CYBER SECURITY NEWS – WEEK OF JUNE 12, 2023
Wealthy New Jersey township hit with cyberattack, mayor says
- Katya Wowk, Montclair’s communications director, told Recorded Future News that the incident is not related to the MOVEit vulnerability that has led to attacks on dozens of organizations in recent weeks.
- The township could not provide more information about whether a ransom was issued or who was behind the attack because the investigation is ongoing, Wowk said.
- In a video message released earlier this week, Montclair Mayor Sean Spiller said state and federal agencies were contacted about the incident in addition to outside cybersecurity experts.
- Investigators are still working to “identify the source of the attack and determine the damage and restore full operational function.”
Aix-Marseille, France’s largest university, hit by cyberattack
- The institution’s management described the attack as coming “from a foreign country” but said its security systems triggered an alert allowing them to take the network offline before “great damage” was caused.
- Local media reported the network was taken offline in a bid to interrupt the attack and prevent potential data breaches, according to an internal source cited by BFM Marseille.
- Aix-Marseille, in southern France, was founded in 1409 and currently has around 80,000 students, more than any other university in the country.
- The nature of the attack has not been confirmed and it is not yet known whether any data was stolen nor if an extortion note has been sent to the institution.
German recruiter Pflegia leaks sensitive job seeker info
- Pflegia, a German healthcare recruitment platform, has exposed hundreds of thousands of files with sensitive user data such as names, home addresses, and emails.
- Exposing this type of data, categorized as Personally identifiable information (PII), poses numerous dangers to victims since attackers can leverage the data for spear phishing attacks and identity theft.
- The Cybernews research team discovered an open Amazon Web Services (AWS) cloud instance, often referred to as a “bucket” in the business, with over 360,000 files. The team deduced that the exposed files belonged to Pflegia.
University of Manchester says hackers ‘likely’ stole data in cyberattack
- In a statement published on its website, the University of Manchester says they discovered the breach on Tuesday, June 6th, and immediately launched an investigation.
- “Regrettably, I have to share with you the news that the University is the victim of a cyber incident,” reads the statement on the University’s website.
- “It has been confirmed that some of our systems have been accessed by an unauthorised party and data have likely been copied.”
- The announcement further informs that in-house experts and external support are working non-stop to remediate the situation, determine exactly which systems have been accessed, and work toward a timely system restoration.
Zipper giant YKK confirms cyberattack targeted U.S. networks
- Japanese zipper giant YKK confirmed that its U.S. operations were targeted by hackers in recent weeks but said it was able to contain the threat before damage was caused.
- The Tokyo-based corporation would not say if it was hit with ransomware, but a spokesperson told Recorded Future News that once YKK discovered that its U.S.-based networks were targeted, the cybersecurity team “contained the threat before significant damage was done or sensitive information was exfiltrated.”
- “The incident did not have a material impact on our operations or our ability to continue to serve our customers,” said Jessica Kennett Cork, vice president of corporate communications at YKK Corporation of America.
- “There is no evidence that personal or financial information or intellectual property was compromised. We take cybersecurity seriously and thank our stakeholders for their continued trust in YKK,” Cork said.
Japanese pharma giant Eisai discloses ransomware attack
- Pharmaceutical company Eisai has disclosed it suffered a ransomware incident that impacted its operations, admitting that attackers encrypted some of its servers.
- In a notification posted to their website, Eisai disclosed that they suffered a ransomware attack over the weekend, a typical time for attackers to deploy encryptors as IT teams are understaffed and unable to respond effectively to the rapidly evolving situation.
- The company took many of its IT systems offline to contain the damage and prevent the spread of the locker to further portions of the breached corporate network