CYBER SECURITY NEWS – WEEK OF AUGUST 28, 2023
Data breach at French govt agency exposes info of 10 million people
- Pôle emploi, France’s governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals.
- “Pôle emploi became aware of the violation of the information system of one of its providers involving a risk of disclosure of personal data of job seekers,” reads the press release.
- Although the agency does not specify the number of impacted individuals, Le Parisien reports an estimate of 10 million people to be impacted.
- This is based on the fact that 6 million people had registered in one of Pôle emploi’s 900 job centers by February 2022, and another 4 million had done so in the previous 12 months prior to the attack, but their data hadn’t been deleted from the agency’s systems yet.
University of Minnesota investigates alleged data breach involving 7 million alumni
- The University of Minnesota has contacted law enforcement and launched an investigation into a data breach that could impact millions of alumni. A hacker claimed to have collected 7 million Social Security numbers in July.
- The university hasn’t explicitly confirmed it, but administrators discussed their investigation Tuesday.
- A dark web dumping ground included details last month of the data breach involving University of Minnesota students dating back to 1989, the days of Nils Hasselmo, five university presidencies and 34 years ago.
- The cybersecurity expert says he hasn’t tracked down student Social Security numbers or any other related data in the usual underground marketplaces.
Discord notifies users of data breach impacting 180 accounts
- Discord, the popular communications server with approximately 150 million monthly users, has recently started notifying a subset of its user base about a data breach that occurred in March.
- The breach, which was publicly acknowledged by Discord in May 2023, impacted a total of 180 accounts, according to a data breach notification filed with the Office of the Maine Attorney General.
- The incident stands in contrast to the recent breach of the third-party service Discord.io, which affected a staggering 760,000 users and led to the temporary shutdown of the website.
- Discord.io, a platform enabling Discord users to generate customized links for their channels, suffered a major breach on August 14. The attacker exploited a vulnerability within the website’s code, subsequently auctioning off stolen data, including hashed passwords, billing information, and Discord IDs.
Cyberattack disrupts major Mississippi health system
- Numerous internal systems have been taken down by major Mississippi health system Singing River Health System following a cyberattack last week, according to The Record, a news site by cybersecurity firm Recorded Future.
- Despite the shutdown of certain internal systems following the detection of unusual network activity, SRHS disclosed that workarounds have been implemented to ensure the partial continuation of business operations amid ongoing efforts to restore offline systems.
- However, no further details regarding the attack have been provided by a health system spokesperson, who only noted that all of the systems of SRHS have been taken offline.
National intelligence office issues cyber warning for government and commercial satellites
- The Office of the Director of National Intelligence, in coordination with the FBI, the National Counterintelligence and Security Center, and the Air Force Office of Special Investigations, issued a warning about increased attempts to attack both satellites in orbit and the intellectual property of companies developing space technologies.
- The warning comes just about a month after three teams at the DEF CON 23 convention in Las Vegas managed to successfully hack a government satellite in orbit. Those attacks were conducted with the full permission of the government as part of the U.S. Space Force’s Hack-A-Sat competition.
- In addition to hacking, the recent warning points out that other less technical tactics are also being used to try and compromise or steal information about U.S. space technologies. The warning states that “Foreign intelligence entities (FIEs) use cyberattacks, strategic investment (including joint ventures and acquisitions), the targeting of key supply chain nodes and other techniques to gain access to the U.S. space industry.
Scraped data of 2.6 million Duolingo users released on hacking forum
- The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information.
- In January 2023, someone was selling the scraped data of 2.6 million DuoLingo users on the now-shutdown Breached hacking forum for $1,500.
- This data includes a mixture of public login and real names, and non-public information, including email addresses and internal information related to the DuoLingo service.
- While the real name and login name are publicly available as part of a user’s Duolingo profile, the email addresses are more concerning as they allow this public data to be used in attacks.