Conservative think tank The Heritage Foundation said on Friday that it experienced a cyberattack earlier this week.
A person with knowledge of the cyberattack told TechCrunch that efforts at Heritage were underway to remediate the cyberattack, but said that it wasn’t immediately known what, if any, data was taken.
Politico, which first reported the news of the cyberattack on Friday, cited a Heritage official as saying the organization “shut down its network to prevent any further malicious activity while we investigate the incident.”The news outlet quoted the Heritage official as saying that the cyberattack likely came from nation-state hackers, but did not provide evidence of the claim.
Founded in 1973, Heritage is based in Washington DC, and supports and lobbies on conservative issues.
Heritage was hit by a cyberattack in 2015 in which hackers stole internal emails and the personal information of its donors.
U.S. cybersecurity agency CISA has confirmed that Russian government-backed hackers stole emails from several U.S. federal agencies as a result of an ongoing cyberattack at Microsoft.
“Midnight Blizzard’s successful compromise of Microsoft corporate email accounts and the exfiltration of correspondence between agencies and Microsoft presents a grave and unacceptable risk to agencies,” said CISA.
CISA made details of the emergency directive public on Thursday after giving affected federal agencies a week to reset passwords and secure affected systems.
CISA did not name the affected federal agencies that had emails stolen, and a spokesperson for CISA did not immediately comment when reached by TechCrunch.
The emergency directive comes as Microsoft faces increasing scrutiny of its security practices after a spate of intrusions by hackers of adversarial nations.
Mobile gadget and bag maker Targus says it is experiencing a “temporary interruption” to its business operations following a cyberattack on Friday.
In a notice with regulators on Monday, Targus’ parent company, B. Riley Financial, said it discovered “a threat actor gained unauthorized access to certain of Targus’ file systems,” and shut down much of its network to isolate the incident.
“The incident has been contained and Targus systems recovery efforts are in process,” the statement said.
B. Riley acquired Targus in a 2022 deal worth approximately $250 million.
When reached by email, a spokesperson for B. Riley did not immediately comment.
American health insurance giant UnitedHealth Group has confirmed a ransomware attack on its health tech subsidiary Change Healthcare, which continues to disrupt hospitals and pharmacies across the United States.
“Based on our ongoing investigation, there’s no indication that except for the Change Healthcare systems, Optum, UnitedHealthcare and UnitedHealth Group systems have been affected by this issue.”In a post on its dark web leak site on Wednesday, ALPHV/BlackCat took credit for the cyberattack at Change Healthcare.
Change Healthcare merged with U.S. healthcare provider Optum in 2022 as part of a $7.8 billion deal under UnitedHealth Group, the largest health insurance provider in the United States.
Change Healthcare said it took much of its systems offline to expel the hackers from its systems.
Do you work at Change Healthcare, Optum or UnitedHealth and know more about the cyberattack?
A spokesperson for Change Healthcare did not immediately respond to a request for comment.
Change Healthcare is an American healthcare tech giant and one of the country’s largest processors of prescription medications, handling prescriptions and billing for more than 67,000 pharmacies across the U.S. healthcare system.
The healthcare tech giant handles 15 billion healthcare transactions annually — or about one-in-three U.S. patient records.
Change Healthcare merged with healthcare provider Optum in 2022 as part of a $7.8 billion deal under UnitedHealth Group.
The cyberattack at Change Healthcare began on February 21 early on the U.S. East Coast, causing widespread outages at pharmacies and healthcare facilities.
LoanDepot says about 17 million customers had personal data and Social Security numbers stolen during cyberattackAlmost 17 million LoanDepot customers had sensitive personal information, including Social Security numbers, stolen in a January ransomware attack, the company has confirmed.
The loan and mortgage giant company said in a data breach notice filed with Maine’s attorney general’s office that the stolen LoanDepot customer data includes names, dates of birth, email and postal addresses, financial account numbers, and phone numbers.
The stolen data also includes Social Security numbers, which LoanDepot collected from customers.
The number of affected LoanDepot customers rose from 16.6 million as initially disclosed to federal regulators last month, which did not say what specific customer data had been stolen.
Mortgage and loan giant Mr. Cooper said hackers stole the personal information of more than 14 million customers during an October cyberattack, costing the company at least $25 million in additional costs.
U.S. healthcare technology giant Change Healthcare has confirmed a cyberattack on its systems.
Most of the login pages for Change Healthcare are inaccessible or offline when TechCrunch checked at the time of writing.
Michigan local newspaper the Huron Daily Tribune is reporting that local pharmacies are experiencing outages due to the Change Healthcare cyberattack.
Change Healthcare is one of the largest healthcare technology companies in the United States.
Both Optum and Change Healthcare are owned by health insurance giant UnitedHealth Group.
Three local councils in the United Kingdom continue to experience disruption to their online services, a week after confirming a cyberattack had knocked some systems offline.
Robert Davis, a spokesperson for Canterbury City Council, told TechCrunch last week that the council’s initial investigation suggests that no customer data was accessed.
However, the U.K.’s Information Commissioner’s Office told TechCrunch on Friday that the data regulator has received a breach report from the three councils.
Thanet District Council spokesperson Clare Winter shared an updated statement with TechCrunch, which has also been published on the council’s website.
“Thanet District Council is currently limiting access to a number of its online systems,” the statement reads.
About 16.6 million LoanDepot customers had their “sensitive personal” information” stolen in a cyberattack earlier this month, which the loan and mortgage giant has described as ransomware.
The loan company said in a filing with federal regulators on Monday that it would notify the affected customers of the data breach.
LoanDepot did not say what kind of sensitive and personal customer data was stolen.
When reached by email, LoanDepot spokesperson Jonathan Fine declined to tell TechCrunch what specific types of customer data was taken.
LoanDepot said it has “not yet determined” whether the cybersecurity incident will materially impact the company’s financial condition.
Three councils in the United Kingdom have taken some of their public-facing systems offline due to an ongoing cybersecurity issue.
The NCSC and the three councils declined to say whether the cybersecurity issue relates to an in-house system or an outside vendor.
TechCrunch found that some of Canterbury City Council’s payments systems, provided by EKS, were unavailable.
Dover and Thanet are also both reporting issues with online forms and online payments.
Since 2018, outsourcing giant Civica has provided EKS services as part of a seven-year deal to cut costs across the three councils.
