Last week, there were data breaches and cyber attacks from a range of industries, with more updates from some companies after investigation of their attacks. Not only that, companies that breached privacy and security laws were fined. Furthermore, new vulnerabilities and patches have been found.
Read on to receive a quick summary of what happened this week in the space of cybersecurity. Amazon Ring & Alexa accused of nightmare loT security by FTC. America’s FTC has fined Amazon $30.8 million for multiple privacy violations. Pertaining to Ring, violations include allowing employees and third-party contractors to have unrestricted access to consumers’ private videos but employees can also download them, and then view, share or disclose those videos. They also fail to implement basic privacy and security protections, even though allegedly Ring was aware of their susceptibility to cyber attacks, enabling hackers to control consumers’ accounts, videos and cameras. The complaint details one employee who had viewed “thousands of videos belonging to at least 81 unique female users”. It was claimed that the employee had spent more than an hour a day on them, and was undetected by Ring for months. For Alexa, the complaint was over their data-retention policies. FTC alleged that “Amazon retained children’s recordings indefinitely unless a parent requested such information to be deleted”, and even when such a request was made, Amazon “failed to delete transcripts of what kids said from all its databases”. Harvard Pilgrim Health Care ransomware attack - 2.5 million people affected. Harvard Pilgrim Health Care (HPHC) disclosed that they had suffered a ransomware attack in April 2023. The investigation identified that the threat actors had stolen sensitive data of 2,550,922 current and former members from their compromised systems. Sensitive information stolen includes: full names, addresses, phone numbers, birth dates, health insurance account information, social security numbers, provider taxpayer identification numbers and clinical information (medical history, diagnoses, treatment, dates of service and provider names). HPHC clarified that this attack impacted current and former members of Harvard Pilgrim, who had a registration starting on 28 March 2012. It is highly recommended for members of HPHC to exercise caution when receiving unsolicited messages and maintain vigilance over an extended period. Toyota discovered more misconfigured cloud servers leaking customer information. Toyota has found 2 additional misconfigured cloud services that have leaked car owners’ personal information for over 7 years. This was found after an investigation was conducted due to a misconfigured server that exposed the location data of over 2 million customers for 10 years. Exposed personal information include name, address, phone number, email address, customer ID, vehicle registration number and vehicle identification number (VIN). Rural Idaho Hospitals had to divert patients due to cyber attack. Mountain View Hospital and Idaho Falls Community Hospital and its affiliated clinics had to divert ambulances and patients to other facilities as they recovered from a cyberattack discovered last Monday. As of Wednesday, Idaho Falls Community Hospital, which runs the emergency department, was still diverting ambulances to other hospitals. Partner clinics are also limiting some patient services, while some clinics such as Mountain View RediCare were closed due to the attack on their computer systems. The affected facilities have reverted to using paper for patient charting as electronic medical records and other IT systems have been taken offline. Sports Warehouse fined $300,000 over data breach that exposed payment card data. Online sports retailer, Sports Warehouse, has been fined $300,000 by New York state over the data breach that impacted over 1 million U.S consumers, and also agreed to overhaul their security program. This was after investigators found that the retailer had been storing nearly 20 years’ worth of payment card data on their server in plaintext format, and only protected by a password, which the attacker guessed. The breach exposed most payment card data from 2002 to 2021, which includes customer names, addresses, card numbers, CVVs and expiration dates. This breach caused 1.8 million customers’ non-expired payment cards and 1.2 million customers’ login credentials (email and password) to be exposed. Hackers exploit critical Zyxel firewall flaw. Hackers are exploiting Zyxel's critical firewall flaw to install malware. The flaw, which is present in the default configuration of impacted firewall and VPN devices, can be exploited to perform unauthenticated remote code execution. CISA has published an alert to warn that this vulnerability is being actively exploited by attackers, and has urged federal agencies to apply the available update by June 21, 2023. Zyxel has released patches for this vulnerability on April 25, 2023, and has warned users of the following product versions to apply these update to resolve the vulnerability: ATP – ZLD V4.60 to V5.35, USG FLEX – ZLD V4.60 to V5.35, VPN- ZLD V4.60 to V5.35, ZyWALL/USG – ZLD V4.60 to V4.73. Burton Snowboards admitted data breach on February cyber attack. After investigation, Burton Snowboards notified customers of a data breach whereby some of their personal information was “potentially” accessed or stolen during a cyber attack in February. The February cyber attack caused a system outrage and forced the company to cancel online orders. The potential customers’ information stolen or viewed may include their names, social security numbers, and financial account information. In response to the breach, account’s passwords of affected customers were reset. As of 2 June, Burton has not received reports related to the misuse or attempted misuse of customers’ personal information. WordPress force installs a Jetpack security patch for over 5 million sites. WordPress.com owner Automat has begun force installing a Jetpack security patch on millions of websites to address a critical vulnerability found in the Jetpack plug-in. This critical vulnerability could be used by authors on a site to manipulate any files in the WordPress installation. Jetpack 12.1.1, started to automatically roll out to all WordPress websites using the plug-in, and as of 30th May, it has already been installed on more than 4,130,000 sites using every version of Jetpack since 2.0. It is also cautioned that while there are no signs that the bug has been abused in attacks, website admins must ensure that their sites are secured since attackers will probably pick up on the flaw’s details and create exploits targeting unpatched WordPress websites. Dark Pink hacking group continues to target government and military organizations. Dark Pink APT hacking group continues to be active in 2023. They were observed targeting government, military and education organizations in Indonesia, Brunei and Vietnam. This hacking group has been active since mid-2021, mainly targeting entities in the Asia Pacific region, as exposed by a Group-IB report. Despite previous exposure, Dark Pink has not shown signs of slowing down, rather Group-IB has identified at least 5 attacks since their publication. Group-IB reports that Dark Pink now demonstrates a variety in its data exfiltration method. Most likely, these attackers will continue to update their tools and diversify their methods as much as possible. Microsoft researchers found macOS bug that let hackers bypass SIP. Apple has recently patched a vulnerability that allows threat actors with root privileges bypass System Integrity Protection (SIP) to install “undeletable” malware and access victim’s private data by evading Transparency, Consent and Control (TCC) security checks. Apple has released security updates on 18 May for macOS Ventura 13.4, macOS Monterey 12.6.6, and macOS Big Sur 11.7.7. Comments are closed.
|
Archives
June 2024
Categories
All
|
© 2021, TAFA HOLDINGS (S) PTE LTD. ALL RIGHTS RESERVED
|