We bring to your attention a sampling of recent media stories involving cyber risk & privacy liability. Among the stories we’re highlighting this month: Dick’s Sporting Goods Confirms Data Breach, Cyberattacks on U.S. Courts, Suspected Cyber-Attack Causes Travel Chaos at Seattle Airport, UK Trio Pleads Guilty to Operating $10M MFA Bypass Biz, and more.

Recent Cyber Incidents

Halliburton Confirms the Recent RansomHub Cyberattack Resulted in Data Exfiltration
American Halliburton oilfield services giant disclosed that a data breach in August led to unauthorized access and removal of information from its systems. Click to read entire article.

Dick’s Sporting Goods Confirms Data Breach
Dick’s Sporting Goods disclosed to the U.S. Securities and Exchange Commission (SEC) that it suffered a data breach. The sporting good retailer says the breach exposed confidential information. Click to read entire article.

Want to Freeze Your Credit After the National Public Data Breach? Here’s How
Freezing your credit stops identity thieves from opening new accounts in your name. Click to read entire article.

Privacy

Clearview AI Faces $45.6M Fine in the Netherlands for “Illegal Database” of Faces
The Dutch data protection watchdog issued facial recognition startup Clearview AI with a fine of 30.5 million euros ($45.6 million Cdn) over its creation of what the agency called an “illegal database” of billions of photos of faces. Click to read entire article.

Capital One Class Action Alleges It Shares Data With Meta, Google
A new Capital One class action lawsuit alleges that the financial institution shares personal customer information with Meta, Google, Microsoft and other third parties without their consent. Click to read entire article.

Healthcare

Medical Insurance Info of 954K Affected by Vendor Data Breach
A software vendor data breach at Young Consulting affected covered entities and potentially compromised the medical insurance information of more than 950,000 individuals. Click to read entire article.

Radiology IT Vendor Hack Hits 4 Practices, 411,000 People
A vendor that provides information systems and transcription services to radiology practices is alerting 411,037 people of a hack discovered last December involving the theft of sensitive data. Click to read entire article.

Data Breaches Reported by Three Californian Healthcare Providers
Data breaches have recently been reported by Californian healthcare providers Vasinda’s Around the Clock Care, Baker Places, Turning Point of Central California, and Watson Clinic in Florida. Click to read entire article.

Maryland Hospital to Pay $2.25M Settlement Resolving Data Breach Suit
Berlin, Md.-based Atlantic General Hospital agreed to pay a $2.25 million settlement to resolve a data breach lawsuit stemming from a January 2023 ransomware attack against the system, according to The HIPAA Journal. Click to read entire article.

Evolving Threats

ManticoraLoader: New Loader Announced from the Developers of AresLoader
Cyble investigates ManticoraLoader, a new Malware-as-a-Service from the developers of AresLoader, with advanced obfuscation and broad compatibility. Click to read entire article.

The Malware That Must Not Be Named: Suspected Espionage Campaign Delivers “Voldemort”
Proofpoint researchers identified an unusual campaign using a novel attack chain to deliver custom malware. Click to read entire article.

Financial

Patelco Credit Union Says Breach Impacts 726K After Ransomware Gang Auctions Data
California-based Patelco Credit Union has confirmed a data breach following a ransomware attack resulted in the exposure of sensitive personal information belongs to 726K clients and employees. Click to read entire article.

Public Entities

Cyberattacks on U.S. Courts
As cyber threats grow more sophisticated, U.S. courts are increasingly targeted by cybercriminals, exposing significant vulnerabilities in judicial systems. Click to read entire article.

Toronto School Board Confirms Students’ Info Stolen as LockBit Claims Breach
The Toronto District School Board (TDSB) confirmed that the information of students was involved in a ransomware attack discovered in June. Click to read entire article.

Suspected Cyber-Attack Causes Travel Chaos at Seattle Airport
The Port of Seattle was hit by a suspected cyber-attack, heavily disrupting airport and maritime services in the city ahead of Labor Day. Click to read entire article.

International

Fota Wildlife Park Cyberattack Triggers Urgent Warning for Visitors
Ireland’s Fota Wildlife Park announced that it’s in the throes of a major cyberattack and is now warning past and present online ticket holders that their credit card account numbers were stolen and that their cards should be canceled. Click to read entire article.

UK Trio Pleads Guilty to Operating $10M MFA Bypass Biz
The group bragged they could steal one-time passwords from Apply Pay and 30+ sites. Click to read entire article.