CYBER SECURITY NEWS – WEEK OF NOVEMBER 27, 2023
Taj Hotels suffers data breach
- Taj Hotels group faces a data breach impacting 1.5 million individuals, with a demand for $5,000 for a dataset containing sensitive personal information.
- This dataset includes personal information like addresses, membership IDs, mobile numbers, and other personally identifiable information (PII).
- “We have been made aware of someone claiming possession of a limited customer data set which is of a non-sensitive nature, safety and security of our customers’ data is of paramount importance to us,” a representative from Indian Hotels Company Ltd (IHCL), the entity overseeing the Taj Group, stated.
- The individual behind the threat disclosed that the customer data pertains to the period from 2014 to 2020 and has not been shared with anyone thus far. The person-outlined three requirements for any potential agreement. The initial notification of this incident came from an anonymous security researcher.
Enterprise software provider TmaxSoft leaks 2TB of data
- TmaxSoft, a Korean IT company developing and selling enterprise software has leaked over 50 million sensitive records.
- The 2 TB-strong Kibana dashboard has been exposed for over two years.
- Since TmaxSoft specializes in middleware solutions to “help companies leverage critical data,” the leaked data could be exploited in a supply chain attack, affecting Tmax clients and providers.
App used by hundreds of schools leaking children’s data
- Almost a million files with minors’ data, including home addresses and photos were left open to anyone on the internet, posing a threat to children.
- The DigitalOcean storage bucket, containing almost a million sensitive files, was left open to anyone without requiring authentication. Leaking private data on the internet, in this case, poses a grave risk, as most of the leaked files expose minors.
- The leak raises concerns about cybercriminals’ potential misuse of this personal information. The exposed details, particularly home addresses and personal photos, create a disturbing scenario where malicious actors could exploit the vulnerability of children by attempting to extort their parents.
Welltok data breach exposes data of 8.5 million US patients
- Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack.
- Welltok works with health service providers across the U.S., maintaining online wellness programs, holding databases with personal patient data, generating predictive analytics, and supporting healthcare needs like medication adherence and pandemic response.
- Earlier this year, the Clop ransomware gang exploited a zero-day vulnerability in the MOVEit software to breach thousands of organizations worldwide, following up with extortion demands and data leaks impacting over 77 million people.
Cyberattackers leaked data of 27,000 NYC Bar Association members
- The New York City Bar Association confirmed that the data of more than 27,000 members and employees was leaked during a cyberattack nearly a year ago.
- In filings with regulators in Maine and Vermont, the organization said an investigation completed on October 18 confirmed that hackers broke into its systems and had access to internal files from December 2 to December 24, 2022.
- In January, the Clop ransomware gang claimed to have attacked the organization, threatening to leak 1.8 terabytes of stolen information. Despite acknowledging receipt of emails from Recorded Future News in January, the association never responded to requests for comment or addressed the issue publicly.
Detailed data on employees of U.S. national security lab leak online
- A cybercrime group that has engaged in politically motivated attacks breached a human resources application belonging to Idaho National Laboratory, claiming in a post to Telegram on Sunday that it had obtained detailed information on employees working at the nuclear research lab.
- The hacking group SiegedSec said it had accessed “hundreds of thousands of user, employee, and citizen data,” including full names, social security numbers, bank account information, and addresses.
- The group posted a sample of the leaked data, but CyberScoop could not confirm whether SiegedSec is in possession of the much larger data set it claims to have stolen.