Issue #45 - May 15, 2023
- Weekly INK
- May 15, 2023
- 2 min read
Corvus Risk Insights Index Q2 2023
Source: Corvus Insurance
In Spring 2023 we find ourselves at an interlude in the story of cybercrime. What is the prevailing theme of this chapter? It’s not as easy to spot as it has been in the past.
Link to study
Coalition 2023 Cyber Claims Report
Source: Coalition
Cyber attacks continue to dominate headlines and the threat landscape is constantly evolving. As part of Coalition’s commitment to protecting businesses, we invite you to read our latest insights on trends and critical risks that impact organizations of all sizes in our Coalition 2023 Cyber Claims Report.
Link to study
4 State AGs Punch EyeMed With $2.5 M Fine for 2020 Breach
Source: Data Breach Today
The attorneys general of four states levied a $2.5 million fine on vision care provider EyeMed to settle an investigation into a 2020 email phishing incident that exposed the personal data of 2.1 million individuals in the United States.
Infamous cybercrime marketplace offers pre-order service for stolen credentials
Source: Help Net Security
Infostealer malware, which consist of code that infects devices without the user’s knowledge and steals data, remains widely available to buy through underground forums and marketplaces, with the volume of logs, or collections of stolen data, available for sale increasing at alarming rates, according to Secureworks.
FTC Fines Fertility App Vendor, Bars It From Data Sharing
Source: Data Breach Today
The developer of fertility logging app Premom agreed it shouldn't share user information with advertisers under an agreement with the U.S. Federal Trade Commission. App maker Easy Healthcare must also pay $100,000 and ask the advertising and analytics companies that received user information to delete the data.
New RA Group ransomware targets U.S. orgs in double-extortion attacks
Source: Bleeping Computer
A new ransomware group named 'RA Group' is targeting pharmaceutical, insurance, wealth management, and manufacturing firms in the United States and South Korea. The new ransomware operation started in April 2023, when they launched a data leak site on the dark web to publish victims' details and stolen data, engaging in the typical 'double-extortion' tactic used by most ransomware gangs.
NextGen Facing a Dozen Lawsuits So Far Following Breach
Source: Data Breach Today
Cloud-based electronic health records vendor NextGen Healthcare is facing a dozen proposed class action lawsuits filed during the last week in the same Georgia federal court following the company's disclosure this month of a data breach affecting 1 million individuals.