CYBER SECURITY NEWS – WEEK OF FEBRUARY 13, 2023
Data of over 150 million BharatPe users stolen alleges Ashneer Grover, company reacts
- Grover accused the current CEO of BharatPE, Bhavik Koladiya, of data theft. He alleged that Koladiya misused his power and carried India’s biggest data theft of close to 150 million users.
- “It was a grave mistake of giving him (Koladiya) a chance at redemption at BharatPe, which he misused to pull off the biggest data theft in India till date. Bhavik previously was convicted in the US for credit card fraud, where he was put under house arrest for 18 months and subsequently deported to India. And, in India, he also has a FIR registered against him at Delhi airport as he attempted to travel to Gujarat on a forged ticket. I’ve attached documents pertaining to his conviction and copy of the FIR,” Grover said in an email which was obtained by Moneycontrol.
- Grover further alleged that the transacting data of users was obtained at BharatPe using APIs with Yes Bank, Federal Bank and ICICI Bank.
Reddit hit by phishing attack, source code stolen
- Reddit suffered a cyber-attack after its internal systems were breached on February 05 due to a “sophisticated” and “highly-targeted” phishing attack that led to employee credential compromise.
- “The attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway in an attempt to steal credentials and second-factor tokens,” the company wrote.
- However, Reddit said there was “no indication” of a breach of the company’s primary production systems, where most of its data is stored.
UK politician’s email hacked by suspected Russian threat actors
- A British Member of Parliament (MP) has revealed his personal email account was hacked by suspected Russian threat actors.
- Stewart McDonald from the Scottish National Party (SNP) highlighted the spearphishing incident in a tweet published on February 8. It read: “Over the past couple of weeks I have been dealing with a sophisticated and targeted spear phishing hack of my personal email account, and the personal email account belonging to one of my staff. These hacks are a criminal offence.”
- He added that he has worked with Parliament’s security team and the National Cyber Security Centre (NCSC) to ensure that all his inboxes are secure. In addition, McDonald confirmed he is no longer actively using the compromised private account.
- However, he acknowledged that “some of the stolen information may appear online.”
UK metal engineering firm Vesuvius hit by cyber-attack
- Vesuvius, a UK-based molten metal flow engineering company issued an alert on February 6, 2023, which stated it was “currently managing a cyber incident, has involved unauthorized access to our systems.”
- The London Stock Exchange-listed ceramics manufacturer did not give any information on the nature and scope of the incident, the systems impacted, or the identity of the attacker.
- “Immediately upon becoming aware of unauthorized activity on our networks, we have taken the necessary steps to investigate and respond to the incident, including shutting down affected systems. We are working with leading cyber security experts to support our investigations and identify the extent of the issue, including the impact on production and contract fulfillment,” the company said in a statement.
Ransomware crooks steal 3m+ patients’ medical records, personal info
- Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection in December.
- According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, and Greater Covina Medical, the security breach happened around December 1, 2022.
- The medical outfit said it hired third-party incident responders to assist and worked with security vendors to restore access to its systems and determine what data was impacted.
Stalkerware developer hit with $400K fine
- The developer of several stalkerware apps has been handed a fine of nearly half a million dollars and told to modify the software.
- A consortium of 16 companies owned by Patrick Hinchy produced snooping apps Auto Forward, Easy Spy, DDI Utilities, Highster Mobile, PhoneSpector, Surepoint and TurboSpy.
- These enabled customers to secretly monitor a comprehensive range of activities on other devices, including call logs; text messages; photos and videos; location; Gmail, WhatsApp and Skype; social media activity and browsing history.