SAN MATEO, CA, July 4, 2022 — Cybersecurity news weekly roundup. Stories, news, politics and events impacting the network security industry during the last week. Brought to you by NetworkTigers.
- Chinese police database leaked
- Google blocks domains used by hackers
- Book publisher goes offline after cyberattack
- NFT marketplace announces data breach
- Majority of Q1 cyberattacks preventable
- California DOJ leaks personal information of gun owners
- Chinese influence campaign targets rare earth firms
- Russian “Killnet” hacker group claims credit for Lithuania hack
- Iranian steel company stops production after hack
- Harmony offers $1M bounty for info related to hack
Chinese police database leaked
In what is likely to be China’s largest data breach, a database said to contain information related to 1 billion Chinese residents has been listed for sale on Breach Forums. For 10 Bitcoin, one can purchase several terabytes purportedly from the Shanghai National Police. The relatively low price for the information has resulted in much debate regarding its legitimacy, although many users are seemingly confident in its authenticity. Read more.
Google blocks domains used by hackers
In an effort to combat cybercrime, Google has blocked dozens of domains and websites used by hacker groups to sell their services. These hack-for-hire groups are usually composed of individuals that are directly involved in malicious activity. Hired to launch attacks on the behalf of these without the training to do so, or to conceal the identity of the client, hackers for hire target organizations all over the world. Read more.
Book publisher goes offline after cyberattack
Macmillan, one of the US’s largest book publishers, has reported that it had to take its IT systems offline following a cyberattack. While the company has not revealed the nature of the incident, the encryption of their data implies that it was a ransomware attack. No group has taken credit for the attack, which also saw Macmillan close physical offices in New York. Read more.
NFT marketplace announces data breach
NFT marketplace OpenSea has revealed that it has suffered a data breach that originated with Customer.io, a third party email vendor. A Customer.io employee downloaded and shared email addresses belonging to those who subscribe to OpenSea’s newsletter or have an account with the site. The leaked email addresses can be used to create phishing attacks. Read more.
Majority of Q1 cyberattacks preventable
A quarterly report from Tetra Defense has revealed that the majority of cyberattacks in the first part of the year were preventable and carried out against unpatched systems using known vulnerabilities. More than half of the attacks that resulted from a “user action” were due to individuals downloading harmful attachments or otherwise interacting with a malicious document or attachment. Read more.
Unemployment benefits disrupted due to cyberattack
Thousands of people across a number of US states have had their unemployment benefits disrupted due to a cyberattack that has affected Geographic Solutions, Inc., a third party vendor. It is currently unclear if the attack was due to ransomware or a different kind of hack, but the company has reported that no information was stolen and no personal data was accessed. Read more.
California DOJ leaks personal information of gun owners
The California Department of Justice is coming under scrutiny after reporting that it leaked 10 years of data pertaining to individuals who have received or sought a concealed-carry permit in the state. Leaked details include names, home addresses, criminal record information, birth dates and more. The leak is reported to have taken place when the DOJ updated its Firearms Dashboard Portal. The state’s attorney general has opened an investigation into the incident. Read more.
Chinese influence campaign targets rare earth firms
Researchers have uncovered a Chinese influence campaign that has been using thousands of illegitimate social media accounts to voice concern over rare earth plants in order to defend the country’s place in the industry. Targeted companies are based in the US, Canada and Australia. Dubbed “Dragonbridge,” the campaign illustrates the tactics that China will likely continue to use as it works to create grassroots disapproval regarding threats to its rare earth market dominance. Read more.
Russian “Killnet” hacker group claims credit for Lithuania hack
A cyberattack affecting both private and government websites in Lithuania was deployed in retaliation for the country’s limiting of the transport of steel and metal due to UN sanctions. Pro-Moscow hacker gang Killnet has claimed credit for the attack, with Russia stating that Lithuania and the European Union is in violation of agreements put in place prior to Russia’s invasion of Ukraine. Read more.
Iranian steel company stops production after hack
A cyberattack has caused one of Iran’s largest steel companies to halt their production, marking a major cybersecurity incident within the country’s industrial sector. The company’s IT team was able to prevent the attack from creating any damage that could affect the supply chain. Iran has yet to cast blame for the hack, but has historically named both the US and Israel as responsible parties for past cyberattacks. Read more.
Harmony, reeling from the theft of $100 million in crypto, is offering a $1 million bounty for information that could lead to reclaiming of the stolen funds. Additionally, Harmony has pledged to not press charges against the thieves if the money is returned. According to a tweet, Harmony has discovered the address of the hacker who breached their system and is working with national authorities on the case. Read more.