May 05 2021

List of data breaches and cyber attacks in April 2021 – 1 billion records breached

Category: Data Breach,Security BreachDISC @ 10:24 am
List of data breaches and cyber attacks in April 2021 – 1 billion records breached

List of data breaches and cyber attacks in April 2021 – 1 billion records breached – It was another busy month in the cyber security sector, as we discovered 143 incidents that resulted in 1,098,897,134 breached records.

Ransomware was again one of the biggest contributors to that total, accounting for almost one in three data breaches.

As always, you can find the full list of incidents below, with those affecting UK organizations listed in bold.

In case you missed it, you may also be interested in our first quarterly review of data breaches and cyber attacks. The report takes the information collected in these lists and summarizes our findings.

It includes year-on-year comparisons in the number of incidents that were detected, a review of the most frequently breached sectors and a running total of incidents for the year.

Apr 05 2021

List of data breaches and cyber attacks in March 2021 – 21 million records breached

Category: Data Breach,Security BreachDISC @ 8:00 am
List of data breaches and cyber attacks in March 2021 – 21 million records breached

Don’t be fooled by the fact that we only recorded 20,995,371 breached records in March; it was one of the leakiest months we’ve ever seen, with 151 recorded incidents.

By comparison, there was a seemingly Lilliputian 82 recorded breaches in January and 118 in February.

The issue is that in far more cases than we’d expect, the number of breached records wasn’t included in the notification, so we can’t include it here.

We typically expect ambiguity when it comes to ransomware, because organisations are locked out of their files and can’t calculate what’s been affected. But there were dozens of other cyber attacks and data breaches where the organisation either didn’t know or reveal the extent of the damage.

You can find our full list of incidents below, with those affecting UK organizations listed in bold.

Contents

Mar 10 2021

150,000 security cameras allegedly breached in “too much fun” hack

Category: Security BreachDISC @ 2:19 pm
150,000 security cameras allegedly breached in “too much fun” hack

The hackers’ methods were unsophisticated: they gained access to Verkada through a “Super Admin” account, allowing them to peer into the cameras of all of its customers. Kottmann says they found a user name and password for an administrator account publicly exposed on the internet.

News outlet Bloomberg has gone public with a dramatic cybersecurity news story about surveillance.

Bloomberg claims that an “international hacker collective” was responsible for breaking into a network of 150,000 surveillance cameras and accessing private footage from live video feeds.

According to Bloomberg, one of the hacking crew, Tillie Kottmann, claimed to have accessed cloud-based camera surveillance company Verkada and found themselves face-to-face with a huge swathe of internal data.

This data apparently included real-time feeds from up to 150,000 surveillance cameras at Verkada customer sites, as well as other real-time information such as access control data from Verkada customers.

Car maker Tesla, internet provider Cloudflare and numerous health and law enforcement organisations are claimed in Bloomberg’s piece as some of those customers.

150,000 security cameras allegedly breached in “too much fun” hack

Tags: security cameras breached

Feb 11 2021

Singtel hit by third-party vendor’s security breach, customer data may be leaked

Category: Data Breach,Security BreachDISC @ 8:47 am

Singapore telco says it has pulled back all use of Accellion’s file-sharing system FTA and is investigating the impact of a cybersecurity attack, having ascertained on February 9 that “files were taken” and customer data “may have” been compromised.

Image result for singtel logo

Singtel says it is investigating the impact of a cybersecurity breach that may have compromised customer data, after it ascertained on February 9 that “files were taken”. The attack had affected a file-sharing system developed two decades ago by a third-party vendor Accellion, which the Singapore telco had used internally and with external stakeholders. 

Singtel revealed in a statement Thursday it was notified by Accellion that the file-sharing system, called FTA (File Transfer Appliance), had been breached by unidentified hackers. The telco said the tool was deployed as a standalone system and used to share information within the organisation and with external stakeholders. 

All use of the system had been pulled back and relevant authorities, including Singapore’s Cyber Security Agency and local police, were notified. Singtel added that it currently was assessing the nature and impact of the breach, and the extent of data that might have been illegally accessed. 

“Customer information may have been compromised,” the telco said. “Our priority is to work directly with customers and stakeholders whose information may have been compromised to keep them supported and help them manage any risks. We will reach out to them at the earliest opportunity once we identify which files relevant to them were illegally accessed.”

Source: Singtel hit by third-party vendor’s security breach

Feb 07 2021

COMB breach: 3.2B email and password pairs leaked online

Category: Email Security,Security BreachDISC @ 11:48 pm
COMB breach: 3.2B email and password pairs leaked online

Dec 08 2020

U.S. Cyber Firm FireEye Says It Was Breached by Nation-State Hackers

Category: Hacking,Security BreachDISC @ 11:07 pm

The cybersecurity company said the attack compromised its software tools used to test the defenses of its thousands of customers.

“I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities,” Kevin Mandia, the chief executive at FireEye and a former Air Force officer, said in a blog post published Tuesday. “The attackers tailored their world-class capabilities specifically to target and attack FireEye.”

The company said the attacker also accessed some internal systems and primarily sought information about government clients. FireEye said it has seen no evidence so far that data belonging to its customers had been compromised from the primary systems used to store it.

