CYBER SECURITY NEWS – WEEK OF JULY 10, 2023
India’s largest tech retailer suffered data breach, with employee and customer data
- WebsitePlanet has quoted security researcher Jeremiah Fowler for the discovery of a non-password-protected database containing over 8 million documents related to Poorvika.
- It says that the publicly exposed documents included highly sensitive personally identifiable information (PII) as well as salary information, detailed employment records, and customer data.
- The highly sensitive employee data includes religion, sex, date of birth, marital status, family dependents, if they were still employed with Poorvika or not, reason for quitting (like personal problems, medical reasons) et cetera.
- After discovering the database, Fowler immediately alerted Poorvika, after which the database was closed to public access. However, Fowler says he never received any response from the company regarding his findings.
Dublin Airport staff’s pay and benefits ‘compromised’ after cyberattack
- Multiple daa staff have had their pay and benefits “compromised” following a cyber attack on third-party professional service provider Aon.
- The third-party provider had been contracted by daa to compile and print personalised total rewards statements for some daa employees. Daa is not the only company impacted by the cyber attack, with a large number of Aon clients also being affected.
- A spokesman for the for daa explained that Aon’s data was breached recently as a result of an attack on the file transfer software tool MOVEit, due to this, data relating to some employees’ pay and benefits became compromised.
Shell confirms MOVEit-related breach after ransomware group leaks data
- Shell confirms that employee personal information has been stolen after the Cl0p ransomware group leaked data allegedly stolen from the energy giant.
- The Cl0p ransomware group exploited a zero-day vulnerability in the MOVEit managed file transfer (MFT) product to steal data from at least 130 organizations that had been using the solution. To date, at least 15 million individuals are believed to be impacted.
- In a brief statement issued, Shell confirmed being hit by the MOVEit hack, clarifying that the MFT software was “used by a small number of Shell employees and customers”.
- “Some personal information relating to employees of the BG Group has been accessed without authorization,” the company said.
28,000 impacted by data breach at Pepsi Bottling Ventures
- Discovered on January 10, the data breach occurred between December 23, 2022, and January 19, 2023, and resulted in the personal, financial, and health information of the company’s employees being accessed by an unauthorized party.
- On February 10, Pepsi Bottling Ventures started informing the impacted individuals that the attackers gained access to certain systems containing their personal information, but did not reveal how many individuals were affected.
- In conjunction with a public announcement regarding the incident, Pepsi Bottling Ventures recently informed the Maine Attorney General’s Office that the attackers had access to the personal information of more than 28,000 individuals.
- According to the company, the compromised data includes names, addresses, email addresses, financial account information, ID numbers, driver’s license numbers, Social Security numbers, digital signatures, medical history details, and health insurance information.
Japan’s largest port stops operations after ransomware attack
- The Port of Nagoya, the largest and busiest port in Japan, has been targeted in a ransomware attack that currently impacts the operation of container terminals.
- The port is also used by the Toyota Motor Corporation, one of the world’s largest automakers, to export most of its cars.
- The administrative authority of the Port of Nagoya has issued a notice about a malfunction in the “Nagoya Port Unified Terminal System” (NUTS) — the central system controlling all container terminals in the port.
Microsoft denies data breach, theft of 30 million customer accounts
- Microsoft has denied the claims of the so-called hacktivists “Anonymous Sudan” that they breached the company’s servers and stole credentials for 30 million customer accounts.
- Anonymous Sudan is known for debilitating distributed denial-of-service (DDoS) attacks against Western entities in recent months. The group has confirmed their affiliation with pro-Russian hacktivists like Killnet.
- The hacktivists alleged that they had “successfully hacked Microsoft” and “accessed a large database containing more than 30 million Microsoft accounts, emails, and passwords.”
- Anonymous Sudan offered to sell this database to interested parties for $50,000 and urged interested buyers to engage in contact with their Telegram bot to arrange the purchase of the data.