CYBER SECURITY NEWS – WEEK OF DECEMBER 11, 2023
Navy contractor Austal USA confirms cyberattack after data leak
- Austal USA, a shipbuilding company and a contractor for the U.S. Department of Defense (DoD) and the Department of Homeland Security (DHS) confirmed that it suffered a cyberattack and is currently investigating the impact of the incident.
- The Hunters International ransomware and data extortion group claimed to have breached Austal USA and leaked some information as proof of the intrusion.
- Hunters International threaten to publish more data stolen from Austal’s systems in the following days, including compliance documents, recruiting information, finance details, certifications, and engineering data
Central Virginia transit system affected by cyber incident
- The organization that runs the transit system for central Virginia dealt with a computer network disruption due to a cyberattack around the Thanksgiving holiday.
- A spokesperson told Recorded Future News that around Thanksgiving they experienced a network disruption that “temporarily impacted certain applications and parts of the GRTC network.”
- The Play ransomware gang took credit for the attack, posting the organization on its leak site on Thursday. The group gave GRTC until December 13 to pay an undisclosed ransom.
GST Invoice Billing Inventory exposes sensitive data to threat actors
- GST Invoice Billing Inventory, a business accounting app for small and medium businesses with over 1M downloads has left a database open, exposing sensitive personal and corporate data up for grabs.
- This means that threat actors can get their hands on API (application programming interface) keys, Google Storage buckets, and unprotected databases and exploit that information simply by analyzing publicly available information about apps.
- With over 1 million downloads, the app is used by businesses to send invoices, bills, and estimates, track expenses and receipts, manage inventory, and send financial statements, among other things.
East River Medical notifies over 605k patients of data breach affecting their SSNs
- East River Medical Imaging filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after determining that suspicious activity on its IT network was related to a cyberattack.
- In this notice, ERMI explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, contact information, insurance information, and medical information.
- Upon completing its investigation, ERMI began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
HTC Global Services confirms cyberattack after data leaked online
- IT services and business consulting company HTC Global Services has confirmed that they suffered a cyberattack after the ALPHV ransomware gang began leaking screenshots of stolen data.
- While HTC has not posted a statement to the company website, they issued a brief announcement on X confirming the attack.
- The leaked data includes passports, contact lists, emails, and confidential documents allegedly stolen during the attack.
Fortune-telling website WeMystic exposes 13m+ user records
- WeMystic, a website on astrology, numerology, tarot, and spiritual orientation, left an open database exposing 34GB of sensitive data about the platforms’ users.
- According to Security Affairs team, WeMystic left an open and passwordless MongoDB database containing 34 gigabytes of data related to the service as part of the MongoDB infrastructure.
- The research team explains that the exposure of personal user data poses security risks for those involved since attackers may build on collected data to carry out targeted attacks, even getting creative with seemingly superstitious data.