canadian government confirmed late last night that its foreign affairs ministry, Global Affairs Canada, was the victim of a cyber-attack, and it's still dealing with its after-effects.
Canada's foreign affairs ministry hacked, some services down (BleepingComputer) The Canadian government department for foreign and consular relations, Global Affairs Canada was hit by a cyberattack last week. While critical services remain accessible, access to some online services is currently not available, as government systems continue to recover from the attack.
DTPacker – a .NET Packer with a Curious Password (Proofpoint) Proofpoint identified a malware packer which researchers have dubbed DTPacker.
Unusual ‘Donald Trump’ Packer Malware Delivers RATs, Infostealers (Threatpost) The ‘DTPacker’ downloader used fake Liverpool Football Club sites as lures for several weeks, a report finds.
Android malware BRATA wipes your device after stealing data (BleepingComputer) The Android malware known as BRATA has added new and dangerous features to its latest version, including GPS tracking, the capacity to use multiple communication channels, and a function that performs a factory reset on the device to wipe all traces of malicious activity.
Attackers now actively targeting critical SonicWall RCE bug (BleepingComputer) A critical severity vulnerability impacting SonicWall's Secure Mobile Access (SMA) gateways addressed last month is now targeted in ongoing exploitation attempts.
Suspected REvil Ransomware Spinoff 'Ransom Cartel' Debuts (GovInfoSecurity) Has the notorious REvil, aka Sodinokibi, ransomware operation rebooted as "Ransom Cartel"? Security experts say the new group has technical and other
CWP Flaws That Expose Servers to Remote Attacks Possibly Exploited in the Wild (SecurityWeek) Two CWP vulnerabilities that can lead to unauthenticated remote command execution may have been exploited in attacks.
MoleRats APT Launches Spy Campaign on Bankers, Politicians, Journalists (Threatpost) State-sponsored cyberattackers are using Google Drive, Dropbox and other legitimate services to drop spyware on Middle-Eastern targets and exfiltrate data.
Hacked AccessPress Site Served Backdoored WordPress Plugins, Themes (SecurityWeek) Unknown threat actors implanted backdoor code into multiple WordPress themes and plugins after compromising the website of their developer
Log4j: Mirai botnet found targeting ZyXEL networking devices (ZDNet) A report explained that the Log4j vulnerability is being used to "infect and assist in the proliferation of malware used by the Mirai botnet."
Major attacks using Log4j vulnerability ‘lower than expected’ (VentureBeat) The Log4j vulnerability has led to few major cyber attacks so far, Sophos found. But attacks via Log4Shell could occur well into the future.
Log4Shell: No Mass Abuse, But No Respite, What Happened? (Sophos News) Sophos reviews the scanning and attack detections for Log4Shell to see what’s really going on
Cracking a $2 million crypto wallet (The Verge) Breaking through crypto security
To err is human, and that's what hackers are counting on (BetaNews) It's understandable if you've made thwarting ransomware your top cybersecurity priority for 2022. The number of successful ransomware attacks, which encrypt computers until victims pay the attackers to unlock their data, surged last year. Ransomware payments reported by banks and other financial institutions (PDF) totaled $590 million for the first six months of 2021, surpassing the $416 million for all of 2020.
Vulnerability Summary for the Week of January 17, 2022 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Microsoft Restricts Excel 4.0 Macros by Default (SecurityWeek) Redmond announces improved security for Microsoft Offices users, courtesy of Excel 4.0 (XLM) macros now being restricted by default.
Microsoft: Now we're switching off Excel 4.0 macros by default (ZDNet) Microsoft has enabled a new setting that disables legacy Excel 4.0 macros by default.
Trends
The Rising Insider Threat (Hitachi) Hackers Have Approached 65% of Executives or Their Employees To Assist in Ransomware Attacks.
Ransomware gangs increase efforts to enlist insiders for attacks (BleepingComputer) A recent survey of 100 large (over 5,000 employees) North American IT firms shows that ransomware actors are making greater effort to recruit insiders in targeted firms to aid in attacks.
Global Cybersecurity Study: Insider Threats Cost Organizations $15.4 Million Annually, up 34 Percent from 2020 (Proofpoint) Negligent insiders are the root cause of 56% of incidents while credential thefts have almost doubled and are the costliest to remediate, at an average of over $800,000 per incident
Ransomware Research Shows Growing Trends (Abnormal) New ransomware research shows that 52% of all victims are located in the United States and 57% are small businesses. Learn more from our latest report.
ThreatConnect Report: CyberSecurity Under Stress (ThreatConnect) Senior decision-makers report an average Industry turnover rate of 20% in the past year and 2 in 3 have seen a notable increase year on year.