FireEye declined to comment on who it believed was behind the breach of its hacking tools, which experts said could potentially be leveraged in future attacks against its customer base, including a diverse array of U.S. and Western national-security agencies and businesses.

Source: U.S. Cyber Firm FireEye Says It Was Breached by Nation-State Hackers



FireEye, a Top Cybersecurity Firm, Says It Was Hacked by a Nation-State
httpv://www.youtube.com/watch?v=EcBAuJoj2Ks

Fireeye shares plunge after it says it was breached by suspected hackers
httpv://www.youtube.com/watch?v=xYIK23FYiyM&ab_channel=CNBCTelevision




Dec 07 2020

Hacker opens 2,732 PickPoint package lockers across Moscow

Category: Security BreachDISC @ 4:57 pm

PickPoint says this is the world’s first targeted cyberattack against a post-gateway network.

The attack, which took place on Friday afternoon, December 4, targeted the network of PickPoint, a local delivery service that maintains a network of more than 8,000 package lockers across Moscow and Saint Petersburg.

Russians can order products online and choose to have any of their orders delivered to a PickPoint locker instead of their home address.

Once the package arrives, users receive an email or mobile notification, and they can show up and pick up their orders using the PickPoint app.

Source: Hacker opens 2,732 PickPoint package lockers across Moscow | ZDNet



A smart lockers terminal “PickPoint” in Moscow was hacked to unlock the storage boxes with goods
httpv://www.youtube.com/watch?v=shtcOIeiz_c&ab_channel=AmazingVideosOfTheWorld






Dec 01 2020

List of data breaches and cyber attacks in November 2020 – 587 million records breached

Category: Data Breach,Security BreachDISC @ 11:06 am

We recorded 103 data breaches and cyber attacks in November, which accounted for 586,771,602 leaked records.

ITG recorded 103 cyber security incidents in November, which accounted for 586,771,602 leaked records.

The majority of those came from a credential-stuffing attack targeting Spotify and a data leak at the messaging app GO SMS Pro, which you can learn more about below.

Here is ITG complete list of November’s cyber attacks and data breaches.

Source: List of data breaches and cyber attacks in November 2020 – 587 million records breached – IT Governance UK Blog



Biggest Data Breaches of October 2020
httpv://www.youtube.com/watch?v=aB0PB5B266w


Self-assessment to help you achieve your cybersecurity or information security goals. ITG is offering 15% off selected toolkits and self-assessment tools until December 4 to help you achieve your cybersecurity or information security goals. Use promo code THANKFUL at checkout to receive the offer




Oct 15 2020

Confirmed: Barnes & Noble hacked, systems taken offline for days, miscreants may have swiped personal info

Category: Data Breach,Security BreachDISC @ 8:44 am

Nook, line and sinker: Servers restored from backups, punters unable to download purchased e-books

Source: Confirmed: Barnes & Noble hacked, systems taken offline for days, miscreants may have swiped personal info




Sep 08 2020

Hackers use legit tool to take over Docker, Kubernetes platforms

Category: Security Breach,Security IncidentDISC @ 3:08 pm

In a recent attack, cybercrime group TeamTNT relied on a legitimate tool to avoid deploying malicious code on compromised cloud infrastructure and still have a good grip on it.

Source: Hackers use legit tool to take over Docker, Kubernetes platforms

Misusing tool of the trade
Analyzing the attack, researchers at Intezer discovered that TeamTNT installed Weave Scope open-source tool to gain full control of the victim’s cloud infrastructure.

According to them, this may be the first time a legitimate third-party tool is abused to play the part of a backdoor in a cloud environment, also indicating the evolution of this particular group.

Weave Scope integrates seamlessly with Docker, Kubernetes, and the Distributed Cloud Operating System (DC/OS), and AWS Elastic Compute Cloud (ECS). It provides a complete map of processes, containers, and hosts on the server and control over installed applications.

“The attackers install this tool in order to map the cloud environment of their victim and execute system commands without deploying malicious code on the server,” Intezer notes in a report today.


Download a Security Risk Assessment Steps paper!

Security Risk assessment Quiz – Find Out How Your security risk assessment Stands Up!

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Subscribe to DISC InfoSec blog by Email

👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet




Aug 05 2020

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Category: Security Breach,VPNDISC @ 4:48 pm

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum.

Source: Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers




Jul 14 2020

A hacker is selling details of 142 million MGM hotel guests on the dark web

Category: Data Breach,Hacking,Security BreachDISC @ 11:06 am

EXCLUSIVE: The MGM Resorts 2019 data breach is much larger than initially reported.

Source: A hacker is selling details of 142 million MGM hotel guests on the dark web | ZDNet

According to the ad, the hacker is selling the details of 142,479,937 MGM hotel guests for a price just over $2,900. The hacker claims to have obtained the hotel’s data after they breached DataViper, a data leak monitoring service operated by Night Lion Security.

mgm-empire.png

MGM Exposes over 10,000,000 Profiles to Hackers – Feb 21, 2020
httpv://www.youtube.com/watch?v=vlPE-4Tjnrc



Protect Your Organization Against Massive Data Breaches and Their Consequences

Download a Security Risk Assessment Steps paper!

