DataBreachToday.com

Chaos Theory and Ransomware's Love Child Serves Up Nonstop Unpredictability
All is not quiet on the ransomware front. Long the province of Russian criminals, numerous ransomware campaigns now trace to reckless Western teenagers operating under the banner of Scattered Lapsus$ Hunters who wield not just technical and trickster chops, but also a chaos and unpredictability.

Among pressing issues facing healthcare providers and health IT vendors is how artificial intelligence enabled tools such as AI assistants might further facilitate patients' access to records as well as the transmission of records themselves, said attorney Alisa Chestler of law firm Baker Donelson.

Breach Notification Service Details Peer-to-Peer Lending Marketplace Victim Count
Hackers appear to have stolen personal information pertaining to more than 17 million individuals from peer-to-peer lending marketplace Prosper, including Social Security numbers, contact information and some income and financial details, says the Have I Been Pwned breach notification service.

Attacks Move From China to Malaysia Using Phishing PDFs
Seemingly unrelated attacks targeting Chinese-speakers throughout the Asia-Pacific region with a remote access trojan trace back to the same threat actor, says researchers. Hackers' most likely motivation is regional intelligence collection.

Concerns Grow Over F5 Hacking Amid Stalled Government Shutdown
Federal officials are scrambling to contain nation-state hackers exploiting stolen source code from networking devices and software maker F5 amid staffing pressures created by the ongoing government shutdown. Stolen files reportedly include undisclosed vulnerabilities F5 had been researching.

Also: Continued Turmoil at CISA, MSSP Level Blue's Acquisition of Cybereason
In this week's panel, four ISMG editors discussed the FBI's takedown of Scattered Lapsus$ Hunters, turmoil inside CISA amid the U.S. federal government shutdown and how LevelBlue's acquisition of Cybereason signals big shifts in the XDR and MDR markets.

Swalwell: Sweeping CISA Cuts Leave Nation Vulnerable to Major Cyberattacks
A top Democratic lawmaker is demanding transparency and calling for the immediate reversal of major workforce cuts at the Cybersecurity and Infrastructure Security Agency, which is only operating with 35% of its total staff amid the ongoing government shutdown and resulting reductions-in-force.

2022 Ransomware Attack, Data Theft Affected 3.4 Million Patients
A California-based network of nine affiliated physician practices will pay nearly $50 million to settle consolidated class action litigation involving a 2022 ransomware and data theft attack that affected more than 3.4 million patients. Plaintiffs claimed their data was leaked on the darkweb.

Also, Internet-Exposed Call Center Software Under Attack and Patch Tuesday
This week: Chinese hackers exploited ArcGIS, Internet-exposed call center software under attack, October patch Tuesday, Massachusetts student sentenced for $3 million extortion hack, New York fined eight insurers $14.2M over data breaches, more than 100 VS Code extensions leak secrets.

Synthetic Identities for Superprime Borrowers Generate 3 Times Higher Fraud Losses
Auto lenders operate on a simple principle - the higher a borrower's credit score, the lower the risk. But new data from TransUnion reveals a troubling contradiction: Superprime borrowers with a credit score higher than 720 are generating three times more fraud losses than subprime borrowers.

Critical Infrastructure on the Digital Front Lines
Rural America is a long way from Taiwan. But cyber power is no respecter of geography. Should China make good on its repeated threats to reunify the island by force, the utilities that provide water and power to small towns all over the United States may find themselves on the digital front lines of a 21st century superpower war.

ISMG's Sean Mack on Aligning Strategy and Culture for Long-Term Risk Reduction
Cybercrime is accelerating while budgets stay flat. To keep pace, organizations must treat security as a strategic enabler - not an afterthought. Sean Mack of ISMG's CXO Advisory Practice outlines how aligning business goals, shifting left, and building a security culture drive better outcomes.

Also: Trader Loses $21M on Hyperliquid, Fund for Tornado Cash Dev Defense
This week, "Bitcoin Jesus" paid $50M to settle tax charges, a trader lost $21M on Hyperliquid, Ethereum Foundation and Keyring launched fund for Tornado Cash developers, India probing Binance traders, hackers' $32.5M record dump and New York City launched first mayoral blockchain office.

State, Criminal Hackers Use Blockchain Technique to Evade Takedowns
Google's Threat Intelligence Group found hacking groups like North Korea's UNC5342 and criminal group UNC5142 using a public blockchain technique called EtherHiding to distribute malware. The method makes attacks tougher to trace, block or dismantle.

State cybersecurity regulations that apply to some hospitals in New York state go well compliance under the federal HIPAA security rule, posing expanded data governance challenges for providers, said Matthew Bernstein of consulting firm Bernstein Data.

Capita Ignored EDR Alert for 58 Hours, Say Investigators
British outsourcing giant Capita must pay 14 million pounds to British data regulators for privacy violations tied to a 2023 hack that impacted 6 million individuals. An EDR system caught the malicious file within 10 minutes but the company didn't respond to the alert until 58 hours later.

Risk Scoring to Enable Real-Time Action by Imprivata on Suspicious Access Attempts
Imprivata's acquisition of Verosint adds 150 real-time behavioral and environmental signals to its access management suite. CEO Fran Rosch says the combined risk scoring system will enable smarter authentication, especially for remote and third-party users.

Symantec Says It Spotted Likely Supply Chain Hack
Suspected Chinese state-linked hackers reportedly breached a Russian IT service provider in an espionage campaign targeting government-related networks. Symantec uncovered Chinese hackers they named Jewelbug, infiltrating a Russian company between January and May.