CYBER SECURITY NEWS – WEEK OF JANUARY 30, 2023
TSA No-Fly List Snafu Highlights Risk of Keeping Sensitive Data in Dev Environments
- A recent incident where a bored hacker found a list of 1.5 million individuals on TSA’s no-fly list sitting unprotected on an Internet-exposed server has highlighted, once again, the risky practice of using production data and sensitive information in development environments.
- Swiss hacker “maia arson crimew” recently discovered the TSA list on a Jenkins open source automation server belonging to CommuteAir, an Ohio-based airline company that supports United Airlines operations on regional flights.
- In comments to Daily Dot — the first to report on the incident — she said she found the no-fly list while searching for Internet-exposed Jenkins servers using the Shodan search engine, and notified the company of the issue.
German Government, Airports, Banks Hit With Killnet DDoS Attacks
- After Berlin pledged tanks for Ukraine, some German websites were knocked offline temporarily by Killnet DDoS attacks.
- Germany’s BSI federal agency, which oversees information security, said the attacks caused some small outages, but otherwise did little damage.
- “Currently, some websites are not accessible,” the BSI said in a statement to Reuters. “There are currently no indications of direct effects on the respective service and, according to the BSI’s assessment, these are not to be expected if the usual protective measures are taken.”
- Last fall Killnet was behind similar DDoS attacks against US airports last fall and has been escalating its nefarious cyber activities throughout Russia’s invasion of Ukraine.
British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
- British sports fashion retail firm JD Sports on Monday revealed that it has discovered a data breach impacting roughly 10 million of its customers.
- According to the company, the cyber incident affects information provided by customers who placed online orders between November 2018 and October 2020. The JD, Size, Millets, Blacks, Scotts and MilletSport brands are impacted.
- Based on the company’s brief description of the incident, it’s possible that hackers stole names, billing addresses, delivery addresses, phone numbers, email addresses, order details, and last four digits of the customers’ payment cards.
Riot Games Latest Video-Game Maker to Suffer Breach
- Highlighting continued attacks on game developers, attackers stole source code from and issued a ransom demand to the maker of League of Legends.
- Cyberattackers have compromised and demanded a ransom from Riot Games, the developer behind the popular League of Legends game, in the latest attack to target video-game makers.
- The attackers issued a ransom demand for $10 million, threatening to otherwise release the source code.
Dutchman Detained for Dealing Details of Tens of Millions of People
- The accused sold an enormous data set stolen from the Austrian radio and television licensing authority — to an undercover cop.
- The stolen personal information of tens of millions of people from across the world was put up for sale on a cybercrime forum by a 25-year-old from the Netherlands, according to authorities.
- The data was lifted from an Austrian radio and television licensing agency and contained personal data on residents of Britain, China, Colombia, Thailand, and the Netherlands, Dutch prosecutors allege.
- The unnamed accused, who lives in Amsterdam, has been in Dutch custody for three months, according to reports, but the arrest was just made public this week.
Zacks Investment Research Confirms Breach Affecting 820,000 Customers
- Zacks Investment Research has confirmed that a hacker attack between 2021 and 2022 resulted in the potential compromise of data belonging to 820,000 customers.
- “Zacks learned that an unknown third party had gained unauthorized access to certain customer records described below,” the company wrote. “We believe the unauthorized access occurred sometime between November 2021 and August 2022.”
- According to Zacks, the data theft affected an older database of Zacks customers who signed up for the Zacks Elite product between November 1999 and February 2005.
- “The specific information we believe to have been accessed is your name, address, phone number, email address, and password used for Zacks.com,” reads the notice document.