CYBER SECURITY NEWS – WEEK OF JANUARY 23, 2023
PayPal warns 35,000 users of credential stuffing attacks
- Online payments system PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.
- “On December 20, 2022, we confirmed that unauthorized parties were able to access your PayPal customer account using your login credentials,” the company said in the notification letter sent to the impacted individuals.
- The company says the attackers likely obtained the login credentials via phishing or related nefarious activity, as it found no evidence that the company’s systems were breached.
Meta slapped with 5.5 million euro fine for EU data breach
- Social media giant Meta has been fined an additional 5.5 million euros ($5.9 million) for violating EU data protection regulations with its instant messaging platform WhatsApp, Ireland’s regulator announced Thursday.
- The penalty follows a far larger 390-million-euro fine for Meta’s Instagram and Facebook platforms two weeks ago after they were found to have flouted the same EU rules.
- In its new decision, the Irish Data Protection Commission (DPC) found the group acted “in breach of its obligations in relation to transparency,” the watchdog said in a statement.
- In addition, Meta relied on an incorrect legal basis “for its processing of personal data for the purposes of service improvement and security,” the DPC added, giving the group six months to comply.
Vice Society ransomware leaks University of Duisburg-Essen’s data
- The threat actors have also leaked files they claim to have stolen from the university during the network breach, exposing potentially sensitive details about the university’s operations, students, and personnel.
- UDE has since confirmed that they are aware the threat actors published the stolen data and said that they will not be paying a ransom.
- “After the cyber attack on the University of Duisburg-Essen (UDE) at the end of November, the criminal group responsible for it has now published data on the Darknet,” UDE said in a statement.
Ransomware shuts hundreds of Yum brands restaurants in UK
- A ransomware attack forced the parent company of KFC and Taco Bell to close several hundred restaurants in the United Kingdom this week.
- A government filing posted Thursday says the attack impacted information technology systems. Yum Brands said the attackers took company data, but that there is no evidence customer data was stolen.
- Around 300 U.K. stores were closed for one day but are now operational, Yum said. There are more than 1,000 KFC and Taco Bell outlets in the UK and Ireland, according to company websites, yet it did not divulge which brands were impacted.
- The UK was the European country most targeted by observed ransomware attacks last month with 21, with Germany No. 2 with 11, according to the cybersecurity firm NCC Group.
T-Mobile says hackers used API to steal data on 37 million accounts
- Wireless carrier T-Mobile on Thursday fessed up to another massive data breach affecting approximately 37 million current postpaid and prepaid customer accounts.
- In a filing with the Security and Exchange Commission (SEC), T-Mobile said that an unidentified malicious actor abused an API without authorization to access customer account data, including name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features.
- The telco provider said the data stolen did not include payment information, passwords or other sensitive data.
- T-Mobile said the data breach was detected on January 5 this year and was contained “within a day of learning of the malicious activity.”
18k Nissan customers affected by data breach at third-party software developer
- Nissan North America is informing roughly 18,000 customers that their personal information was exposed in a data breach at a third-party services provider.
- The breach occurred after data provided by Nissan to the services provider was inadvertently exposed on the internet, the company notes in a notification letter sent to the impacted customers.
- “The impacted third-party service provider provides software development services to Nissan. Nissan provided certain information to this service provider for processing during the testing of the software,” the car maker says.
- According to Nissan, the services provider temporarily stored Nissan-provided data in a cloud-based public repository.