Security news aggregator

Latest coverage for Victims

The Victims tag covers people and organizations harmed by cyberattacks, including breaches, scams, malware, identity theft, and data exposure.

9 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Victims are people, organizations, or public bodies that suffer harm from cyber-enabled activity, such as account compromise, fraud, unauthorized data access, malware, or service disruption. The term may describe both the directly compromised party and individuals whose information, devices, or accounts are affected through an incident involving another organization.

For security practitioners, victim impact guides triage and response: identify affected systems and data, contain access, preserve evidence, and restore trustworthy operations. Exposed personal or confidential information can create privacy and notification obligations, while compromised credentials or devices may enable further attacks against the victim or its contacts. Recording victim details in threat intelligence—such as the targeted sector, initial access method, and affected assets—can help identify campaigns and improve controls. Clear communication and support also matter, because victims need accurate guidance on credential resets, account monitoring, fraud reporting, and available remediation.

Showing 9 most recent headlines Filtered view
Bank Info Security 1 year, 4 months ago

Leaked Black Basta Chat Logs Show Banality of Ransomware

'He Is an Idiot,' Dissatisfied Hacker Writes of BossTwo hundred thousand internal chat messages from the Russian ransomware group Black Basta have been leaked online, supposedly in reprisal for the operation targeting Russian banks. The partial logs, spanning 13 months, detail negotiations with victims, ransoms paid, internal disagreements and more.

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies

Bank Info Security 1 year, 4 months ago

Australia's Anti-Scams Bill: What's in It for Victims?

Experts Say Consumers Gain Little as Implementation Challenges Loom for FrameworkAustralia's new scams framework bill sets the foundation for industry action but leaves consumers with limited protections. Experts warn that enforcement and reimbursement mechanisms are unclear, forcing victims to navigate a complex system with little guarantee of compensation.

FBI and CISA issue reminder - deep sigh - about the importance of patching and backups The operators of Ghost ransomware continue to claim victims and score payments, but keeping the crooks at bay is possible by patching known vulnerabilities and some basic infosec actions, according to a joint advisory issued Wednesday by the FBI and US Cybersecurity and Infrastructure Security Agency.…

2.3 TB held to ransom as biz formerly known as Virgin Care tells us it's probing IT 'security incident' Exclusive HCRG Care Group, a private health and social services provider, has seemingly fallen victim to the Medusa ransomware gang, which is threatening to leak what's claimed to be stolen internal records unless a substantial ransom is paid.…

Bank Info Security 1 year, 4 months ago

Ukrainian Signal Users Fall to Russian Social Engineering

Google Expects Tactics to Spread; Global Targets and Other Services at RiskRussian nation-state hackers are using phishing attacks to target Ukrainian users of the chat app Signal, say security researchers. Rather than circumventing Signal's end-to-end encryption via a cryptographic attack, attackers use malicious prompting to prod victims into exposing messages.