Hackers hit energy companies hard last year. What's next? (E&E News) The hack of the Colonial pipeline last year set off alarm bells across the energy sector. This year, four security trends pose new threats to gas and
Nearshore Partners Face “Substantial Risk” of Ransomware Attack (Near Shore Americas) In February 2021, Brazil and most of Latin America was going through another round of rising Covid-19 infections.
Me2B Alliance Research Exposes Poor Understanding Among Consumers Regarding Privacy Policies, Terms of Service, and Who They Protect (GlobeNewswire News Room) Spotlight Report explores the perception of these legal agreements and its ethical implications...
Marketplace
Data443 Completes Acquisition of Leading Ransomware Recovery and Data Extortion Mitigation Platform, Centurion SmartShield (MarketScreener) Unique capabilities support zero-trust and digital rights management for sensitive data at home, office, and cloud
ArmorCode Closes $11 Million Seed Funding Round As Demand For AppSecOps Platform Soars (PR Newswire) ArmorCode, the leader in AppSecOps, today announced it has secured an additional $8 million in seed financing led by Cervin Ventures with...
Hunters Secures $68 Million in Series C Funding to Become a Leading Security Operations Platform (Business Wire) Hunters announced today a $68 million Series C round led by growth equity firm Stripes, with participation from new investors DTCP, Cisco Investments
Growth Leader, John Parmley Named CEO at Zuul (Business Wire) Zuul has appointed growth leader John Parmley as the company’s CEO and President.
BlackCloak Surpasses 3x Year-Over-Year Revenue Growth as Demand for Digital Executive Protection Soars (PR Newswire) BlackCloak, the first Concierge Cybersecurity & Privacy™ Protection Platform for Executives and High-Profile Individuals, today announced that...
Contrast Security Announces Commitment to Respect Data by Becoming a Data Privacy Week 2022 Champion (PR Newswire) Contrast Security, the leader in next-gen code security, today announced its commitment to Data Privacy Week by registering as a Champion....
KnowBe4 Promotes Four Leaders to Executive and C-Level Positions (PR Newswire) KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, today announced it has promoted four...
Transmit Security Brings On New Chief Marketing Officer to Spearhead International Expansion (FindBiometrics) Transmit Security is bringing on a new Chief Marketing Officer. Chris Pick joins the company following a stint at Tanium
Stairwell Expands its Bench of Security Experts with Three Leadership Hires to Accelerate Company Growth (PR Newswire) Stairwell, a company that empowers security teams to outsmart any attacker, today announced the appointments of Shel Sharma, Vice President of...
Asigra Announces Significant Leadership Team Expansion as Co... (MENAFN) Company Appoints Chief Executive Officer, Chief Technology Officer, Chief Revenue/Marketing Officer, and Vice President of Worldwide Sale
Products, Services, and Solutions
NTT Application Security Unveils Vantage Detect to Bolster Enterprises’ Last Line of Defense Against Breaches (NTT Application Security) Solution adapts DAST to safeguard web applications and APIs in a new era of software development
NordVPN's latest update brings Dark Web Monitor and Security Score to Windows (TechRadar) NordVPN's fresh additions make it simpler to stay safe online
LogRhythm and SecLytics offer cybersecurity solutions for Middle East organizations (Help Net Security) LogRhythm has partnered with SecLytics to transform the security posture and streamline operations for SOC teams in the Middle East.
Kroll enhances Cyber Risk offering with new Malware Analysis and Reverse Engineering capabilities (IBS Intelligence) Kroll, the world's premier provider of services and digital products related to governance, risk and transparency announces that it is
Great American Insurance Group Launches Innovative Cyber Risk Management Platform for Policyholders (Business Wire) Great American Insurance Group recently launched EagleEye by Great American, a powerful cyber risk management platform for policyholders.
StratoKey Launches Cloud Compliance Manager (CCM) (CIO Applications) Fremont, CA: The cloud environment is rapidly expanding, making it increasingly difficult to identify misconfiguration. Cloud computing has numerous...
Bluescape Achieves FedRAMP 'In Process' Designation Under Sponsorship of the United States Air Force (PR Newswire) Bluescape® announced today that it has achieved the Federal Risk and Authorization Management Program's (FedRAMP) "In Process" Designation at...
SafeBreach Launches Free Ransomware Assessment (PR Newswire) SafeBreach, the pioneer in breach and attack simulation ("BAS"), today announced it has launched the ransomware challenge, a free assessment...
Oracle Selects Telos Corporation’s Cyber Risk Management Solution to Accelerate Security Compliance Authorizations (GlobeNewswire News Room) Telos’ Xacta to help reduce time and cost of security compliance for Fortune 500 cloud service provider...
