Change Healthcare's Breach Costs Could Reach $2.5 Billion
Source: Data Breach Today
Costs tied to the February ransomware attack reached $1.98 billion as of June 30, including $1.3 billion in "direct costs," and total costs are likely to hit $2.3 billion to $2.45 billion, UHG said. Costs have included "restoring the clearinghouse platform and other response efforts," as well as "higher medical expenses directly stemming from the temporary pause of some care management activities.”
Rite Aid Says Hack Impacts 2.2M People as Ransomware Gang Threatens to Leak Data
Source: Security Week
Pharmacy chain Rite Aid has revealed that a recent data breach impacts 2.2 million people. Meanwhile, a known ransomware group is threatening to leak sensitive information stolen from the company. The incident was detected within 12 hours and the company rushed to terminate the unauthorized access.
Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks
Source: Dark Reading
New details have emerged about how an advanced persistent threat (APT) group exploited an unpatched Microsoft zero-day in a spear-phishing campaign to spread the Atlantida Stealer, which lifts system information and sensitive data such as passwords and cookies from various applications.
Disney Data Breach Fears: Hackers Threaten Leak of Unreleased Projects
Source: The Cyber Express
A hacktivist group claims to have hacked into renowned entertainment company Disney’s internal Slack channels and stolen about more than a terabyte of data. The Disney data breach was allegedly orchestrated by a group that identifies itself as “NullBulge.” According to the threat actor, it exfiltrated 1.1 TB of files and chat messages from 10,000 Slack channels, including those used by the company’s developers.
Critical Cisco bug lets hackers add root users on SEG devices
Source: Bleeping Computer
Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments.