CISA orders federal agencies to fix hundreds of exploited security flaws
US sanctions NSO Group and three others for spyware and exploit sales
Some Windows 11 apps are broken due to expired certificate
BlackMatter ransomware claims to be shutting down due to police pressure
US targets DarkSide ransomware, rebrands with $10 million reward
CISA urges vendors to patch BrakTooth bugs after exploits release
Phishing emails deliver spooky zombie-themed MirCop ransomware
Popular ‘coa’ NPM library hijacked to steal user passwords
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
UK Labour Party discloses data breach after ransomware attack
The U.K. Labour Party notified members that some of their information was impacted in a data breach after a ransomware attack hit a supplier managing the party’s data.
The data breach was announced in a data breach notification published on the party’s website after informing relevant authorities about the incident.
“On 29 October 2021, we were informed of the cyber incident by the third party. The third party told us that the incident had resulted in a significant quantity of Party data being rendered inaccessible on their systems,” the breach notice reads.
“As soon as the Party was notified of these matters, we engaged third-party experts and the incident was immediately reported to the relevant authorities, including the National Crime Agency (NCA), National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO).”
Data involved in the incident includes information provided by members, registered and affiliated supporters, and others who have provided their info to the Party.
The incident is still being investigated, and the full scope and impact of the data breach are yet unknown.
The Labour Party advises members potentially affected by this incident to be vigilant when answering suspicious emails, phone calls, or text messages, as well as enable two-factor authentication (2FA) where possible to protect their online accounts.
While the U.K. party did not disclose the nature of the incident, sources close to the investigation told Sky News that the attack involved ransomware being deployed on the third-party supplier’s systems containing Labour Party data.
The Party takes the security of all personal information for which it is responsible very seriously. It is doing everything within its power to investigate and address this incident in close liaison with law enforcement, the Information Commissioner’s Office, and the affected third party. – Labour Party
The Labour Party disclosed another data breach following a similar incident last year, in July, after leading cloud software provider Blackbaud and of the party’s suppliers was hit by a ransomware attack in May 2020 and disclosed on July 16.
As the party revealed at the time, the breach included members’ names, email addresses, phone numbers, and amounts donated.
While the party said immediately after the breach that no sensitive data like bank account information, passwords, or usernames were exposed, Blackbaud’s forensic investigation revealed that the threat actors had access to unencrypted banking info, credentials, and SSNs.
“After July 16, further forensic investigation found that for some of the notified customers, the cybercriminal may have accessed some unencrypted fields intended for bank account information, social security numbers, usernames and/or passwords,” Blackbaud said in an 8-K filing with the U.S. Securities and Exchange Commission (SEC).
Other organizations impacted by the Blackbaud ransomware attack include charities, non-profits, foundations, and universities from the United States, Canada, the United Kingdom, and the Netherlands.
Accenture confirms data breach after August ransomware attack
Trucking giant Forward Air reports ransomware data breach
Second farming cooperative shut down by ransomware this week
US targets DarkSide ransomware, rebrands with $10 million reward
Phishing emails deliver spooky zombie-themed MirCop ransomware
Not a member yet? Register Now
Microsoft 365 outage blocks access to OneDrive, SharePoint files
Microsoft announces new endpoint security solution for SMBs
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

You May Also Like

Fake support agents call victims to install Android banking malware

FBI: Cuba ransomware breached 49 US critical infrastructure orgsResearchers discover 14 new…

WhatsApp adds default disappearing messages for new chats

Convincing Microsoft phishing uses fake Office 365 spam alertsMicrosoft reverses Windows 11’s…

US State Dept employees’ phones hacked using NSO spyware

FBI: Cuba ransomware breached 49 US critical infrastructure orgsResearchers discover 14 new…

Telnyx is the latest VoIP provider hit with DDoS attacks

HPE says hackers breached Aruba Central using stolen access keyFBI warns of…