Wednesday, February 10, 2021

Breached

United States – USCellular

https://www.techtimes.com/articles/256503/20210129/uscellular-data-breach-hackers-gained-access-users-personal-pin-code.htm

Exploit: Credential Compromise

US Cellular: Mobile Phone Company 

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.379 = Extreme 

USCellular, the fourth largest mobile network in the US, has suffered a data breach after a successful malware attack. Hackers used malicious code disguised as a routine software update to gain access to systems including its Customer Relationship Management (CRM) and client records. This is not USCellular’s first time at this rodeo – the company has had consistent information security problems. 

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.321 = Extreme 

USCellular advised customers that their account records including name, address, PIN code, and cellular telephone numbers(s) as well as information about the customer’s wireless services including service plan, usage and billing statements, personal information, PIN code, service plan, and billing statements might have been compromised. However, data such as social security numbers and credit card information remained inaccessible to the hackers. Clients should be wary of spear phishing, business email compromise and identity theft using this information.

Customers Impacted: 4.9 million

How it Could Affect Your Business: Data like this is sought-after by cybercriminals to power phishing operations. Unfortunately for these folks, it often hangs around for years on the Dark Web, acting as fuel for future cybercrime.

United States – DSC Logistics

https://www.freightwaves.com/news/ransomware-attack-targets-major-us-logistics-firm-dsc

Exploit: Ransomware 

DSC Logistics: Shipping and Freight Logistics 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.775 = Severe

DSC logistics received an unwelcome delivery of Egregor ransomware. The attack was announced on the gang’s ransomware site. The company noted that it was successfully able to continue operations without incident. DSC has called in outside experts to investigate, and declined to comment on whether any data was stolen.

Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing. 

Customers Impacted: Unknown

How it Could Affect YourBusiness Ransomware has been a plague on every industry, but freight and logistics companies have been hit especially hard in recent months.



United States – Nissan North America

https://www.industryweek.com/technology-and-iiot/article/21151660/data-leak-hits-nissan-north-america

Exploit:  Misconfiguration

Nissan North America: Automotive Manufacturer 

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.779 = Moderate 

Nissan North America recently suffered a data breach that resulted in source code for its mobile apps and internal tools turning up online. The data leak is reportedly the result of a misconfigured Git server. The source code is reported by a security researcher to pertain to Nissan NA Mobile apps, some parts of the Nissan ASIST diagnostics tool, the Dealer Business Systems and Dealer Portal, Nissan internal core mobile library, Nissan/Infiniti NCAR/ICAR services, client acquisition and retention tools, sale and market research tools and data, various marketing tools, the vehicle logistics portal and vehicle connected services.

Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing. 

Customers Impacted: Unknown

How it Could Affect Your Business: Keeping data safe from hackers starts with keeping data secure by using strong identity and access management tools across the board and basic security protocols like multifactor authentication.


United Kingdom – UK Research and Innovation (UKRI)

https://www.bleepingcomputer.com/news/security/uk-research-and-innovation-ukri-suffers-ransomware-attack/

Exploit: Ransomware

UKRI: Scientific Research Agency 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.411 = Severe

The UK Research and Innovation (UKRI) agency is now researching a ransomware incident that encrypted data and impacted its proprietary services. The impacted services include a service offering information to subscribers and the platform for peer review of various parts of the agency. The agency has not yet disclosed if data was stolen or any other impact, and the incident is under investigation. UKRI is a public body of the Government of the United Kingdom, tasked with investing in science and research, and it’s generous budget may have made it an attractive target for ransomware. 

Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing. 

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware is a huge risk for every business, and it’s essential that everyone in your team is on board to spot and stop ransomware attacks.



UK- Mensa

https://www.forbes.com/sites/barrycollins/2021/01/30/britains-smartest-peoplemensafail-to-secure-passwords-properly/?sh=25d023bf43f5

Exploit: Password Compromise

Mensa: Intellectual Club 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.827 = Severe 

Mensa UK experienced a hack on its website that has resulted in the theft of members’ personal data. The organization had reportedly failed to secure the data of its 18,000 members properly. The stored passwords of Mensa members who accessed the site were not hashed or encrypted in any way, with some sent and stored in plain text, making it a snap for hackers to gain entry. The hackers were able to access and use a Director’s password, to extract an indeterminate amount of information including personal details of members and private conversations conducted on the platform. 

Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing. 

Customers Impacted: 21,000

How it Could Affect You: Password compromise is a constant menace for companies that don’t use contemporary safety protocols like multifactor authentication, let alone handling passwords in plain text files.



Austria – Palfinger

https://www.bleepingcomputer.com/news/security/leading-crane-maker-palfinger-hit-in-global-cyberattack/

Exploit: Ransomware

Palfinger: Crane Manufacturer

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.006 = Severe 

Crane manufacturer Palfinger is targeted in an ongoing cyberattack that has disrupted IT systems and business operations. The company notes that its enterprise resource systems and many online or digital functions are unavailable to customers. No information is available on the kind of ransomware involved or an expected date for service restoration.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware is almost always the result of a phishing attack, and it’s been a constant danger for healthcare organizations around the world as the global pandemic continues.




Hong Kong – Dairy Farm

https://www.bleepingcomputer.com/news/security/pan-asian-retail-giant-dairy-farm-suffers-revil-ransomware-attack/

Exploit: Ransomware

 Dairy Farm: Retail Conglomerate 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.616 = Severe 

Enormous Pan-Asian retailer Dairy Farm is the latest victim of REvil ransomware. The attackers claim to have demanded a $30 million ransom. As proof, REvil has released images of the company’s Active Directory Users and Computers MMC. The attackers claim to still be in control of the company’s computer systems, including full control over Dairy Farm’s corporate email, which they state will be used for phishing attacks. 

Individual Risk: No personal or business data was reported as confirmed to be stolen in this incident that is still under investigation. 

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware is the weapon of choice of most of today’s cybercriminals, and it can strike any business of any size from corner stores to retail giants.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

No comments:

Post a Comment

Newsletter April 2024