UnitedHealth’s cyberattack response costs to surpass $2.3B this year

The healthcare giant’s new estimate is roughly $1 billion higher than previous forecasts as the cyberattack on subsidiary Change Healthcare continues to hamper its profit outlook.

By Rebecca Pifer • July 17, 2024

Weak credentials behind nearly half of all cloud-based attacks, research finds

Credential mismanagement was the top initial access vector for cloud environment attacks during the first half of 2024, a Google Cloud report found.

By Matt Kapko • July 17, 2024

Ransomware leak site posts jumped 20% in Q2

Threat groups claimed attacks on 1,237 organizations during the quarter, marking an increase from Q1. U.S.-based businesses accounted for more than half of all victims, Reliaquest found.

By Matt Kapko • July 16, 2024

AutoNation warns CDK cyberattack will dent quarterly earnings

The major North American car dealership estimates the attack will lead to a $1.50 per-share earnings impact.

By David Jones • July 15, 2024

Snowflake-linked attack on Advance Auto Parts exposes 2.3 million people

One of the few customers to publicly link Snowflake to a third-party intrusion said its database was breached for 40 days. 

By Matt Kapko • July 15, 2024

Massive Snowflake-linked attack exposes data on nearly 110M AT&T customers

Attackers breached AT&T’s Snowflake environment for 11 days in April, and stole customers’ call and text message records spanning a six-month period from 2022.

By Matt Kapko • July 12, 2024

MOVEit legal liabilities, expenses pile up for Progress Software

The prospective financial hit from a widely exploited vulnerability in the file-transfer service is growing. Progress confronts lawsuits, regulator scrutiny and government investigations.

By Matt Kapko • July 10, 2024

Snowflake allows admins to enforce MFA as breach investigations conclude

Three months after an attacker targeted more than 100 customer environments, Snowflake is making it easier for existing customers to enforce MFA, but it isn’t requiring it.

By Matt Kapko • July 9, 2024

Sonic Automotive’s sales dip as CDK cyberattack causes material impact

The company reported ongoing service disruptions and said vehicle sales declined after an attack on a third-party vendor.

By Matt Kapko • July 8, 2024

HubSpot reports nearly 50 customer accounts compromised

The customer relationship management vendor said it notified all impacted customers, but it has not publicly disclosed how attackers gained unauthorized access.

By Matt Kapko • July 3, 2024

CDK eyes service restoration for all car dealers by Fourth of July

The software vendor is critical to the automotive retail supply chain. A systemwide outage following a cyberattack has impacted more than 15,000 car dealers since June 19.

By Matt Kapko • July 1, 2024

TeamViewer’s IT network breached through compromised employee credentials

The remote access software provider said the impact of the attack from Midnight Blizzard was limited to its internal network and customer environments were not affected.

By David Jones • July 1, 2024

CDK restores service for small group of car dealers

The software vendor said it will restore critical services in phases, but warned some integrations with third-party vendors might be delayed.

By Matt Kapko • June 27, 2024

CISA warns chemical facilities of potential data theft

The attack targeting the Chemical Facility Anti-Terrorism Standards program was linked to widely exploited vulnerabilities in Ivanti remote access VPNs.

By Matt Kapko • June 25, 2024

CDK cyberattack stalls industry as car dealers disclose widespread impacts

The car dealership software vendor discovered a cyberattack June 19 and has told customers it will restore systems within days.

By Matt Kapko • June 24, 2024

Ransomware victims are becoming less likely to pay up

Despite a jump in ransom demands last year, companies are plotting better defenses against attacks that can incur deep business interruption costs, Marsh said.

By Justin Bachman • June 21, 2024

MFA plays a rising role in major attacks, research finds

Poor configurations and deliberate MFA bypasses were at the center of numerous attacks in recent months, Cisco Talos found.

By David Jones • June 18, 2024

What we know about the Snowflake customer attacks

Analysts and threat hunters warn more companies are confronting significant exposure from the identity-based attacks, and damages are spreading.

By Matt Kapko • June 17, 2024

Ransomware attacks hit manufacturing hard in 2023

The sector was among the top industries to pay ransom demands. The average payment increased 88% to almost $2.4 million last year, Sophos found.

By Matt Kapko • June 14, 2024

Ascension says cyberattack may have compromised protected health data

Hackers gained access to the nonprofit’s systems early last month after a worker accidentally downloaded a malicious file, Ascension said.

By Emily Olsen • June 14, 2024

Los Angeles schools investigating claims of data for sale on dark web

The alleged incident is raising questions as to whether there’s been a more recent data breach in the district since September 2022.

By Anna Merod • June 14, 2024

Snowflake-linked attacks are testing the cloud’s shared responsibility status quo

Assigning responsibility for missing security controls is tricky. The burden is collective but cloud providers need to raise minimum standards, experts say.

By Matt Kapko • June 13, 2024

Pure Storage comes forward as an early victim of Snowflake-linked attacks

The data storage vendor said information exposed by the attack can’t be used to gain access to customer systems.

By Matt Kapko • June 12, 2024

Clorox to restart ERP upgrade as it looks past August cyberattack

With the company out of recovery mode, teams are looking to advance on digital transformation projects. 

By Lindsey Wilkinson • June 11, 2024

100 Snowflake customers attacked, data stolen for extortion

A financially-motivated attacker used stolen credentials to systematically compromise customer accounts, steal a significant volume of data and extort victims, Mandiant said.

By Matt Kapko • June 10, 2024