Cybersecurity news provided by NetworkTigers on Monday, 12 April 2021.
CLAREMONT, CA — Dark web marketplace hacked, Facebook decides not to notify users involved in data breach, University of Colorado still suffering fallout from data breach, Linkedin user data for sale on hacker forum, Kentucky state unemployment website shutdown after cyberattack, cyberattacks against EU institutions, SAP applications targeted, malware compromises Singapore job-matching website, ransomware attack on French electronics manufacturer, multiple universities affected by Accellion breach, Connecticut DMV hit with cyberattack.
Black market credit card marketplace hacked
Swarmshop, a dark web marketplace specializing in the buying and selling of credit card information, has been hacked. The breach has leaked not only the data of those active in the site’s marketplace, but also the information for sale. This has resulted in the exposure of over 600,000 credit cards. The cards originated from banks in a variety of countries including the US, Mexico, Brazil, France, and Saudi Arabia. The hack occurred in March, and is the third such incident involving an attack against an underground hacker forum that month. Read more.
Facebook opts not to notify users involved in data breach
Facebook has decided not to notify the 530 million individuals who have had their data exposed after a trove of the social network’s user information was posted on an amateur hacking forum. The company’s statements have continued to refer to the fact that the information originated from 2019 and that the vulnerability used to obtain it has been long fixed. While the information does not contain sensitive financial data, health data, or passwords, experts still warn that hackers can do serious damage even with just what’s available in the data pool such as names and phone numbers. Read more.
University of Colorado still reeling from ransomware attacks
The University of Colorado is continuing to suffer from the fallout of a data breach related to its use of Accellion’s third party file sharing platform. Both the university as well as the many individuals who have had their data exposed in the hack are receiving ransom demands as cybercriminals threaten to post stolen data on the internet. It is believed that this may be the largest breach yet to affect a university. The college staff is urging all those who receive such messages to not respond and is providing victims with free credit monitoring services. Read more.
LinkedIn user data for sale on hacker forum
Cybersecurity news and research site CyberNews reports that the data from 500 million LinkedIn users has been posted for sale on a forum popular with hackers and cybercriminals. LinkedIn states that the data is actually scraped from multiple sources and is not the result of a breach on the platform. The information is not as sensitive as credit card numbers or Social Security data, but can still be used to target people for scams or robocalls. The huge number of users affected amount to around 75% of LinkedIn’s total user base. Read more.
Kentucky state unemployment site shut down after cyberattack
Kentucky’s state unemployment website will be shut down for four days after being hit with a massive cyberattack. The shutdown is said to be required to enhance the system’s security with new features, including requiring users to use longer PIN numbers. It is reported that weak, easily-guessed PIN numbers played a significant role in the site’s vulnerability to hackers. It is currently unclear if the attack was carried out by one individual or a group of criminals. Read more.
Disclosures regarding data breaches drop
Audit Analytics has released a report titled “Trends in Cybersecurity Breach Disclosures” that states that public disclosures of data exposures and hacks have dropped in 2020. This is despite the fact that such cyber attacks have increased in frequency. The report also found that of the breaches disclosed, many did not specify the type of the attack or the nature of information exposed. Additionally, the report provides data regarding what kinds of information is most vulnerable, and the time taken to both discover and disclose breaches. Read more.
“Significant” cyberattack carried out against EU Institutions
Bloomberg reports that a cyberattack has been launched against several European Union institutions. Conclusive information regarding the attack has not yet been posted with a commission spokesperson referring to the hack as an “IT security incident.” No breach of critical information has been detected, however the attack was larger than most and was serious enough to have warranted the attention of senior officials. Read more.
CISA: SAP application targeted by malicious cyber activity
According to security researchers from Onapsis, SAP systems that are not properly configured or require updating remain at high risk for attack. The threats observed could lead to full control of SAP applications and, according to a statement from CISA, result in “theft of sensitive data, financial fraud, disruption of mission-critical business processes, ransomware, and halt of all operations.” Users of SAP are encouraged to read the report and apply recommended updates. Read more.
Malware compromises data of Singapore job-matching site
Singapore-based job matching platform e2i is reporting that around 30,000 users may have had their data compromised in a breach resulting from a malware attack against a third party vendor. e2i has contacted the appropriate authorities, but is facing backlash over the length of time it has taken the company to formally acknowledge the breach given that it was discovered nearly a month ago. The company has stated that it was not the direct target of the hack and will conduct further review of the cybersecurity measures taken by its third party vendors. Read more.
French electronics manufacturer suffers ransomware attack
According to online researchers, world-leading French electronics manufacturer Asteelflash has been hit with a cyberattack from the REvil ransomware gang, also known as Sodinokibi or Sodin. Reports show that the gang was originally demanding a $12 million ransom, but doubled their price to $24 million when the company did not comply. Thus far, Asteelflash has not made a public statement regarding the hack. Read more.
Multiple universities affected by Accellion breach
Data has recently surfaced on the dark web that has been found to be associated with students and staff from the University of Colorado, Yeshiva University, Stanford University, the University of Maryland, Baltimore; the University of Miami, the University of California, and Merced. Victims have received threatening emails and snippets of the data have been shared on Clop, a website known to facilitate ransomware demands. The breach of data is said to be associated with a vulnerability in Accellion software that was discovered and exploited by criminals at the start of the year. Read more.
Connecticut DMV hit with cyberattack
The Connecticut Department of Motor Vehicles is unable to perform emissions testing due to an attack that took its network offline. Reported to be an attempted malware attack, it is still unknown if personal information was accessed during the breach. It is also unknown when the system will be back online, as authorities and technicians work to ensure that the network is completely free from malware. The issue is reported to have affected eight states, and the FBI has been informed of the breach. Read more.
More cybersecurity news
Read more cybersecurity news and articles brought to you by NetworkTigers.
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses and individuals globally. www.networktigers.com
Mike Syiek, CEO
1029 S. Claremont Ave
San Mateo, CA 94402