Subscribe to DISC InfoSec blog by Email

Take an awareness quiz to test your basic cybersecurity knowledge

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles




Tags: dark net, dark web

Jun 15 2020

Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More

Category: AWS Security,Security BreachDISC @ 2:37 pm

3somes, Gay Daddy Bear, and Herpes Dating are among the nine services that leaked the data of hundreds of thousands of users. Researchers find a developer running multiple dating services left 845GB of explicit photos, chats, and more exposed in AWS buckets

Source: Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More

Download a Security Risk Assessment steps paper!

Download a vCISO template

Take an awareness quiz to test your basic cybersecurity knowledge

Subscribe to DISC InfoSec blog by Email

Best Practices for Amazon S3 Security with S3 Access Management Tools and S3 Block Public Access
httpv://www.youtube.com/watch?v=7M3s_ix9ljE

AWS S3 Bucket Security 👮- Restrict Privileges🔒to User using IAM Policy | Grant User Access
httpv://www.youtube.com/watch?v=vtz3ruCebH8




May 25 2020

Hacker extorts online shops, sells databases if ransom not paid

Category: Data Breach,data security,Security BreachDISC @ 3:05 pm

More than two dozen SQL databases stolen from online shops in various countries are being offered for sale on a public website. In total, the seller provides over 1.5 million rows of records but the damage is likely much larger.

Source: Hacker extorts online shops, sells databases if ransom not paid

More than two dozen SQL databases stolen from online shops in various countries are being offered for sale on a public website. In total, the seller provides over 1.5 million rows of records but the amount of stolen data is much larger.

The attacker is hacking into insecure servers that are reachable over the public web, copies the databases, and leaves a note asking for a ransom in return of the stolen data.

Money made

Victims have 10 days to pay BTC 0.06 ($525 at current price) a wallet provided in the ransom note, else the hacker makes the database public or uses it as they please.

Hacked! What to do with an extortion email
httpv://www.youtube.com/watch?v=CQS-fSsIQbo

Bitcoin Email Blackmail Ransom Scam
httpv://www.youtube.com/watch?v=H40C7Hbpdqw




Download a CyberAware cheat sheet




Tags: hacker blackmail, hacker extortion

Jun 12 2019

Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps

Category: hipaa,Security BreachDISC @ 1:52 pm

Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it.

Source: Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps



Healthcare privacy and security


Enter your email address:

Delivered by FeedBurner




Tags: Healthcare privacy and security, medical device breaches, medical device threats, medical device vulnerabilities

Jun 09 2019

From phish to network compromise in two hours: How Carbanak operates

Category: Hacking,Phishing,Security BreachDISC @ 2:21 pm

Cybercriminal group Carbanak has stolen hundreds of millions of dollars from financial institutions. Here’s a detailed analysis by Bitdefender of an attack on one bank.

Source: From phish to network compromise in two hours: How Carbanak operates






May 29 2019

Flipboard says hackers stole user details | ZDNet

Category: Cyber Attack,Hacking,Security BreachDISC @ 12:16 pm

Extent of the hack is unknown, but Flipboard said hackers had access to its systems for almost nine months.

Source: Flipboard says hackers stole user details | ZDNet

Flipboard confirms database hack, resets all user passwords

  • InfoSec Breaches


    •  Subscribe in a reader




    May 24 2019

    Maker of US border’s license-plate scanning tech ransacked by hacker, blueprints and files dumped online

    Category: Information Privacy,Security BreachDISC @ 7:08 pm

    Perceptics confirms intrusion and theft, stays quiet on details

    Source: Maker of US border’s license-plate scanning tech ransacked by hacker, blueprints and files dumped online

  • Car Security
  • Security Breach

    •  
    Digital License Plates: Convenience or Privacy Risk?


     Subscribe in a reader




    Tags: digital privacy, license-plate security

    May 20 2019

    Millions of Instagram influencers had their private contact data scraped and exposed

    Category: data security,Security BreachDISC @ 4:04 pm

    Millions of Instagram influencers had their private contact data scraped and exposed

    A massive database containing contact information of millions of Instagram influencers, celebrities and brand accounts has been found online. The database, hosted by Amazon Web Services, was left exposed and without a password allowing anyone to look inside. At the time of writing, the database had over 49 million records — but was growing by […]

    Source: Millions of Instagram influencers had their private contact data scraped and exposed – TechCrunch


     Subscribe in a reader




    May 09 2019

    Hackers exploit Jenkins flaw CVE-2018-1000861 to Kerberods malware

    Category: Security BreachDISC @ 11:30 am

    Hackers exploit Jenkins flaw CVE-2018-1000861 to Kerberods malware

    Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper

    Follow the numbers in blue to understand each step.

    Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper

    Source: Hackers exploit Jenkins flaw CVE-2018-1000861 to Kerberods malware




    DISC InfoSec 🔒 securing the business 🔒 Learn more…

     


     Subscribe in a reader




    Tags: Jenkin flaw, Security vulnerability

    « Previous PageNext Page »