Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label U.S. Courts. Show all posts
Yanluowang
Data Breach Ransomware Gang Russian Citizen U.S. Courts Yanluowang

Yanluowang Access Broker Gets 81 Months in Prison

 

A Russian national has been sentenced to 81 months in prison for acting as an initial access broker for Yanluowang ransomware attacks, in a case that highlights how criminal access markets fuel major extortion campaigns . Prosecutors said the defendant targeted at least eight U.S. companies, sold stolen access to ransomware operators, and helped enable ransom demands that ranged from hundreds of thousands of dollars to millions. 

Aleksey Olegovich Volkov, also known online as “chubaka.kor” and “nets,” pleaded guilty in November and admitted to hacking into corporate networks, stealing data, and passing that access along to the Yanluowang ransomware-as-a-service group . According to the report, the gang encrypted victims’ data, demanded payment in cryptocurrency, and shared the proceeds among participants. 

The investigation was built from a wide set of digital evidence, including chat logs, stolen files, victims’ credentials, and records recovered after the FBI seized a server linked to the ransomware operation. Investigators also traced Volkov through Apple iCloud data, cryptocurrency exchange records, social media accounts, and other identifiers tied to his passport and phone number. 

Court records showed that Volkov negotiated a share of ransom proceeds in exchange for delivering access to victim networks, and the FBI said his cut of collected ransoms reached $1.5 million. Prosecutors also noted that a screenshot recovered from his Apple account suggested a possible additional connection to the LockBit ransomware gang. 

Volkov was extradited to the United States after being arrested in Italy in January 2024, and he now must pay more than $9 million in restitution to victims . The Justice Department said he agreed to cover at least $9,167,198.19 in losses and forfeit equipment used in the crimes, underscoring the financial damage caused by ransomware support roles beyond the attackers who deploy the malware .
Read more »
U.S. Courts
Class Action Lawsuit Cyber Crime Payroll Provider U.S. Courts

UKG Faces Payroll Violations Class Action Lawsuit in Multiple U.S. District Courts

 

Workforce management company Ultimate Kronos Group faces a proposed class action after its ubiquitous Kronos timekeeping system got whacked by ransomware last December. The aggrieved customers dragged the firm into court as scheduling and payroll were hindered at thousands of organizations including Tesla, PepsiCo, Whole Foods.

Due to the network outage, many major firms were unable to pay workers on time for all of their wages, including overtime wages, and shift differentials, as they rely on Kronos products for timekeeping and prompt pay policies. 

Employees at Tesla and PepsiCo filed a class-action lawsuit against UKG in the U.S. District Court in the Northern District Court of California seeking damages due to alleged negligence in data security procedures and practices. New York MTA employees filed a separate suit in the U.S. District Court for the Southern District of New York against the MTA, alleging it failed to pay overtime wages due to the Kronos outage.

According to John Bambenek, principal threat hunter at security firm Netenrich, the response and recovery from the ransomware attack is UKG's responsibility, but failure to make payroll, a potential violation of the federal Fair Labor Standards Act (FLSA) and any applicable state and local laws, is the fault of the employer. The federal Fair Labor Standards Act (FLSA) requires organizations to accurately track the hours worked by employees and pay workers accordingly. Failure to comply with these requirements could entitle workers to compensation of up to double their unpaid wages.

"The employers are responsible for making payroll. If they're using a third-party provider, and it doesn't get the job done, they're responsible for making payroll,” said John Bambenek. “That doesn't leave Kronos off the hook, however. Kronos offers service and couldn't provide it, so now the company may be liable to its customers, Bambenek said. Employers can sue UKG too.”

However, the key question is whether the contracts that UKG negotiated with its customers define who might be responsible in the wake of an incident like this. In many cases, commercial contracts between a provider and a customer contain an indemnification clause, which protects the provider from legal action or damage for certain events. 

"Every vendor, especially at the level of Kronos," is going to seek an indemnification clause that benefits them in their contracts, Matthew Warner, CTO, and co-founder at detection and response provider Blumira, told Cybersecurity Dive. "They're going to do as much as they can to make sure that if something goes wrong, and if there is any sort of interruption associated with it, they're indemnified for it."
Read more »
Subscribe to: Posts (Atom)