CYBER SECURITY NEWS – WEEK OF APRIL 17, 2023
Hyundai experiences cybersecurity issues
- Automotive manufacturer Hyundai has recently disclosed a breach that has affected an unspecified number of Italian and French car owners as well as individuals who booked a test drive.
- The company notified affected individuals via email. Several of them posted a screenshot of the message on Twitter.
- “I am sorry to inform you that our company has recently learned that an unauthorized third party has had access to some information contained in our customer database,” reads the mail (translated from Italian by Infosecurity journalists). “As soon as we were informed of the incident, we immediately launched an investigation and put in place all measures to contain it.”
- The company added that it also blocked the affected server and removed it from its network.
- Data impacted by the breach included contact information (such as email, addresses and phone numbers) and vehicle data (such as chassis numbers).
KFC, Pizza Hut owner discloses data breach after ransomware attack
- Yum! Brands, the brand owner of the KFC, Pizza Hut, and Taco Bell fast food chains, is now sending data breach notification letters to an undisclosed number of individuals whose personal information was stolen in a January 13 ransomware attack.
- This comes after the company said that although some data was stolen from its network, it has no evidence that the attackers exfiltrated any customer information.
- In the breach notification letters sent to affected people starting Thursday, Yum! Brands revealed that it has now found out the attackers stole some individuals’ personal information, including names, driver’s license numbers, and other ID card numbers.
US scrambles to investigate military intel leak
- Pentagon officials are reportedly racing to identify the source of a leak of military intelligence, which could disrupt Ukraine’s planned spring offensive against Russian troops.
- Scores of slides were published on Discord and Telegram, with some dating back to January, according to The Economist.
- The Pentagon is reported to be leading a cross-government panel to assess what damage has been done, while the Department of Justice has opened a probe into the source of the leak. Senior officials are apparently trying to reassure their counterparts in allied countries.
- The documents are said to contain detailed intelligence that could be of significant strategic use to the Russian military, such as the precise quantity of armor and artillery held by each Ukrainian brigade, the state of its air defenses and location of missile batteries.
Superyacht-maker hit by Easter ransomware attack
- A noted maker of luxury yachts for the super-rich suffered a ransomware attack over the Easter weekend, although it is not clear if sensitive customer information was stolen.
- “In coordination with internal and external experts, we immediately initiated all necessary protective measures and informed the responsible authorities,” a spokesperson reportedly said in a brief statement.
- Local reports suggest that the attack has brought much of the firm’s operations to a standstill, with its Lürssen-Kröger shipyard in Schleswig-Holstein one of the few parts of the company still operational.
Tesla workers shared sensitive images recorded by customer cars
- Tesla Inc assures its millions of electric car owners that their “privacy is and will always be enormously important to us”. The cameras it builds into vehicles to assist driving, it notes on its website, are designed from the ground up to protect your privacy.
- But between 2019 and 2022, groups of Tesla employees privately shared via an internal messaging system sometimes highly invasive videos and images recorded by customers’ car cameras, according to interviews by Reuters with nine former employees.
Adobe reset user password in awake of data breach risks
- The sent password reset emails inform users to change the password for their Adobe ID since they might have been compromised in recent data breaches from other vendors.
- After Adobe detected several events relating to information leakage, they took a countermeasure to protect their user information to eliminate the risk.
- Adobe stated that this is a preventive step to secure user accounts from unauthorized access.
- They have also requested their users change their password on other websites where they have used the same password as that of Adobe.