CYBER SECURITY NEWS – WEEK OF MAY 15, 2023
Toyota: Car location data of 2 million customers exposed for ten years
- Toyota Motor Corporation disclosed a data breach on its cloud environment that exposed the car-location information of 2,150,000 customers for ten years, between November 6, 2013, and April 17, 2023.
- According to a security notice published in the company’s Japanese newsroom, the data breach resulted from a database misconfiguration that allowed anyone to access its contents without a password.
- “It was discovered that part of the data that Toyota Motor Corporation entrusted to Toyota Connected Corporation to manage had been made public due to misconfiguration of the cloud environment,” reads the notice.
Capita warns customers they should assume data was stolen
- Business process outsourcing firm Capita is warning customers to assume that their data was stolen in a cyberattack that affected its systems in early April.
- Almost six weeks after the attack was disclosed, Capita warned Universities Superannuation Scheme (USS), the largest private pension scheme in the UK, to react to the incident under the assumption that their members’ data was stolen.
- Capita told USS that servers accessed by the hackers held roughly 470,000 active, deferred, and retired members’ personal information, including names, dates of birth, National Insurance numbers, and USS member numbers.
Discord discloses data breach after support agent got hacked
- Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised.
- The security breach exposed the agent’s support ticket queue, which contained user email addresses, messages exchanged with Discord support, and any attachments sent as part of the tickets.
- Discord says it immediately addressed the breached support account by disabling it once the incident was discovered.
Multinational tech firm ABB hit by Black Basta ransomware attack
- Swiss multinational company ABB, a leading electrification and automation technology provider, has suffered a Black Basta ransomware attack, reportedly impacting business operations.
- “ABB operates more than 40 U.S.-based engineering, manufacturing, research and service facilities with a proven track record serving a diversity of federal agencies including the Department of Defense, such as U.S. Army Corps of Engineers, and Federal Civilian agencies such as the Departments of Interior, Transportation, Energy, United States Coast Guard, as well as the U.S. Postal Service,” reads the ABB web site.
- On May 7th, the company fell victim to a cyber attack conducted by the Black Basta ransomware gang, a cybercrime group that surfaced in April 2022.
Brightly warns of SchoolDude data breach exposing credentials
- U.S. tech company and Siemens subsidiary Brightly Software is notifying customers that their personal information and credentials were stolen by attackers who gained access to the database of its SchoolDude online platform.
- “The incident involved an unauthorized actor obtaining certain account information from the SchoolDude user database.”
- The company believes the threat actors have stolen customer account information, including names, email addresses, account passwords, phone numbers (where available), and school district names.
North Korean hackers breached major hospital in Seoul to steal data
- The Korean National Police Agency (KNPA) warned that North Korean hackers had breached the network of one of the country’s largest hospitals, Seoul National University Hospital (SNUH), to steal sensitive medical information and personal details.
- The incident occurred between May and June 2021, and the police conducted an analytical investigation during the past two years to identify the perpetrators.
- Local media in South Korea linked the attack to the Kimsuky hacking group, but the police’s report does not explicitly mention the particular threat group.