Infiltration of a single user's email in a phishing attack between May 8 and May 9 allowed threat actors to compromise individuals' names, addresses, Social Security numbers, contact information, financial account details, health information, passports, and driver's licenses.
Numerous servers belonging to Kurita America have been compromised with ransomware beginning Nov. 29, resulting in the exfiltration of data belonging to its customers, employees, and business partners, according to a statement from the company, which noted the restoration of affected servers and the persistence of operations amid the intrusion.
Attackers were also able to exfiltrate and encrypt certain files as a result of the systems breach, said Artivion in a filing with the Securities and Exchange Commission, which noted that efforts to recover systems that have been shut down following the intrusion have been underway as it continues its operations.
Users of the MyAtriumHealth patient portal, formerly MyCarolinas, between January 2015 and July 2019 may have had their names, home and email addresses, phone numbers, treatment or provider details, IPs, and browser cookies exposed to Meta, Google, and other third-party vendors.
Information allegedly exfiltrated by 8Base included invoices, receipts, personal and confidential data, accounting documents, employment contracts, confidential agreements, certificates, and other sensitive details.
Termite — which has already compromised seven victims, two of which are in the U.S. — was regarded by Cyble researchers to be a Babuk ransomware rebrand due to significant similarities between both strains' ransomware binaries.
