CYBER SECURITY NEWS – WEEK OF FEBRUARY 27, 2023
Stanford University discloses data breach affecting PhD applicants
- Last week, the university sent data breach notification letters to 897 individuals who submitted personal and health information as part of the graduate application to its Department of Economics, informing them that their info was accessed without authorization.
- The information exposed as a result of this breach comprises application and accompanying materials, including names, dates of birth, home and mailing addresses, phone numbers, email addresses, race and ethnicity, citizenship, and gender.
- “The incident does not involve programs at Stanford other than the PhD program in Economics. It also does not involve undergraduate applications to the university,” the university said in a separate statement on its website.
Dish Network goes offline after likely cyberattack, employees cut off
- The widespread outage affects Dish.com, Dish Anywhere app as well as several websites and networks owned by the corporation. Customers also suggest the company’s call center phone numbers are unreachable.
- Additionally, customers are facing authentication issues when signing into TV channel apps such as MTV & Starz via their Dish credentials.
- Dish Network’s remote employees have been cut off from accessing their work systems.
TELUS investigating leak of stolen source code, employee data
- The threat actor subsequently posted screenshots that apparently show private source code repositories and payroll records held by the company.
- TELUS has so far not found evidence of corporate or retail customer data being stolen and continues to monitor the potential incident.
- While BleepingComputer has been unable to confirm the veracity of threat actor’s claims just yet, the small sample set posted by the seller does have valid names and email addresses corresponding to present-day TELUS employees, particularly software developers and technical staff.
Irish TV broadcaster says attempted hack will affect programming
- The nature of the attack has not been specified, although a spokesperson told The Record it was not a ransomware attack.
- In a statement the company described identifying “an unauthorized attempt to access our systems in recent days” which it said had been “contained, isolated and terminated.”
- Ossian Smyth, the Irish Minister of State, described the incident as a “major hack” and said it was being investigated by the Republic of Ireland’s National Cyber Security Centre.
- The company said that “precautionary protocols” meant it was “temporarily disconnecting some of our technologies to ensure ongoing maximum security.”
Australia retailer’s customer data compromised in third-party breach
- The Good Guys’ customer data, including phone numbers and email addresses, have been compromised in a third-party breach that industry observers say is yet another reminder for businesses to scrutinize their suppliers’ security practices.
- Formerly known as Pegasus Group Australia, My Rewards also confirmed the breach in a statement Thursday, revealing that preliminary investigations pointed to an “unauthorized access” to its systems in August 2021, which led to the data compromise.
- This meant that personally identifiable information, including names, email addresses, and phone numbers, likely had been made publicly available, the company said, noting that all its data were stored in Australia.
Cyberattacks hit data centers to steal information from global companies
- A malicious campaign against data centers stole the access credentials of some of the world’s biggest companies — including Amazon, Apple, Goldman Sachs, and Microsoft — according to reports.
- “Malicious cyber activity targeting data center organizations creates a significant precedent in the context of supply chain cybersecurity,” Resecurity said in a blog post. “Resecurity expects attackers to increase malicious cyber activity related to data centers and their customers.”
- Resecurity did not name the victims, but according to a separate report from Bloomberg, the cyberattacks stole data center credentials from major corporations including Alibaba, Amazon, Apple, BMW, Goldman Sachs, Huawei Technologies, Microsoft, and Walmart. Bloomberg said that it had reviewed Resecurity documents related to the malicious activity.