Listen to (and follow) T-Minus, the only daily space news podcast.
Tune in to new episodes covering the latest space news and insights from leading experts.
Tune in to new episodes covering the latest space news and insights from leading experts.
Additional victims of the the hack of Fortra’s GoAnywhere file transfer product continue to surface, and the government of the Australian state of Tasmania has confirmed that its systems were breached as a result of the vulnerability. Tasmanian officials on Friday announced that “approximately 150,000 individuals and businesses” were impacted, and the exposed info potentially includes data on schoolchildren handled by the Department for Education, Children and Young People. Madeleine Ogilvie, Tasmania’s minister for science and technology, said an investigation into the theft of the data is ongoing, and that officials have “proactively reached out by phone to those identified as vulnerable to ensure they have the supports in place.” The Record notes that Ogilvie confirmed last week that 16,000 sensitive documents had been released by the Cl0p threat gang. In an update she added, “Through extensive investigations by our cyber team, we have now identified approximately 14,000 additional individuals whose data may have been compromised. Out of an abundance of caution, those identified will be contacted today.” It’s unclear how these 14,000 are connected to the 150,000 individuals initially reported.
In yet another GoAnywhere casualty, officials at Stanford University have disclosed that the personal data of employees and postdoctoral students, along with their dependents, were exfiltrated by intruders. According to a letter from leaders at the university and healthcare system, located in the US state of California, the leak stems from an intrusion at Brightline Inc., a provider of virtual behavioral and mental health services for the children of Stanford employees and postdoctoral students. The Mercury News reports that Brightline issued a statement Thursday confirming that it uses Fortra’s GoAnywhere file transfer product and that Fortra’s investigation “identified unauthorized access to and acquisition of data from certain customers’ accounts.” Stanford and Brightline determined that the breach impacted only health plan participants with dependents under the age of eighteen, and that the compromised data were “mostly demographic” information like subscriber and dependent names, contact information, member IDs, dates of birth, and coverage dates. No medical treatment or diagnoses info was exposed.
Australian financial services giant Latitude Financial continues its recovery process from the massive March data breach that resulted in the theft of approximately 14 million customer records. Latitude provided credit card services to supermarket chain Coles until March of 2018, and 9News reports that anyone who applied for a credit card at the grocery giant before that date may have had their data compromised in the attack. (Coles credit card services are now handled by Citibank.) A Coles spokesperson stated, "We are disappointed that this cyber incident has taken place and apologise for the inconvenience and uncertainty created.” The number of Coles customers impacted has not been disclosed.
Ransomware Roundup – Kadavro Vector Ransomware (Fortinet Blog) FortiGuard Labs covers the Kadavro Vector ransomware that encrypts files and demands a ransom in Monero (XMR) cryptocurrency for file decryption. Learn more.…
Stanford: Personal information stolen in health care data breach (The Mercury News) The compromised data included subscriber and dependent names, but no Social Security numbers, officials said.
Tasmania: 150,000 individuals and businesses affected by Clop ransomware group (Record) The Australian state's government has “proactively reached out by phone to those identified as vulnerable to ensure they have the supports in place," a top official said.
Supermarket giant's credit card customers caught up in massive cyber hack (Breaking Australian and World News Headlines - 9News) Shoppers who applied for a credit card from Coles more than five years ago have been caught up in the large...
IRCTC warns users against ‘fake’ Android app, phishing scam: Report (Hindustan Times) IRCTC has warned its users about a malicious Android application called "irctcconnect.apk."
NatWest warns customers over new email scam (InYourArea.co.uk) Customers are advised to be cautious and vigilant when receiving emails, especially those that require them to share personal information
Rheinmetall suffers cyber attack, military business unaffected, spokesperson says (Reuters) Rheinmetall , suffered a cyber attack to the division of its business dealing with industrial customers, mostly in the automotive sector, the company said on Friday, adding its military division was unaffected.