Equifax Inc., one of the big-three U.S. credit bureaus, has leaked W-2 information for an unforetold amount of US employees using their W-2 eXpress website. The hackers were able to gain access to Equifax’s W-2 eXpress website by using personally identifiable information of employees, including the last four digits of SSNs and dates of birth. These hackers were then able to file for fraudulent tax returns from the IRS, even if the affected individual was not due a return.
One of the nation’s largest grocery store chains, Kroger Co., sent a letter to all of its more than 431,000 employees that they might be affected by this breach. Equifax provides the W-2 eXpress service to large employers such as Kroger Co., which makes employee electronic W-2 forms accessible over Equifax’s website. Kroger Co. is not yet sure how many individuals had their sensitive information compromised. This news comes in the same year that both Stanford and Northwestern University had employee information leaked via the Equifax web portal.
The actors behind the CryptXXX ransomware, which was first discovered last month by researchers at Proofpoint, have been hard at work modifying the malware to make it even more dangerous. Shortly after it was discovered, Kaspersky Labs released a decryption tool that affected users could utilize to recover encrypted files. However, the newest version, CryptXXX 2.0, can now bypass that tool.
The number of actors spreading the CryptXXX 2.0 ransomware has increased, quickly making it one of the most common ransomware families seen. Furthermore, CryptXXX 2.0 is frequently dropped by the Angler exploit kit, the most widespread exploit kit in the world, making it even more dangerous to end users. The constant evolution and development occurring to the CryptXXX ransomware suggests that it will continue to compete in the malware environment.
References: CryptXXX 2.0: Ransomware Authors Strike Back Against Free Decryption Tool | Bad guys update 7ev3n and CryptXXX ransomware | Prince of pop trash PerezHilton pwned, visitors hit with Cryptxxx
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.