United States – Manhunt
https://www.infosecurity-magazine.com/news/dating-service-suffers-data-breach/
Exploit: Hacking
Manhunt: Dating App
Risk to Business: 1.667= Severe
Social network and dating site Manhunt has suffered a data breach. The company filed a declaration with Washington state regulators disclosing that the 20-year-old site was compromised in a cyberattack that took place in February 2021. An unauthorized third party downloaded personal information belonging to some Manhunt users after gaining access to the company’s account credential database. In the notice of data breach, Manhunt revealed that the personal information of an estimated 7,714 Washington residents had been affected, but did not say how many of the site’s approximately 6 million users outside of Washington state were affected.
Risk to Business: 1.667= Severe
The compromised database contained customers’ usernames, email addresses, and passwords. After discovering that a breach had occurred, Manhunt performed a forced reset of all users’ passwords. The stolen information could be used to mount phishing, blackmail and identity fraud attacks.
Customers Impacted: Unknown
How It Could Affect You: Hacking into databases is a profitable enterprise for cybercriminals, especially when juicy personal details are acquired. If you’re storing that kind of information, ensuring that you’re using strong security for information storage is essential.
United States – Eversource Energy
Exploit: Unsecured Database
Eversource Energy: Power Company
Risk to Business: 1.807= Severe
Eversource Energy, the largest energy supplier in New England, has suffered a data breach after customers’ personal information was exposed on an unsecured cloud server. The company serves 4.3 million electric and natural gas customers throughout Connecticut, Massachusetts, and New Hampshire. The unsecured database allegedly contained unencrypted files created in August 2019 that included the personal information of 11,000 Eversource eastern Massachusetts customers.
Risk to Business: 2.177= Severe
Eversource Energy disclosed to customers that the unsecured cloud storage server exposed their name, address, phone number, social security number, service address, and account number. The utility is offering a free 1-year identity monitoring service for impacted customers through Cyberscout.
Customers Impacted: Unknown
How it Could Affect You Unsecured data is a rookie move. Make sure that everyone is following cybersecurity best practices to avoid costly mistakes.
United States – Radixx
Exploit: Malware
Radixx: Software Company
Risk to Business: 2.207 = Severe
Travel software company Radixx has disclosed a data breach caused by a malware attack that has triggered a dayslong outage, snarling reservations systems at about 20 low-cost airlines around the world. The company said it noticed “unusual activity” around its reservations program on Tuesday. It did not describe the malware or say how it got into the program. Radixx’s parent company is travel software giant Texas-based Sabre Corp.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect You: Hacking that disrupts operations has become an increasingly serious problem for businesses that provide services like software and data storage.
United States – Gyrodata
Exploit: Ransomware
Gyrodata: Mining Technology
Risk to Business: 2.463 = Severe
A ransomware attack against mining technology organization Gyrodata has potentially leaked the sensitive information of current and former employees. Gyrodata said it has been the victim of a ransomware attack that led to a possible data breach. So far, the number of potential victims has not been confirmed, though Gyrodata, which is headquartered in Houston, Texas, has multiple offices worldwide in countries including Saudi Arabia, UAE, Ecuador, Malaysia, and Scotland.
Individual Impact: No sensitive personal or financial information was confirmed as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect You: Ransomware has been an increasingly popular tool for cybercriminals to use against targets in the education sector. Preventing it from hitting systems is just as important as protecting data.
United Kingdom – University of Portsmouth
https://www.infosecurity-magazine.com/news/campus-closed-portsmouth/
Exploit: Ransomware
University of Portsmouth: Institution of Higher Learning
Risk to Business: 1.672 = Severe
IT systems at the University of Portsmouth were knocked offline this week after a supposed ransomware attack, delaying the start of the new term. Although it was due to open on Monday for the start of the summer term, the university campus will continue to remain closed to students until at least 04/30/21 due to an inability to access online learning or data tools.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect You: Ransomware, especially targeted ransomware, is the weapon of choice for cybercrime, and ransoms have been skyrocketing as criminals grow more brazen about disrupting business operations and holding them hostage until they’re paid.
France – Laurent Perrier
Exploit: Ransomware
Laurent Perrier: Champagne Maker
Risk to Business: 2.217 = Severe
French Champagne giant Laurent Perrier had fallen victim to ransomware. The company is beginning investigation and recovery, but some IT systems are still offline, impacting production and delivery. The French champagne house is the main company of the Laurent-Perrier Group, whose other flagship brands include the houses of Salon, De Castellane and D.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect You: Cybercriminals love ransomware because it is easy and profitable. Companies need to pay close attention to ransomware trends to stay out of their clutches.
Australia – ClickStudios
Exploit: Hacking
ClickStudios: Password Security Software Company
Risk to Business: 2.112 = Severe
Researchers report that password manager maker ClickStudios suffered a breach, sometime between April 20 and April 22, which resulted in the attacker dropping a corrupted update to its password manager Passwordstate. A zip file contained a dynamic link library with the malicious code, according to the blog. The associated malware dubbed Moserpass – which was in the file name of a malicious dll found by researchers – called out to a command and control server to execute the next stage of the attack. However, that server went down before CSIS Security Group could grab and examine any second-stage malware that might have been used in follow-up operations. The compromise is under investigation.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect You: Ransomware is the weapon of choice for cybercrime, and ransoms have been skyrocketing as criminals grow more brazen.
Taiwan- Quanta
Exploit: Ransomware
Qanta: Technology Manufacturing
Risk to Business: 1.661 = Severe
Apple supplier Qanta is dealing with a suspected ransomware incident. Quanta Computer is a manufacturer of many flagship Apple products, including its MacBook line. Russian hacker group REvil is the culprit. The gang says that it has had accessed confidential data from the Taiwan-based contract manufacturer’s servers. the data includes stolen blueprints for unreleased products, and the hackers are threatening to release more. data after posting samples on their hack site. The ransom demand is rumored to be in the tens of millions of dollars and the cybercriminals are demanding payment by May 1.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect You: Cybercrime is around every corner, especially ransomware. Protecting sensitive data like schematics and blueprints is vital for components and technology manufacturers, especially for new products.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
No comments:
Post a Comment