Data Breaches News and Analysis
360,000 Quebec teachers PII possibly compromised
The PII of at least 51,400, and possibly as many as 360,000 educators, in Quebec Province was exposed when a malicious actor obtained login credentials to the Ministère de l’Éducation et de l’Enseignement supérieur network. The ministry received confirmation of the breach on February 19 noting in a statement that a single database was accessed…
MGM admits to 2019 data breach affecting 10.6 million customers
MGM Resorts has confirmed there was unauthorized access to one of the company’s cloud servers in 2019 that contained information on a reported 10.6 million guests, possibly including several high-profile guests. MGM did not confirm the number of people involved, but ZD Net working with the new security firm Under the Breach reportedly found data…
Cyberinsurance: The value from an incident response lens
Cyberinsurance is not new to the scene, and an increasing number of organizations are accepting its critical role in safeguarding them against costly cybersecurity incidents. Yet recently, we’ve seen ongoing discussion of its overall value to organizations, as well its net impact to the state of cybersecurity. As pundits discuss, debate, and ponder, crippling cyber…
Idaho Central Credit Union reports two breaches
Idaho Central Credit Union has started informing some customers of two data breaches that impacted the financial institution The first instance cropped up on November 5, 2019 when some suspicious behavior was noted. A breach was confirmed three days later, reported BoiseDev. A data breach notice was sent on February 6, 2020 after a two-month…
Rutter’s convenience stores suffer POS data breach
The Pennsylvania and West Virginia convenience store chain Rutter’s was subjected to a POS skimming attack for at least seven months affecting card readers inside some stores and at gas pumps. Rutter’s was informed of the problem by a third party and on January 14, 2020 a company investigation confirmed a data breach did take…
No glossing this over: Leaky Estée Lauder database exposes 440M records
The Estée Lauder Companies Inc. accidentally left over 440 million records publicly exposed after failing to password-protect a corporate database, according to a researcher who spotted the oversight. The misconfigured database was found to contain emails in plain text, including those sent from internal email addresses; references to reports and internal documents; and IP addresses,…
U.S. indicts four Chinese military members over Equifax breach
The U.S. Department of Justice has charged four members of the Chinese People’s Liberation Army with nine criminal counts, accusing them of orchestrating and carrying out the 2017 hack of credit reporting agency Equifax. An indictment returned by a federal grand jury in Atlanta and unveiled today by the DOJ alleges that Beijing residents Wu…
Malware attacks destroy Fondren Orthopedic Group patient records
The Fondren Orthopedic Group is notifying its patients that their personal health information was compromised during a November 2019 malware incident. Fondren did not specify what type of attack took place, but in a letter to patients the group stated the PHI of both current and former patients was either exposed or damaged beyond recovery.…
Ashley Madison breach victims further embarrassed by ransom demands five years later
Five years after a high-profile data breach of an infidelity website where users could meet to start an extramarital affair, users of Ashley Madison are now increasingly finding themselves victimized by extortion plots to pay about $1,000 in bitcoins to save them further embarrassment. The current scheme, uncovered by Vade Secure threat analyst Damien Alexandre,…
Indian airline hacked, vulnerability exposed by ethical hacker
An apparent data breach of Indian airline SpiceJet calls into question white-hat tactics to expose network vulnerabilities and protocol. The airline’s hack, compromising the data of more than 1.2 million passengers, including Indian government officials, was first reported by TechCrunch, which learned of the incident through an unnamed security researcher, who referred to his actions…
Hackers ran ad scams after hijacking account at Facebook data partner LiveRamp
Hackers took over the account of an employee at LiveRamp – one of Facebook’s significant data partners and a marketer extraordinaire that helps advertisers target ads – to access its Business Manager account and launch a campaign to run scam ads, tapping other user accounts to pay for them and deceiving customers. “The instance to…
Report: United Nations withheld news of systems hack in European offices
Officials at the United Nations reportedly discovered last August that hackers had compromised its IT systems in Geneva and Vienna last summer, but the cyber espionage attack remained undisclosed until it was revealed on Wednesday in an exposé by The New Humanitarian (TNH). TNH, which once operated under the auspices of the UN Office for…
LabCorp suffers second data incident, patient PHI potentially exposed
LabCorp has confirmed that its internal system was accessed by an unauthorized person but would not give any further details pertaining to the number of people or types of data possibly affected. In a statement to SC Media, LabCorp said it has determined that an internal company system used by its Integrated Oncology business was…
Wawa customer payment card data for sale
Cybercriminals have attempted to sell customer payment card data likely pilfered from a Wawa POS breach discovered in December. The Pennsylvania-based convenience store and gas station operator said in a release that it had asked its payment card processor, payment card brands and card issuers to tick up their fraud monitoring in light of the…
Citrix fixes bug used in ransomware attacks; Auto maker GEDIA falls victim to exploit
Citrix over the last six days has been releasing firmware updates to fix CVE-2019-19781, a critical remote code execution vulnerability in its Citrix Application Delivery Controller, Citrix Gateway and SD-WAN WANOP products, which cybercriminals have actively exploited in an attempt to deliver ransomware, backdoors and coin miners. The Fort Lauderdale, Fla.-based software company has now…
Privacy takes a hit, as storage bucket leaks cannabis dispensary POS data
A misconfigured Amazon Web Services S3 storage bucket was discovered leaking data that had been collected by a point-of-sale system used by multiple cannabis dispensaries, researchers from vpnMentor reported on Wednesday. The exposed bucket, which was found on Christmas eve and closed by Jan. 14, was found to contain more than 85,000 files. These included…
Best practices for reducing third-party risk
The simple truth is that the security measures organizations put in place are not enough to protect them from threats. Third parties can present the greatest area of risk exposure — both for data security and for regulatory compliance. It is much easier for hackers to penetrate smaller third-party vendors to get to larger business…
Microsoft database misconfiguration exposes 250M customer support records
Microsoft last December misconfigured five Elasticsearch servers – each one containing the same data set of 250 million customer support records – leaving their information publicly exposed on the internet, according to researchers. The data leak was detailed today in a blog post by pro-consumer website Comparitech and separately disclosed in a Microsoft Security Response…
Phishing campaign leads to UPS Store data breach
In a data breach notification letter to customers, The UPS Store has disclosed that an unauthorized party successfully devised a phishing scheme to gain entry into the email accounts of numerous store locations. The breach exposed information contained within documents that customers emailed to stores for printing and related services, the San Diego-based subsidiary of…
Mitsubishi Electric discloses June 2019 breach; Tick hacking group reportedly blamed
Japanese manufacturer Mitsubishi Electric has acknowledged its discovery last June of a data breach perpetrated by an unauthorized third party that accessed both personal employee information and corporate materials. The public disclosure came amid multiple English and Japanese news sources publishing details on the incident [1, 2, 3, 4, 5], which experts believe may be…
