National Amusements breach, Rockstar leak, LoanCare hacked | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

CBS and Paramount owner says it was hacked a year ago

National Amusements, the cinema chain and corporate parent of media giants Paramount and CBS, confirmed that hackers stole the personal information of more than 82,000 people. The incident occurred in December of 2022 but the breach filing revealed that it took the company until August to discover it. The hackers also stole bank account and credit card numbers along with associated security codes, passwords or secrets. Paramount disclosed a separate security incident in August in which hackers took names and dates of birth, as well as Social Security numbers of an unspecified number of customers. 


Rockstar Games suffers alleged source code leak

On Tuesday, reports circulated that a 4 GB source code file for Rockstar Games popular Grand Theft Auto 5 (GTA5) game has been made public on the Dark Web. The leaked source file contains 3D models and assets that would likely make it possible to build and run the game. While the initial leak link has been taken down, the source code is now making the rounds on Telegram channels. Rumors are circulating that hackers are considering making the entire 200 GB GTA5 source file public. There are also indications that the leak may have included confidential employee data of 1100 of Rockstar Games staff as well as material related to Grand Theft Auto 6 and a potential sequel to the 2006 game, Bully.

(The Cyber Express)

LoanCare says 1.3 million people affected by cyberattack

LoanCare, one of the largest providers of loan subservicing, has filed a breach notification indicating that 1,316,938 customers had information accessed by hackers who breached their parent company, Fidelity National Financial. The November attack left real estate agents and homebuyers in the lurch for days because home sales could not be finished. An investigation showed that last month hackers were able access and exfiltrate customer names, addresses, Social Security Numbers, and loan numbers. The AlphV/Blackcat ransomware gang took credit for the attack and the victims are being offered two years of identity protection services.

(The Record)

Hackers steal customer data from Europe’s largest parking app operator

EasyPark Group (owner of brands including RingGo and ParkMobile), has reported to European regulators that hackers stole data from at least 950 RingGo users in the UK. The company said customer names, phone numbers, addresses, email addresses and partial credit card numbers had been stolen but that parking data had not been compromised. The company also said its ParkMobile brand, which has 50 million users in the US, was not affected. The hack highlights the risk with centralizing parking services to apps and websites which require user data collection and are rapidly replacing more costly physical meters and parking attendants. 

(The Guardian)

Huge thanks to our sponsor, Barricade Cyber Solutions

When you’re hit with ransomware, remember Barricade Cyber Solutions’ experienced DFIR team is ready to help your business recover from ransomware now. You’ll work directly with the CEO to resolve your case quickly and efficiently. Whether you’re experiencing a ransomware attack or want to get ahead of one by discussing a prevention plan, contact Barricade Cyber Solutions at

Rhysida ransomware group hacked hospital in Jordan

Abdali Hospital, a multi-specialty hospital located in Amman, Jordan has been added to the Rhysida ransomware gang’s list of victims on its Tor leak site. The group published images of a sample of stolen documents including ID cards and contracts. Rhysida indicates it will by selling the “exclusive data” for 10 Bitcoin (BTC) over a period of seven days and will only sell it to one buyer. Rhysida also stated that reselling the data is prohibited. Last week,the FBI and CISA published a joint advisory warning of Rhysida’s attacks and included the gang’s Indicators of Compromise (IOCs) and Tactics, Techniques, and Protocols (TTPs).

(Security Affairs)

Integris Health patients get extortion emails after cyberattack

Patients of Integris Health have begun receiving blackmail emails stating that their data was stolen in a cyberattack. The Oklahoma-based healthcare network confirmed they suffered a breach on November 28th that led to the theft of patient Social Security Numbers, dates of birth, addresses, phone numbers, insurance information, and employer information. On December 24th, hackers sent extortion emails to patients claiming they would sell the data to other threat actors if they did not pay an extortion demand. Some Integris Health patients have confirmed to Bleeping Computer that the emails contained accurate personal information.

(Bleeping Computer)

Cyber firm publishes 2024 Cyber Threat Landscape Forecast

Resecurity has issued a report outlining key security threats and challenges anticipated in 2024 based upon its analysis of Dark Web activity and cybersecurity incident data. The report predicts increased ransomware activity targeting publicly-traded companies and using potential regulatory violations (e.g., GDPR and US SEC regulations) as leverage for manipulation and extortion. The report also asserts that critical infrastructure will remain a focal point for cyber-attacks, especially energy and nuclear sectors. The report anticipates that Artificial Intelligence (AI) weaponization will skyrocket, demanding innovative countermeasures and international collaboration. Additionally, cities that have adopted smart technologies, will need to actively secure IT/OT supply chains and protect the identities of their citizens. Finally, the report predicts a proliferation of attacks against digital identity, leading to unprecedented large-scale data breaches.

(Security Affairs)

African organizations aim to bolster cybersecurity in 2024

African nations are faced with numerous cybersecurity threats and challenges while lacking adequate cyber training. This month, the University of Lagos, the American Business Council in Nigeria, and several private companies, launched a Virtual Cyber Hub to strengthen cybersecurity in Nigeria and help train young workers. In the next few years, the collaboration aims to build capacity to address immediate cybersecurity needs, create sustainable collaboration and partnership frameworks, and to promote joint research projects between academic institutions and businesses. The long-term goals are to make Nigeria self-sufficient in terms of cyber and to develop home-grown cyber solutions. Back in July, the Biden-Harris administration announced a collaboration with the Cybersafe Foundation to develop an Africa-specific effort to train cybersecurity workers, with a focus on creating opportunities for women.

(Dark Reading)


Click Here For The Original Story From This Source.

National Cyber Security