DataBreachToday.com

Also: The Treasury Department Lifts Tornado Cash Sanctions
This week, Abracadabra hack, updates on Tornado Cash and Bybit, $7M scam money recovery, man faces prison for stabbing crypto CEO, movie director charged for swindle, Ripple-SEC case wrap-up, Grinex is the new Garantex, Gotbit plea deal, Coinbase in supply chain hack and Binance insider risk threat.

UK ICO Says Advanced's Security Measures 'Fell Seriously Short'
A British IT service company must pay a 3.07 million pound fine for a 2022 ransomware hack that exposed medical records of tens of thousands of National Health Service patients. Hackers breached the Advanced system through a user account that did not have multifactor authentication in place.

Takeaways From CS4CA USA: OT Security Must Bridge IT, Operations Gap
At the CS4CA USA Summit in Houston this week, the common refrain heard from practitioners was protecting the demands of industrial environments more than traditional IT know-how. It requires a hybrid expertise, one that speaks both the language of data packets and programmable logic controllers.

While recent draft guidance from the Food and Drug Administration on artificial intelligence-enabled medical devices is non-binding, the document signals that the agency is intensifying its regulatory scrutiny of these technologies, said Dr. Scott Schell of IT consulting firm Cognizant.

Credit Washing, Synthetic ID Fraud and Bust-Out Fraud Are Among the Usual Suspects
Auto lenders are grappling with a surge in complex fraud schemes that are not only increasing in volume but also exploiting systemic blind spots. From coordinated bust-out rings to fake dealership websites, fraudsters are expanding their playbooks with bold new tactics.

Highly Targeted Ransomware Hit Traced to Long-Running Cyberespionage Group
A stealthy group of mercenary hackers active since 2018 appears to have diversified into hitting hypervisors with ransomware via highly targeted attacks. Researchers said they tracked the hit to a corporate espionage team tracked as RedCurl.

Benchmark Results From Google Show Gemini 2.5 Outperforming Rivals
Google introduced on Tuesday its "most intelligent" AI reasoning model yet, designed to pause and "think" before responding. The model ships with a 1 million-token context window, capable of processing about 750,000 words in a single input - more than the entire Lord of the Rings series.

Cybersecurity Firm Finds Rash of Apps Coded With Microsoft .NET MAUI
Cybercriminals are using a Microsoft cross-platform app development framework to create Android malware that bypasses security measures, evades detection and steals user data. Malicious apps spotted by McAfee researchers aren't traditional Android malware.

'Encryption Can't Protect You From Stupid,' Says Leading Cryptographer
We're all human. Who among us hasn't lost a thumb drive or added a journalist to a consumer-grade encrypted app group chat devoted to White House war planning and military operations? Still, some accidental data breaches pose a bigger risk than others.

ARC-AGI-2 Measures AI's Ability to Problem Solve With Fewer Resources
A new benchmark to evaluate artificial general intelligence has leading artificial intelligence models stumped. The Arc Prize Foundation's ARC-AGI-2 test presents puzzle-like challenges that require AI models to analyze visual patterns from multicolored square grids and generate solutions.

'Weaver Ant' Used Web Shell Tunneling and Hacked Routers to Evade Detection
An apparently Chinese cyberespionage operation lurked inside the network of an Asian telecom for four years, camouflaging its presence through nested encryption and lightweight web shells. Chinese hackers have been uncovered on the inside of telecom networks spanning the globe.

Settlement Is 5th HIPAA Enforcement Action Under HHS's OCR Risk Analysis Initiative
An Illinois-based firm that provides fitness and wellness plans to clients throughout the U.S. has agreed to pay federal regulators a settlement of nearly $228,000 and implement a corrective action plan following an IT misconfiguration incident that caused several breaches in 2018 and 2019.

Audits Focus on HIPAA Security Rule Provisions Related to Ransomware, Hacking
Federal regulators have quietly resumed compliance audits of HIPAA-regulated organizations. With the surge in ransomware and other hacks reported in recent years, the focus of the audits are on provisions of the HIPAA Security Rule most relevant to these attacks, said a government official.

Large Health Data Breach Started With Phishing Lure in Employees' Email
Tennessee-based Numotion, one of the largest U.S. providers of wheelchairs and other health-related mobility products is notifying nearly 500,000 people of a 2024 email hacking incident that potentially compromised their personal and health-related information.

Cunningham and Daniel Warn That Poor Leadership, Cuts Are Hurting US Cyber Posture
In the latest "Proof of Concept," Michael Daniel of the Cyber Threat Alliance and former Forrester analyst Chase Cunningham joined editors from Information Security Media Group to examine how fractured leadership, shifting responsibilities and declining federal support are eroding U.S. cyber defenses.

Cooperation Deal With Jana Expands Rapid7 Board to 11, Tightens Governance Controls
Rapid7 struck a truce with Jana Partners, agreeing to hand the activist investor three board seats in exchange for cooperation until early next year. The deal will boost Rapid7's board size from eight to 11, adding former Forescout CEO Wael Mohamed and former Imperva and Gigamon CFO Michael Burns.

California Alerting Consumers to Delete Data, Samples Shared With Firm
Genetics testing firm 23andMe has filed for Chapter 11 bankruptcy protection and says it is looking to sell the company. But what does that potentially mean for the firm's trove of highly sensitive health and ancestry information pertaining to millions of consumers?

What Do You Mean, Hospital-Targeting Sociopath Ransomware Wielders Continue to Lie?
A ransomware group reusing the Babuk ransomware brand claims to have stolen data from the likes of Amazon, Delta and US Bank. Just one problem: Security experts found a startling overlap between its claimed victims and previous attacks scored by the likes of Clop, LockBit and RansomHub.

Supposed Taiwanese State Hackers Unmasked by China's Ministry of State Security
Nothing beats messing with your adversaries' heads than taking a page from their psychological operations playbook. Witness China's Ministry of State Security unmasking four Taiwanese government hackers in a move borrowed from the U.S. government's playbook.