September 23, 2020: Ransomware Attack Disrupts Tyler Technologies’ Operations.
Leading government technology services provider Tyler Technologies has suffered a ransomware attack that has disrupted its operations.
Bleepingcomputer reports that local government employees were told by MISAC (Municipal Information Systems Ass.) that Tyler Technologies suffered a ransomware attack affecting their phone ticketing system and support systems.
July 30, 2020: Konica Minolta hit by RansomEXX
Business technology giant Konica Minolta was hit with a ransomware attack at the end of July. It started with customers reporting that the company's product supply and support site was not accessible. The attack impacted services for almost a week. Some Konica Minolta printers were also displaying a 'Service Notification Failed' error.
BleepingComputer reported a source shared a copy of the ransom note used in the attack and reported devices in the company were encrypted. The ransom note belongs to RansomEXX.
August 2, 2022: RansomEXX Claims Attack on Taiwanese Computer Manufacturer
Taiwanese motherboard maker Gigabyte has been hit by the RansomEXX ransomware gang. The ransomware gang threaten to publish 112GB of stolen data unless a ransom is paid. The attack forced the company to shut down systems in Taiwan. The incident also affected multiple websites of the company, including its support site and portions of the Taiwanese website.
September 10, 2022: Ransomware Attack on ForceNet Communication Platform used by Australian Military
Hackers attacked ForceNet's communications platform used by Australian military personnel and defense staff. The ForceNet service is run by Dialog Information Technology. The Australian Dept. of Veteran Affairs' website states: "Defence has announced that it has been informed that an external ICT service provider which facilitates ForceNet has been subject to a ransomware attack. ForceNet is a Defence e-communications platform used to connect registered users within secure online communities. To be clear, this is not an attack on Defence ICT"
ITWire in Australia reports on 31 October that Dialog was hit by an attack which used the Agenda ransomware that runs only on Windows. The group behind the attack, Qilin, announced it on the dark web on 19 September.
This is the 9th attack in little over a month, affecting Australia's biggest companies, likely exposing the details of millions of customers.
October 20, 2022: Michigan IT Service Provider Victim of Ransomware Attack
A ransomware attack took place recently against the Midland Information Technology Consortium (MiTCON). Midland Police Department, along with other law enforcement agencies, is conducting an investigation. The attack affected its clients' internet and email services as well as phone lines. The MiTCON team quickly contained the threat and has been working diligently to bring back services for its clients.
March 19, 2020: Samsung Data Breach
Samsung admitted what it calls a "small number" of users could indeed read other people's personal data following an unexplained Find my Mobile notification.
Users said they found strangers' personal data displayed to them. Find My Mobile is a Samsung app that comes pre-loaded with its Android devices and can only be disabled, not uninstalled. The only way to uninstall Samsung apps is to wipe the operating system completely and install a different ROM.
The company has admitted a data security breach did occur.
A company spokeswoman said, "A technical error resulted in a small number of users being able to access the details of another user. As soon as we became of aware of the incident, we removed the ability to log in to the store on our website until the issue was fixed."
July 28, 2022: Samsung Hit in Cyberattack, Again
For the second time this year in a span of less than six months, electronics giant South Korea-based Samsung, suffered a data breach this past July, but the company did not discover it until early August.
After discovery, the company found the attackers stole personal data from customers.
“At Samsung, security is a top priority,” the company said in an advisory it posted September 2 almost a month after discovering the incident. “We recently discovered a cybersecurity incident that affected some customer information.
“In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems. On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected. We have taken actions to secure the affected systems, and have engaged a leading outside cybersecurity firm and are coordinating with law enforcement."
This was the second attack against Samsun this year and third since 2020.
June 12, 2022: Over 2,5 Million Individuals Impacted by System Breach at Federal Student Loan Services Provider.
Data for over 2.5 million individuals with student loans from Oklahoma Student Loan Authority (OSLA) and EdFinancial was exposed after hackers breached the systems of technology services provider Nelnet Servicing. Sometime in June, unidentified intruders compromised Nelnet Servicing and stayed on its systems until July 22. The hackers compromised the company's network likely after exploiting a vulnerability. EdFinancial underlines that not all its clients are hosted by Nelnet Servicing. Due to the seriousness of this incident, law firm "Markovits, Stock & DeMarco" launched an investigation on the potential of a class action lawsuit.
One of the largest library services in Germany, EKZ Bibliotheksservice, has been impacted by a ransomware attack. The attack has left book lovers unable to rent and borrow eBooks, audio books, and electronic magazines. Onleihe, a popular online app that connects users via EKZ's service to their local libraries, reported that its copy-protected eBooks had been deleted. Bleepingcomputer reported that the LockBit ransomware group has claimed responsibility. LockBit released 100% of the data, according to Bleepingcomputer, indicating EKZ will not pay the ransom and is likely restoring from backups,
August 4, 2022: Twilio Suffers Data Breach
Cloud communications company Twilio says some of its customers' data was accessed by attackers who breached internal systems after stealing employee credentials in an SMS phishing attack.
"On August 4, 2022, Twilio became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials," Twilio said in an advisory.
"The attackers then used the stolen credentials to gain access to some of our internal systems, where they were able to access certain customer data."
The company also revealed the attackers gained access to its systems after tricking and stealing credentials from multiple employees targeted in the phishing incident.