Infiltration of the company's information systems, including its email platform, enabled the misdirection of vendor payments, said NioCorp in a filing with the Securities and Exchange Commission.
Additional details regarding the nature of the incident — which also resulted in the takedown of the firm's MyGenea app for cycle tracking and fertility data viewing — and the types of information that may have been compromised have not been provided.
Infiltration of an internal secure file platform between Oct. 31 and Nov. 8 enabled the threat actor to pilfer a limited number of individuals' names and financial account details, said Finastra in its notification letter given to the Massachusetts Office of Consumer Affairs and Business Regulation.
Insight Partners disclosed immediately acting to contain and remediate the breach of some of its systems upon its discovery on Jan. 16, adding that an investigation has revealed no evidence suggesting persistent access to the impacted systems while dismissing the occurrence of further disruptions as a result of the incident.
Aside from impacting printed publication distribution, such an intrusion — which was not acknowledged as a ransomware attack — also interrupted billing, collections, and vendor payments, while temporarily limiting online operations, according to Lee Enterprises' filing with the Securities and Exchange Commission.
Major Lithuanian food manufacturer UAB Vičiūnų grupė had numerous of its websites breached and infected with malicious code that could facilitate system data exfiltration from and further payload deployment on website visitors' computers.
Infiltration of Zacks' active directory as domain admin enabled the theft of source code belonging to the company's primary website and 16 others, according to the threat actor, who has been peddling the exfiltrated account information, including full names, usernames, physical and email addresses, and phone numbers, for a small amount of cryptocurrency.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
