Untitled attachment

Notices where this attachment appears

1. Embed this notice
   Kevin Beaumont (gossithedog@cyberplace.social)'s status on Friday, 16-May-2025 22:02:01 JST Kevin Beaumont

   in reply to

   Deloitte supplied a managed service to US state government, it got popped, over 5 months Brain Cipher ransomware group stolen everything, and nobody noticed until they got the ransom note.

   CrowdStrike IR report:

   https://admin.ri.gov/sites/g/files/xkgbur536/files/2025-05/RIBridges%20Investigation%20Summary%20FINAL%20-%20External%20Release.pdf

   #threatintel #extortion

2. Embed this notice
   Metacurity (metacurity@infosec.exchange)'s status on Friday, 16-May-2025 21:56:34 JST Metacurity

   This should be much bigger news.

   CrowdStrike discovered that state officials in Rhode Island had been unaware for more than five months that its VPN system, managed by Deloitte, had been hacked. Deloitte didn't know until the hackers asked for a ransom.

   Now, it looks like RI will sue Deloitte.

   https://www.bostonglobe.com/2025/05/15/metro/ribridges-vpn-hack-ri-breach-personal-data-investigation-findings/

   Here is the CrowdStrike report.
   https://admin.ri.gov/sites/g/files/xkgbur536/files/2025-05/RIBridges%20Investigation%20Summary%20FINAL%20-%20External%20Release.pdf