The Play ransomware group has impacted around 300 entities as of October 2023, according to joint cybersecurity advisory from Australia and the U.S. Play ransomware employs a double-extortion model, encrypting systems after stealing data and affecting both domestic and international businesses. Threat actors are increasingly exploiting vulnerabilities and moving away from using phishing emails to infect systems. The Play ransomware has transformed into a ransomware-as-a-service (RaaS) operation and uses both public and bespoke tools for attacks.
T-Mobile pays $16 million fine for three years’ worth of data breaches
T-Mobile has agreed to pay a $15.75 million fine and improve its security in a settlement over a series of data breaches over three years