Even during the final days of the 2024 year, hackers did not rest. Here’s this week’s cybersecurity news recap:
The US Department of Treasury announced earlier this week that some of its documents were compromised by a Chinese state-sponsored hacking group after the group took advantage of a vulnerability in the system of a third-party software provider, BeyondTrust, used by the Treasury Department.
The incident, which was discovered on December 8th, 2024, occurred after the hacking group obtained an access key from BeyondTrust and was able to access their cloud-based system, which gave them the ability to view documents belonging to the Treasury Department. Multiple offices within the Treasury Department, including the Office of Foreign Assets Control, The Office of the Treasury, and the department’s Office of Financial Research.
(–Source: CRN
Read More: Five Things To Know On The ‘Major’ US Treasury Department Hack )
Following recent headlines about telecom companies being attacked by Chinese-linked hacker group SaltTyphoon, AT&T and Verizon, two providers who were affected, have confirmed that their systems have recovered and are operating safely.
Both carriers had worked with law enforcement to mitigate the attack, but have not publicly announced the severity of the incident.
(–Source: Digital Trends on MSN
Read More: Verizon and AT&T confirm cyber attacks, assure networks are in clear )
Watsonville Community Hospital in Watsonville, CA recently announced that its systems were down for nearly two weeks at the beginning of December 2024 following a cyberattack linked to suspicious activity within its computer network.
The attack involved the unauthorized occupant accessing and copying information from certain files. The data in these files included personal information such as names, birthdates, social security number, passport number, and diagnosis information, of a small group of individuals.
(–Source: KSBW Monterey-Salinas on MSN
Read More: Watsonville hospital says data of some patients may be at risk after cyber attack )
Rivers Casino Philadelphia recently discovered that an unauthorized third party gained access to confidential information the company had access to. This information includes customers’ names, social security numbers, and bank account information.
Affected individuals were sent data breach notification letters from the company on December 30th on 2024.
(–Source: JD Supra
Read More: Rivers Casino Philadelphia Experiences Data Security Incident, Leaking SSNs and Bank Info | Console and Associates, P.C. – JDSupra )
