CYBER SECURITY NEWS – WEEK OF NOVEMBER 07, 2022
Dropbox suffers breach, 130 GitHub repositories compromised
- Dropbox disclosed that it suffered a data breach involving threat actors stealing code from 130 repositories after gaining access to a GitHub account using employee credentials obtained in a phishing attack.
- The cloud giant said it discovered the breach on October 14 when GitHub notified it of suspicious activity that started the previous day.
- The company added that while its systems automatically quarantined some of these emails, others landed in Dropboxers’ inboxes.
- Dropbox believes the threat actors behind the attack are the same that targeted GitHub users in September by impersonating the code integration and delivery platform CircleCI, which Dropbox also uses for select internal deployments.
Europe’s biggest copper producer hit by cyber-attack
- The world’s second largest copper producer, Hamburg-headquartered Aurubis has been hit by a cyber-attack which forced IT systems offline.
- “This was apparently part of a larger attack on the metals and mining industry,” it said. “As a result, numerous systems at Aurubis sites had to be shut down and disconnected from the internet as a preventive measure.” Aurubis revealed in a brief statement that the attack struck on Friday evening.
- It’s unclear exactly what the impact has been on production. Aurubis claims to produce over one million tons of copper cathodes each year and is the world’s largest recycler of the metal.
Cyberattack causes trains to stop in Denmark
- The incident shows how an attack on a third-party IT service provider could result in significant disruption in the physical world.
- While this may sound like the work of a sophisticated threat actor that targeted operational technology (OT) systems in an effort to cause disruption, it was actually the result of a security incident at Supeo, a Danish company that provides enterprise asset management solutions to railway companies, transportation infrastructure operators and public passenger authorities.
- Supeo may have been targeted in a ransomware attack. The company has not shared any information, but a DSB representative told Reuters that it was an “economic crime”.
Vodafone Italy discloses data breach after reseller hacked
- The exposed information includes subscription details, identity documents with sensitive data, and contact details.
- The notice clarifies that no account passwords or network traffic data have been compromised as a result of this incident.
- Vodafone Italia urges the recipients of the notifications to remain vigilant against incoming communications, as the risk of being targeted by phishing actors and scammers has now increased.
- The notice concludes that FourB has closed access to the breached servers and implemented higher-level security on its systems to prevent the occurrence of similar incident in the future.
Osaka hospital halts services after ransomware attack
- A major hospital in Osaka, Japan, has suspended routine medical services following a ransomware cyber-attack that disrupted its electronic medical record systems.
- Emergency operations are continuing, but Osaka General Medical Center officials told reporters that the hospital system failed earlier today and could not be accessed.
- They have also reported that a contractor who examined the issue concluded the system had been attacked by a ransomware computer virus, with the threat actor allegedly sending an email in English to the hospital’s server and demanding a ransom in Bitcoin.
TikTok confirms Chinese staff can access UK and EU user data
- TikTok has officially confirmed that some employees outside the continent, including in China, can access the data of individuals using the app in Europe.
- The news comes from the social media giant’s head of privacy in Europe, Elaine Fox, who has said access for staff in China was necessary to guarantee the app’s correct functionalities.
- “Based on a demonstrated need to do their job, subject to a series of robust security controls and approval protocols, and by way of methods that are recognized under the GDPR, we allow certain employees within our corporate group located in Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the United States, remote access to TikTok European user data,” Fox explained.
- The move is bound to send ripples across the regulatory community, as TikTok was already under scrutiny in Europe and the US over concerns that user data could be passed to the Chinese state. TikTok has so far denied the claims, so Fox’s words may now be seen as a U-turn.