CYBER SECURITY NEWS – WEEK OF JUNE 19, 2023
Info of Indians who took Covid vaccine made public by Telegram bot
- The private information of the lakhs of citizens, who registered on the CoWIN app to get their COVID-19 vaccination, appears to have been leaked to private players in a major data breach.
- A Telegram bot has been giving away the details of individuals who registered for COVID-19 vaccinations including their names, date of birth, phone number and other details provided at the time of registration, such as passport or Aadhaar numbers among others.
- When TNM reached out to RS Sharma, the Chief Executive Officer of the National Health Authority, who had vouched for CoWIN to be “safe and secure” in January last year, he refused the possibility of a breach.
Confidential data downloaded from UK regulator Ofcom in cyberattack
- Britain’s communications regulator Ofcom announced that confidential information which it held on companies it regulates was downloaded by hackers exploiting a vulnerability in the MOVEit file transfer tool.
- A spokesperson for Ofcom told The Record that the regulator was “one of many organisations affected by the MOVEit cyberattack,” which has potentially impacted hundreds of organizations globally.
- “A limited amount of information about certain companies we regulate – some of it confidential – along with personal data of 412 Ofcom employees, was downloaded during the attack,” the spokesperson said.
Illinois hospital links closing to ransomware attack
- An Illinois hospital will close its doors this week due in part to a cyberattack two years ago, which analysts said makes it the first hospital to publicly link criminal hackers to its closure.
- St. Margaret’s Health in Spring Valley fell victim to a cyberattack in 2021. It was unable to submit claims to insurers, Medicare or Medicaid for months, which led to a financial spiral.
- Ransomware attacks on hospitals aren’t uncommon. Federal data shows attacks have been on the rise, with nearly 300 targeted in 2022. However, none of them have shuttered as a result of the attack, until now.
Spotify fined in Sweden over GDPR data access complaint
- Music streaming giant Spotify is facing a fine of around €5 million ($5.4M) in Sweden years after it was accused of breaching the data access rights of users in the European Union by not providing full information about personal data it processes in response to individual requests.
- While the size of the fine is unlikely to grab many headlines, the fact it’s finally happened is notable as further evidence of the mountain European users have to climb to get their data protection rights upheld.
- The finding of a breach of Article 15 of the General Data Protection Regulation (GDPR) comes more than four years after a complaint was lodged against Spotify by the privacy rights not-for-profit, noyb. The complaint, which was filed at the start of 2019, alleged Spotify failed to provide adequate detail in response to the complainant’s subject access request (SAR).
Reddit hackers threaten to leak data stolen in February breach
- The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company.
- On February 9th, Reddit disclosed that its systems were hacked on February 5th after an employee fell victim to a phishing attack.
- This phishing attack allowed the threat actors to gain access to Reddit’s systems and steal internal documents, source code, employee data, and limited data about the company’s advertisers.
- However, Reddit said that production systems were not breached, and no user passwords, accounts, or credit card information were impacted.
Records of more than 181,000 patients, others at Scranton cardiology group latest to be hacked in NEPA
- Hackers breached a Scranton cardiology group’s computer network and potentially obtained the private data of 181,764 patients and others, the Commonwealth Health System announced Monday.
- It is the latest in a series of breaches targeting Northeast Pennsylvania medical providers, including one involving Commonwealth Health hospitals.
- The breach of the cardiology group first occurred Feb. 2 in data maintained by Commonwealth Health Physician Network-Cardiology, also known as Great Valley Cardiology (GVC). The breach wasn’t discovered until April 13, the system said in a news release.
- In explaining why the health care system did not announce the breach until Monday, officials said they needed two months to conduct a forensic investigation to identify everyone affected.