Certero Achieves Oracle Fusion Middleware Verification (Certero) Certero, an innovator in unified IT Hardware, Software, SaaS and Cloud Asset Management solutions and member of Oracle Partner Network (OPN), today announced that they have been verified as a third-party tool vendor for Oracle Fusion Middleware.
Axis Security Launches Security Service Edge Forum Alongside IT Leaders from Across the Globe (PR Newswire) Today Axis Security launched the Security Service Edge (SSE) Forum. The Forum's mission is to explore the value of security service edge...
vArmour and Tanium Strengthen Partnership to Combat Vulnerabilities such as Log4j (GlobeNewswire News Room) Enhanced Integration Provides Actionable Observability As Organizations Respond to FTC Warning and CISA Guidelines...
Query.AI Launches Federated Search for Splunk to Drive Efficiencies in Cybersecurity Investigations (Query.AI) App enables security operations teams to realize fast, easy access to data where it lives – in the cloud, third-party SaaS, or on-prem – and get visibility within their Splunk® console BROOKINGS, S.D. – January 25, 2022 – Siloed data is preventing organizations from gaining timely views into cybersecurity risks. To help Splunk® customers unlock access […]
Ivanti Extends Neurons Platform with Risk‑based Patch Management to Address Ever Increasing Ransomware Attacks and Digital Assistant to Deliver Exceptional Employee Self‑Service Experiences (Ivanti) Ivanti continues to innovate with new releases of Ivanti Neurons for Patch Management to proactively remediate vulnerabilities and Ivanti Neurons Digital Assistant to transform employee experiences in the Everywhere Workplace.
SB Technology to Offer iboss Zero Trust Cloud Security as a Managed Security Service (Yahoo Finance) iboss, the leading Zero Trust cloud security provider, announces that its platform will be offered by SB Technology Corp., Ltd. (SBT) as a managed security service. The partnership will provide SBT customers access to iboss's best-in-class Zero Trust network security and will allow users in Japan to ensure their customers can securely connect to any authorized application or resource on any device, from anywhere.
Revelstoke Launches Next Generation SOAR Solution to Automate Security Operations Centers - Revelstoke | SOAR | Security Orchestration Automation & Response (Revelstoke) New Security Operations Platform Built on Unified Data Layer EliminatesVendor Lock and Reduces Strain on Security Analysts SANTA CLARA, CA, Jan. 25, 2022 – Revelstoke launched today to offer Chief Information Security Officers (CISOs) and security analysts a next-generation Security Orchestration, Automation and Response (SOAR) solution built on a Unified Data Layer that automates analysis, […]
CyberSheath Federal Enclave Delivers Cybersecurity Compliance for Federal Contractors (Business Wire) CyberSheath Services International, the largest Cybersecurity Maturity Model Certification (CMMC) managed service vendor, has introduced a new service
Technologies, Techniques, and Standards
Differential Privacy: Future Work & Open Challenges (NIST) In this series of blog posts, we have tried to give an accessible overview of the state-of-the-art in differential privacy.
UK government plans to release Nmap scripts for finding vulnerabilities (The Record by Recorded Future) The UK government's cyber-security agency plans to release Nmap scripts in order to help system administrators in scanning their networks for unpatched or vulnerable devices.
What CISA Incident Response Playbooks Mean for Your Organization (Security Intelligence) CISA recently published new federal cybersecurity guidelines. To understand the significance of this event, I sat down with Gregory Touhill for a chat.
How To Conduct A GDPR-Compliant Internal Investigation (JD Supra) In 2018, the EU’s General Data Protection Regulation (GDPR) went into effect, creating a uniform data protection law for everyone in the EU. The GDPR...
AT&T Cybersecurity Insights™ Report: Securing the Edge (AT&T) Edge computing is here. Data from the latest AT&T Cybersecurity Insights™ Report shows a high rate of maturity for edge initiatives globally, despite perceived risks.
Good Enough Is Not Okay: Agencies Need a Holistic Approach to Cybersecurity (MeriTalk) Against the backdrop of a significant rise in cyberattacks against the Federal government and private sector organizations, President Biden has made cybersecurity a critical focus of his administration. His Executive Order on Improving the Nation’s Cybersecurity (EO 14028) gives technology teams marching orders with aggressive deadlines for securing Federal networks, systems, and endpoints.
Protecting All Assets from All Cyber Attacks Is Unrealistic; Focus on Preventing the Unacceptable: Positive Technologies CEO (Positive Technologies) Seeking to protect all assets from all cyber threats sounds noble but is essentially unrealistic.
