InfoSec News Nuggets 1/29/2024

Akira ransomware gang says it stole passport scans from Lush in 110 GB data heist  The Akira ransomware gang is claiming responsiblity for the "cybersecurity incident" at British bath bomb merchant. Akira says it has stolen 110 GB of data from the UK-headquartered global cosmetics giant, which has more than 900 stores worldwide, allegedly including "a lot of personal documents" such as passport scans. Passport scans are routinely collected to verify identities during the course of the hiring process,…
Read More

InfoSec News Nuggets 12/02/2022

Medibank hackers announce ‘case closed’ and dump huge data file on dark web The cybercriminals behind the Medibank cyber-attack have posted on the dark web what appears to be the remainder of the customer data they took from the health insurer, stating it is “case closed” for the hack. On Thursday morning, the blog – which returned online after several days of being offline last week – posted “Happy Cyber Security Day!!! Added folder full.…
Read More

InfoSec News Nuggets 11/09/2022

Medibank confirms ransomware attack impacting 9.7M customers, but doesn’t pay the ransom Medibank is one of the largest Australian private health insurance providers with approximately 3.9 million customers. The health insurer believes the attackers have not accessed credit card and banking details, and primary identity documents, such as drivers’ licenses, because it doesn’t collect them except in exceptional circumstances. The company discovered the ransomware attack on October 12 it also announced that no ransom payment will…
Read More