DHS Probes if Sensitive Data Exposed in Johnson Controls Ransomware Attack

DHS investigating if contractor Johnson Controls International exposed sensitive data like floor plans in ransomware attack
Johnson Controls holds classified contracts with DHS related to physical security of facilities
Unclear if hackers accessed sensitive data, but DHS assuming they may have
Attack causing disruptions to Johnson Controls' IT systems and subsidiary websites
DHS also checking if personal info of officials was compromised in the breach

cnn.com

Relevant topic timeline:

8/7/2023

Colorado education department discloses data breach spanning 16 years

Main topic: Ransomware attack on the Colorado Department of Higher Education (CDHE) and potential data leak. Key points: 1. CDHE experienced a ransomware attack in June, resulting in unauthorized access to their systems. 2. Personally identifiable information, including names and social security numbers, was breached. 3. CDHE is offering free credit monitoring and identity theft protection to affected individuals and advises them to monitor their accounts and credit reports for suspicious activity.

9/27/2023

Johnson Controls Hit With $51 Million Ransomware Attack

Johnson Controls International, a multinational conglomerate, has suffered a massive ransomware attack that has disrupted its operations and encrypted many of its devices, including VMware ESXi servers, with the Dark Angels ransomware gang demanding a $51 million ransom.

10/13/2023

CISA Releases Details on Ransomware Groups' Attack Tactics to Help Organizations Defend Critical Infrastructure

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released additional information on misconfigurations and security vulnerabilities used by ransomware groups to help critical infrastructure organizations defend against attacks.