Design and Innovation
Meta has built an AI supercomputer it says will be world’s fastest by end of 2022 (The Verge) You don’t just need AI — you need an "AI supercomputer."
Meta Unveils New AI Supercomputer (Wall Street Journal) When the AI Research SuperCluster is fully built it will be the fastest AI supercomputer in the world, the Facebook parent says.
Research and Development
Center for Threat-Informed Defense Releases Impact Report, Illustrating its Collaborative R&D Approach in Cybersecurity (PR Newswire) The Center for Threat-Informed Defense (Center), a privately funded collaborative research and development organization operated by MITRE...
Academia
Student Data Security and Privacy Must Be Taken More Seriously (THE Journal) Data security and privacy are inseparable. With today kicking off Data Privacy Week, it’s a good time to take a step back and look at the efforts being made to ensure the privacy of our student’s data is being protected, and understand why schools must take data security more seriously.
Norwich continues partnership with the Air Force Research Laboratory Information Directorate (Vermont Business) Norwich University has renewed its educational partnership with the Air Force Research Laboratory Information Directorate (AFRL/RI), which began in 2016, for the next five years.
Legislation, Policy, and Regulation
A Lawless Cyberspace Hurts Young People the Most (World Politics Review) “Lawlessness in cyberspace” has already taken a huge toll irreparably shaping the lives of those born and brought up in the internet age. To reign in the chaos, the international community will need to build new structures and norms from the ground up, using new tools suited for this entirely uncharted terrain.
Polish senators draft law to regulate spyware after anti-Pegasus testimony (the Guardian) Senate commission plans reform after hearing how NSO software used against government critics
U.S. Anti-Hacking Effort Slowed by Cyberattack Review Board Delay (Bloomberg Law) The U.S. government’s response to a steady stream of cyberattacks is slowed by the delayed deployment of a planned board to review major incidents and make security recommendations, cyber researchers and consultants say.
Feds want bulk electric systems to monitor network security (SC Magazine) The Federal Energy Regulatory Commission is considering mandating owners and operators of bulk electric systems to implement internal network security monitoring.
SEC’s Gensler Signals More Cybersecurity Rules on Way (Bloomberg) Gary Gensler is considering expanding the Securities and Exchange Commission’s cybersecurity rules.
SEC Chief Wants Advisors, BDs to Improve ‘Cyber Hygiene’ | ThinkAdvisor (ThinkAdvisor) One possible course of action: altering the timing and substance of required customer notifications under Reg S-P.
Treasury Wants Banks to Loop in Foreign Affiliates on Suspicious Transactions (Wall Street Journal) The Treasury Department’s anti-money-laundering watchdog wants to allow U.S. banks to share so-called suspicious activity reports more freely with their foreign affiliates, a move that financial institutions are expected to welcome.
Defending 2022 Elections from Misinformation, Cyber Threats (GovTech) During a recent U.S. House hearing, experts discussed how the federal government can help state and local election officials defend election software, stop doxxing of election officials and the looming misinformation threat.
Litigation, Investigation, and Law Enforcement
Tor Project appeals Russian court's decision to block access to Tor (BleepingComputer) US-based Tor Project and Russian digital-rights protection org RosKomSvoboda are appealing a Russian court's decision to block access to public Tor nodes and the project's website.
Federal judge denies bail for Russian with close ties to Putin (NBC News) A Russian businessman with ties to Putin has been denied bail by a federal judge in Boston, who said Vladislav Klyushin had "no incentive" to stay in the U.S.
Alleged carder gang mastermind and three acolytes under arrest in Russia (Naked Security) The motto of the gang was “In Fraud We Trust”, and they went by a dizzying range of online nicknames.
High anxiety spreads among Russian criminal groups in wake of REvil raid (CSO Online) Fearful chatter reveals unprecedented concern about future criminal operations, though some doubt Russia's commitment to stopping ransomware.
Knesset battles over NSO and charges of police as ‘mafia’ (Jerusalem Post) The Knesset's Interior Security Committee debated the NSO affair on Monday, with chairwoman Merav Ben Ari trying to strike a balance between defending the police and probing its actions.
Shady Network of Fake Mossad Job Sites Targets Iranian Spies (The Daily Beast) One cybersecurity expert called the sites “a honey trap by the [Iranian] regime to identify the potential people interested in working with the foreign intelligence services.”
Google deceived consumers about how it profits from their location data, attorneys general allege in lawsuits (Washington Post) The complaints allege the company has deployed ‘dark patterns,’ design tricks that can subtly influence users’ decisions in ways that are advantageous for a business
NYS Attorney General reaches settlement agreement with EyeMed over data breach (WGRZ) The data breach affected 2.1 million members nationwide and more than 98,000 in New York State.