Halliburton Reports $35 Million Loss Due to Ransomware Attack
Halliburton has disclosed that a ransomware attack in August led to a $35 million loss, forcing the company to shut down IT systems and disconnect clients. As a global energy industry leader, Halliburton operates in 70 countries, employs 48,000 people, and reported over $23 billion in revenue.
In an SEC filing dated August 23, 2024, Halliburton revealed that an unauthorized third party accessed its systems. The breach prompted the company to deactivate parts of its IT infrastructure, causing limited operational disruptions and client disconnections. Days later, the RansomHub ransomware group claimed responsibility. A subsequent SEC Form 8-K filing confirmed the theft of company data. If the stolen data is leaked or sold, Halliburton could face additional costs from legal actions.
Data Breach Exposes Personal Information of 300,000 Patients
A significant data breach at Thompson Coburn LLP has compromised the personal information of over 300,000 patients of Presbyterian Healthcare Services (PHS). A class-action lawsuit was filed on November 12 in Illinois federal court, accusing both parties of inadequate cybersecurity.
The breach, occurring between May 28 and May 29, 2024, exposed names, Social Security numbers, dates of birth, medical records, and more. Plaintiffs allege negligence in safeguarding sensitive information despite the increasing threat of healthcare-related data breaches.
Thompson Coburn LLP issued a notice, confirming no evidence of identity theft but providing free credit monitoring and identity theft protection for those impacted.
E-Skimming Attack Compromises Data of 200,000 SelectBlinds Customers
SelectBlinds, an Arizona-based retailer, disclosed a data breach affecting 206,238 customers due to an e-skimming attack lasting nine months. The breach exposed names, emails, addresses, payment card details, and, for logged-in users, account credentials.
Investigators attributed the attack to Magecart-style e-skimming, where cybercriminals secretly injected malicious code into the website’s checkout page, capturing customer data in real-time. The attack went undetected until September 28, 2024.
E-skimming attacks are particularly effective because they capture unencrypted data during transactions, making them lucrative and hard to detect.
Set Forth Data Breach Affects 1.5 Million Individuals
Set Forth, an American debt services firm, confirmed a May 2023 data breach affecting 1.5 million customers. Sensitive information, including names, addresses, birth dates, and Social Security numbers, was stolen.
After identifying suspicious activity on May 21, 2024, Set Forth engaged forensic experts to investigate. To mitigate future incidents, the company implemented enhanced security measures and offered affected individuals one year of free identity theft protection.
FBI Issues Warning Over Emergency Data Request Email Scams
The FBI has warned email users about scams involving fraudulent emergency data requests, leveraging compromised U.S. and foreign government email credentials. Cybercriminals use these credentials to impersonate law enforcement officers, bypassing security reviews to access sensitive information.
This sophisticated phishing method has evolved since 2023, with attackers now offering stolen government email credentials and subpoena documents for sale on dark web forums. Such attacks are used as entry points for espionage, ransomware, and data extortion.
Hackers Exploit DocuSign API for Fake Invoice Scams
Attackers are exploiting DocuSign's API to deliver fake invoices that bypass traditional security measures. By leveraging legitimate DocuSign accounts, scammers craft invoices that appear authentic, exploiting the platform’s trusted reputation.
This method avoids malicious links or attachments, using DocuSign’s API to create credible-looking payment requests. The approach takes advantage of brand trust and familiarity, making recipients more likely to comply with fraudulent payment instructions.
Interpol’s Operation Synergia II Disrupts Global Cybercrime Network
A joint effort by Interpol and international agencies dismantled a global cybercrime network involved in phishing, ransomware, and malware operations. Dubbed Operation Synergia II, the initiative targeted 22,800 suspicious IPs, seized 59 servers, and arrested 41 individuals across 95 countries, with 65 suspects under investigation.
The operation, supported by threat intelligence firm Group-IB, disrupted malicious infrastructure spread across over 200 web hosting providers. The effort prevented potential cybercrimes and protected countless individuals worldwide.
