Breach

North American airport retail company Paradies Shops has agreed to pay $6.9 million to resolve a class-action lawsuit alleging its negligence in a 2020 REvil ransomware attack that compromised 76,000 current and former employees' personal data, according to The Record, a news site by cybersecurity firm Recorded Future.

Ahold Delhaize USA which owns leading supermarket brands Hannaford, Stop & Shop, Giant Food, and Food Lion has confirmed having its data compromised in a November cyberattack after the INC ransomware operation claimed that the incident led to the theft of 6 TB of information, reports The Record, a news site by cybersecurity firm Recorded Future.

Dark web carding market BidenCash has exposed 910,380 stolen credit card details on the XSS cybercrime forum in a bid to tout their "anti-public system" mechanism that ensures the absence of already-circulated cards from the marketplace, Hackread reports.

SecurityWeek reports that the Oregon Department of Environmental Quality had more than 2.5 TB of data claimed to have been compromised by the Rhysida ransomware operation in an attack last week following the agency's assertion that none of its data had been impacted by the incident.

Organizations have been warned by the Cybersecurity and Infrastructure Security Agency regarding the threat of credential exposure stemming from the compromise of a legacy Oracle cloud environment, which the company has only reported to clients in private, reports The Record, a news site by cybersecurity firm Recorded Future.

New York-based infusion center operations management software firm Endue Software and Illinois-based private ambulance service provider Medical Express Ambulance have confirmed being impacted by separate cyberattacks that cumulatively affected more than 236,000 individuals, according to Cybernews.

SecurityWeek reports that Texas-based third-party insurance administrator Landmark Admin and Georgia-based software solutions provider Young Consulting have updated their respective breach filings with the Office of the Maine Attorney General to indicate that more individuals had their information compromised than initially disclosed.