Casio Data Breach Ransomware Attack Compromised 8,500 Individuals
A ransomware attack on Casio in October 2024 compromised personal data of approximately 8,500 individuals, including SSNs and medical records. The breach was initiated through phishing tactics, leading to unauthorized access to sensitive databases. Casio confirmed no customer credit card data was affected, as the relevant databases remained untouched. The company declined to negotiate with the attackers and is notifying affected individuals. An ongoing investigation aims to assess the full extent of the breach. Read more
Green Bay Packers Data Breached NFL Team Packers Pro Shop
The Green Bay Packers confirmed that a data breach exposed customer information from their Pro Shop website. Malicious code was injected into the site, affecting data submitted during transactions. The breach, detected in late October 2024, likely occurred between September 23rd-24th and October 3rd-23rd. Compromised data includes names, addresses, and credit card details, while transactions via gift cards or PayPal were unaffected. The Packers are investigating the incident with cybersecurity experts. Read more
Rivers Casino Data Breach Follows Class-Action Lawsuits
Rivers Casino Philadelphia experienced a data breach affecting customer and employee information, discovered around November 18, 2024. An unauthorized actor accessed sensitive files, potentially compromising SSNs and bank account details. Following the breach, at least three law firms filed class-action lawsuits, demanding accountability and seeking damages. The casino has begun mailing letters to potentially impacted individuals but has provided limited information, leading to public frustration. An investigation into the breach is ongoing. Read more
PowerSchool Hack Exposes Sensitive Data of Students and Teachers in K-12 Districts
A significant breach at PowerSchool exposed sensitive data of students and teachers across K-12 districts, discovered on December 28, 2024. Attackers accessed the system via compromised credentials on PowerSource, exporting data into CSV files. Exposed information includes SSNs, medical records, and personal details of millions. PowerSchool engaged CrowdStrike for investigation and is offering credit monitoring services to affected individuals. Read more
PLAYFULGHOST Malware: Exploiting Phishing, SEO Poisoning, and Trojanized VPNs
PLAYFULGHOST malware employs phishing, SEO poisoning, and trojanized VPN apps to steal data. Discovered by Google and Mandiant, it uses malicious RAR archives disguised as image files for infections. The malware features keylogging, screen capture, and remote access, with links to known tools like Gh0st RAT. Its distribution includes manipulating search results to promote malware-laden downloads. Read more
Top 15 Cyberattacks of 2024: The Worst Incidents for Enterprise
The blog highlights the top 15 cyberattacks of 2024, showcasing the evolving threat landscape facing enterprises. Key incidents include the “Mother of All Breaches,” compromising over 26 billion records, and the Ticketmaster breach affecting 560 million customer records. The analysis emphasizes the importance of robust security measures, including multi-factor authentication and comprehensive data loss prevention strategies. Understanding these incidents is crucial for enhancing cybersecurity protocols. Stay informed and protect your enterprise by reading the full analysis! Read more
