CYBER SECURITY NEWS – WEEK OF NOVEMBER 14, 2022
Drizly agrees to tighten data security after alleged breach
- Alcohol delivery app Drizly has agreed to tighten its data security and limit data collection to resolve federal regulators’ allegations that its security failures exposed the personal information of some 2.5 million customers.
- The regulators allege that the company and Rellas were alerted to security problems two years before the 2020 breach yet failed to act to protect consumers’ data.
- Drizly agreed to put in a comprehensive data security program and establish security safeguards, and to limit future data collection or storage to that which is necessary for specific purposes. It will also destroy unnecessary data.
Thales confirms hackers have released its data on the dark web
- The group’s experts have identified one of two likely sources of the data theft and continue to investigate the second, it said. It is also working to minimize the potential impact.
- “At this stage, Thales is able to confirm that there has been no intrusion of its IT systems,” it added.
- It said there is currently no impact on its operations.
Hackers leak Australian health records on dark web
- Hackers began leaking sensitive medical records stolen from an Australian health insurer with nearly 10 million customers, including the prime minister, after the firm refused to pay a ransom.
- Medibank told investors that a “sample” of data from some 9.7 million clients had been posted on a “dark web forum” — and that more leaks were likely.
- The victims were separated into a “naughty” list and a “nice” list. Some on the “naughty” list had numeric codes that appeared to link them to drug addiction, alcohol abuse and HIV.
Mississippi election websites knocked out by DDoS attack
- A pro-Russian hacking group took credit for the attack — which did not interfere with voting or counting processes.
- “An abnormally large increase in traffic volume due to activity caused the public facing side of our websites to be periodically inaccessible this afternoon,” the Mississippi secretary of state’s office said in a statement.
- “I suspect we’re going to see more of this activity,” the official speculated, noting CISA had no evidence of any DDoS attacks on election night result reporting websites.
Popular UK motor racing circuit investigating ransomware attack
- The circuit – home of the British Grand Prix since 1950 – was allegedly attacked by the Royal ransomware gang, which took credit for the alleged incident.
- Emsisoft threat analyst Brett Callow said the Royal ransomware group is a relatively new gang following the encrypt-and-exfiltrate model.
- “The ransomware is secure, meaning its encryption cannot be broken,” Callow said.
Ransomware gang offers to sell files stolen from continental for $50 million
- A notorious ransomware group is offering to sell files allegedly stolen from German car parts giant Continental for $50 million.
- Continental reported in August that it had been targeted in a cyberattack that resulted in hackers accessing some of its systems.
- The company said at the time that the attack had been “averted” and that business activities were not affected.
- Shortly after announcing the Continental hack, the cybercriminals published what appeared to be messages exchanged between them and the company’s representatives. The messages suggested that negotiations had failed.