CYBER SECURITY NEWS – WEEK OF JANUARY 02, 2024
Albanian parliament, telecom company hit by cyberattacks
- The Albanian parliament and a telecom company operating in the country were targeted by cyberattacks this week, the country’s cyber agency said in a statement.
- According to the agency, the attacks originated from outside Albania and country’s tech experts “are currently working to recover the affected systems and analyze the tactics and techniques used by the threat actors involved in the attacks.”
- The attack hasn’t been attributed to a specific threat actor and the Albanian parliament did not respond to a request for comment by the time of publication.
Panasonic discloses data breach after December 2022 cyberattack
- Panasonic Avionics Corporation, a leading supplier of in-flight communications and entertainment systems, disclosed a data breach affecting an undisclosed number of individuals after its corporate network was breached more than one year ago, in December 2022.
- The attacker breached a subset of devices on its corporate network and gained access to what it describes as information collected from affected individuals and their employers.
- While some personal and health information was exposed during the incident, Panasonic has yet to find evidence that it was misused since the attack.
Yakult Australia confirms ‘cyber incident’ after 95 GB data leak
- Yakult Australia, manufacturer of a probiotic milk drink, has confirmed experiencing a “cyber incident” in a statement to BleepingComputer. Both the company’s Australian and New Zealand IT systems have been affected.
- Cybercrime actor DragonForce which claimed responsibility for the cyber attack has also leaked 95 GB of data that it states, belongs to the company.
- The company is currently unable to confirm how exactly the incident occurred.
- While the company’s IT systems in Australia as well as New Zealand were hit, the offices in both regions remain open and operational.
Troves of Iranian hacked insurance customer data on sale
- Anonymous hackers are selling 160 million customer information records cobbled together from 23 Iranian insurance companies for approximately $75,000.
- The Iranian Leakage Tracking System (Leakfa) has confirmed the validity of the hackers’ claim, stating that the information was obtained through a breach of the Expert Information Technologists (Fanavaran) company infrastructure.
- The information offered for sale on the dark web includes details such as name, national number, date of birth, address, zip code, and mobile phone, all the data needed to possibly forge identities. The report of the hack first was published by a Telegram channel in August.
AJH computer system compromised after cyberattack
- Days after what was called a cyberattack shut down Anna Jaques Hospital’s health record system on Christmas, hospital administrators are saying little about what caused the massive failure or whether the problem has been remedied.
- “Upon discovery, we immediately secured our environment and engaged cybersecurity professionals to assist in the investigation. While there may be some delays in receiving services, patient safety remains our top priority,” a hospital spokesperson said on Wednesday.
- At the height of the crisis, Anna Jaques Hospital staff were turning away ambulance crews from delivering patients to its emergency department and diverting them to area hospitals.
Trinidad and Tobago social security agency hit with post-Christmas ransomware attack
- The country’s National Insurance Board (NIBTT) — which runs the nation’s social security system serving more than 630,000 people — wrote that all offices will be closed from Wednesday to Friday due to a recently-discovered ransomware attack
- The NIBTT did not respond to requests for comment about which ransomware group was behind the attack and whether a ransom had been issued. Trinidad and Tobago’s justice department was attacked by a ransomware group in July, paralyzing the country’s court system for weeks.
- Following that attack, court documents could not be served electronically and lawyers for the government said they were unable to access their email accounts or critical documents for upcoming trials. Shortly before the attack was officially announced, the TT-CSIRT published an advisory urging all organizations to “take the necessary precautions to mitigate against rising ransomware attacks in Trinidad and Tobago.”