Christie Clinic, a large healthcare provider in Illinois, has suffered the worst data breach reported in 2022 so far. After detecting suspicious activity from an employee's business account, the company began an investigation before confirming in January that a threat actor had accessed the e-mail account during a month-long period in Summer 2021.
At the end of March, the company posted a notice on its website describing the event.
The Department of Justice has announced the conviction of 40-year-old Sercan Oyuntur, who successfully phished a government vendor and was able to steal $23,453,350.
Oyuntur had registered "dia-mil.com" which is very similar to "dla.mil", the Defense Logistics Agency's domain name.
Google has announced additional options for removing personal information from their search results. The tech giant stated that "Open access to information is a key goal of Search, but so is empowering people with the tools they need to protect themselves and keep their sensitive, personally identifiable information private," in a press release on their website.
Towards the end of 2021, the Department of Justice unveiled its plans to use the False Claims act to enforce federal contractual cyber-security requirements. In early March, they announced "the first resolution of a False Claims Act case involving cyber fraud since the launch of the department's Civil Cyber-Fraud Initiative", according to an announcement posted on the agency's website.
While Google and Bing are the most popular search engines in most English-language countries, Russian-language speakers use Yandex. Last month, the Financial Times reported that Yandex's Appmetrica, a "real-time ad tracking and mobile apps analytics solution" which is integrated into Android and iOS apps, has the ability to send a user's metadata to a database accessible by the Kremlin.
The Federal Trade Commission announced at the end of March that they will be taking action against Intuit Inc, whose products include software such as TurboTax, Mint, and QuickBooks, for what they are calling "deceptive" advertising practices.
According to an Administrative Complaint filed against the company, "Much of Intuit’s advertising for TurboTax conveys the message that consumers can file their taxes for free using TurboTax, even going so far as to air commercials in which almost every word spoken is the word 'free.
According to WHDH 7News, the town of Tewksbury is trying to get more than $100,000 back after a threat actor posing as a vendor successfully tricked a town employee.
According to Town Manager Richard Montuori, what appeared to be a normal vendor e-mail asking about payment from authorized invoices was in fact a spoofed e-mail address.
Hackers have scooped the data of more than 515,000 people from the Red Cross, according to a press release by the organization mid-January. According to the International Committee of the Red Cross, the information obtained includes confidential and personal identifying information of "highly vulnerable people, including those separated from their families due to conflict, migration and disaster, missing persons and their families, and people in detention.
The amount of total losses through fraud originating on social media is now 19 times higher than it was just five years ago in 2017, according to a Consumer Protection Data Spotlight published by the Federal Trade Commission on Jan 25.
According to the report, "More than 95,000 people reported about $770 million in losses to fraud" from threat actors using social engineering through social media in 2021.
The FTC explains that social media is a low-cost strategy.
