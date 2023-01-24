ContributorsPublishersAdvertisers
T-Mobile Data Breach Exposed Personal Data of 37 Million Customers

Image source: Getty Images T-Mobile announced that a bad actor obtained personal data on approximately 37 million of its postpaid and prepaid customers in a recent SEC filing. The cybercriminal first retrieved data starting on or around Nov. 25, 2022. T-Mobile identified the data breach on Jan. 5, 2023. Stolen customer data includes:NamesBilling addressesEmail addressesDates of birthT-Mobile account numbersPlan information, such as number of lines on accounts and plan featuresMany of the exposed accounts didn't include full data sets. The data breach also didn't include any payment card information, Social Security numbers, tax IDs, passwords, or financial account information.T-Mobile said in...
FBI Confirms North Korean Group 'Lazarus' Responsible For $100M Harmony Hack

The Federal Bureau of Investigation on Monday confirmed that North Korean cybercrime group "Lazarus Group" is responsible for last year's massive $100 million breach of Harmony Protocol. What Happened: According to a press release by FBI, six months after the initial heist, over $60 million worth of stolen Ethereum ETH/USD...
Feds announce massive takedown of fraudulent nursing diploma scheme

A massive, coordinated scheme to sell false and fraudulent nursing degree credentials has been brought down by a joint federal law enforcement operation, Justice Department officials announced Wednesday. Officials said the scheme involved peddling bogus, forged diplomas and transcripts from what had been accredited schools to aspiring nurses in order...
Hackers used legitimate remote help-desk tools to scam multiple US federal agencies

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) issued a joint warning that threat actors (TA) are ramping up a hacking/phishing campaign employing legitimate remote monitoring and management (RMM) software. The CISA notes that it has discovered multiple attacks within federal civilian executive branch (FCEB) networks.
US government estimates $60 billion in unemployment fraud claims during pandemic

More than $878 billion in unemployment insurance was paid out from March 2020 through September, but of that amount, up to $60 billion involved fraudulent claims, according to the Government Accountability Office. In a GAO report released this week, the government said that $4.3 billion of expanded unemployment has been...
FBI hacked hackers to bust $130m ransomware gang, Justice Department reveals

The FBI says it has hacked and disrupted the operations of a prolific hacking group called Hive, stopping the group from collecting $130m in ransom demands from more than 300 entities. Attorney General Merrick Garland, FBI Director Christopher Wray, and Deputy Attorney General Lisa Monaco announced the news at a triumphant press conference, with Ms Monaco telling reporters that the government “hacked the hackers.” Mr Garland has made cracking down on hacking groups and ransomware a priority for the Justice Department, with ransom attacks beginning to pose major problems to the country’s security. The hacking of Hive reportedly began...
Former Homeland Security Investigations Agent Sentenced for Theft from Agency

Sean M. Nelson, 44, of Mesa, Arizona, was sentenced last week, by United States District Judge Susan R. Bolton to two years of federal probation and ordered to pay $133,999 in restitution to the Department of Homeland Security. Nelson pleaded guilty to Theft of Government Property in October 2022 and agreed to resign from the Department of Homeland Security – Homeland Security Investigations (HSI) as part of his plea agreement with the government.
First AI-powered robot lawyer won't be used in court due to jail threats

DoNotPay will not be using its artificial intelligence to argue a legal case in a court of law next month after the startup's CEO was threatened with jail.
LastPass security breach keeps getting worse, admits parent company

After compromising LastPass, unknown hackers were able to breach the servers of other services offered by LastPass parent company GoTo. A new message from the CEO explains the true extent of the security incident but offers no actual remediation to its customers.
