CYBER SECURITY NEWS – WEEK OF APRIL 24, 2023
American Bar Association data breach hits 1.4 million members
- The American Bar Association (ABA) has suffered a data breach after hackers compromised its network and gained access to older credentials for 1,466,000 members.
- Thursday night, the ABA began notifying members that a hacker was detected on its network on March 17th, 2023, and may have gained access to members’ login credentials for a legacy member system decommissioned in 2018.
- “On March 17, 2023, the ABA observed unusual activity on its network. The incident response plan was immediately activated response, and cybersecurity experts were retained to assist with the investigation,” warns a notification email sent to impacted members and seen by BleepingComputer.
Capita confirms hackers stole data in recent cyberattack
- London-based professional outsourcing giant Capita has published an update on the cyber-incident that impacted it at the start of the month, now admitting that hackers exfiltrated data from its systems.
- More specifically, the firm has found, with the help of security specialists, that hackers accessed roughly 4% of its server infrastructure and stole files hosted on the breached systems.
- “There is currently some evidence of limited data exfiltration from the small proportion of affected server estate, which might include customer, supplier, or colleague data.”
- The company will continue its investigation of the cyber-incident and provide timely updates if evidence that shows an impact on customers, suppliers, or colleagues arises.
US navy contractor Fincantieri marine group hit by cyber-attack
- Fincantieri Marine Group (FMG) acknowledged the incident in a statement to USNI News last week, saying it affected its email server and some network operations.
- “Fincantieri Marine Group experienced a cybersecurity incident last week that is causing a temporary disruption to certain computer systems on its network,” reads the statement.
- “The company’s network security officials immediately isolated systems and reported the incident to relevant agencies and partners. Fincantieri brought in additional resources to investigate the incident and to restore full functionality to the affected systems as quickly as possible.”
- The company – a subsidiary of Italy-based Fincantieri SpA – also clarified that it has no evidence that employees’ personal information was affected.
Australians lost a record $3.1 billion to scams last year
- The Australian Competition & Consumer Commission (ACCC) says Australians lost a record $3.1 billion to scams in 2022, an 80% increase over the total losses recorded in 2021.
- Most of the losses concern investment scams, which accounted for $1.5 billion, followed by remote access scams that resulted in losses of $229 million, and payment redirection scams that cost victims another $224 million.
- According to ACCC, the number of scam reports submitted to Scamwatch last year was just under 240,000, 16.5% lower than in 2021. However, the financial losses per victim rose by 50% to an average of $20,000.
CFPB employee sends 256,000 consumers’ data to personal email
- An employee from the US Consumer Financial Protection Bureau (CFPB) has reportedly forwarded confidential records of roughly 256,000 consumers and confidential supervisory information of approximately 50 institutions to a personal email account.
- “At the time of your notification, you indicated that the investigation was ongoing. You explained that the employee is no longer employed by the agency and that the employee certified they deleted each email,” reads the missive. “However, many questions remain unanswered.”
- Huizenga also asked Chopra to provide a briefing to the committee staff by April 25 to help them “better understand the mitigation and remediation efforts,” as well as the scale of the breach and efforts made to give the appropriate notifications.
Evil extractor targets Windows devices to steal sensitive data
- The attack tool known as Evil Extractor and developed by a company called Kodex as an “educational tool,” has been used by threat actors to target Windows-based machines.
- The claims come from Fortinet security researchers and were described in an advisory published on Thursday.
- “ observed this malware in a phishing email campaign on 30 March, which we traced back to the samples included in this blog. It usually pretends to be a legitimate file, such as an Adobe PDF or Dropbox file, but once loaded, it begins to leverage PowerShell malicious activities,” the company wrote.