CYBER SECURITY NEWS – WEEK OF OCTOBER 16, 2023
Indian state government fixes website bug that revealed Aadhaar numbers and fingerprints
- A security researcher says a bug on an Indian state government website inadvertently revealed documents containing residents’ Aadhaar numbers, identity cards and copies of their fingerprints.
- Sourajeet Majumder found the bug in the West Bengal government’s e-District web portal that allows state residents to access government services online, like obtaining birth and death certificates and building applications.
- Majumder said the website bug meant it was possible to obtain land deeds, which contain records about the owners of a piece of land, from the e-District website by guessing sequential deed application numbers.
Air Europa customers urged to cancel cards following hack on payment system
- Customers of Spanish airline Air Europa were on Tuesday advised by the company to cancel their credit cards following a cyberattack affecting its online payment system.
- The company, based on the island of Mallorca, did not announce how many customers were affected nor when the attack took place.
- In a statement reported by Reuters, the airline said: “There is no evidence that the breach was ultimately used to commit fraud.” There was no information about the nature or source of the cyberattack.
- Affected customers are being emailed by the airline, as are relevant financial institutions. Customers are warned that any bank cards used to pay on its website should be canceled and replaced “to prevent possible fraudulent use of your information.”
Flagstar Bank suffered a data breach once again
- Flagstar Bank is warning 837,390 US customers that their personal information was exposed after threat actors breached the third-party service provider Fiserv.
- Fiserv provides payment processing and mobile banking services to Flagstar Bank, it was the victim of the large-scale MOVEit campaign.
- “The incident involved vulnerabilities discovered in MOVEit Transfer, a file transfer software used by our vendor to support services it provides to Flagstar and its related institutions.” reads the data breach notification sent to the impacted customers.
- The financial organization pointed out that the MOVEit flaw did not involve any of Flagstar Bank’s systems and did not impact its ability to service the customers. Stolen files included Flagstar Bank and related institution customer information.
Datacenter cabling biz Volex confirms digital break-in
- Volex, the British integrated maker of critical power and data transmission cables, confirmed this morning that intruders accessed data after breaking into its tech infrastructure.
- The AIM-listed business said that it “enacted security protocols and took immediate steps to stop the unathorised access to its systems and data” as soon as the attack was noticed.
- “Specialist, third party consultants have been engaged to investigate the nature and extent of the incident, and to implement the incident response plan,” the company added in the statement to investors.
- Despite the incident, “all sites remain operational, with minimal disruption to global production levels, and the Group continues to trade with its customers and suppliers.” As such, the financial fallout from the breach is “not expected to be material.”
Simpson Manufacturing shuts down IT systems after cyberattack
- Simpson Manufacturing disclosed via a SEC 8-K filing a cybersecurity incident that has caused disruptions in its operations, which are expected to continue.
- The company states it detected IT problems and application outages this past Tuesday, which it soon realized were caused by a cyberattack.
- In response to the situation, Simpson took all impacted systems offline to prevent the attack’s spread.
Edwardian Hotels London cyberattack claim surface with samples of bank data, passport
- The United Kingdom’s premium group of hotels has allegedly been breached by a ransomware group. The BlackBasta ransomware group named the website of Edwardian Hotels London to its victim list in their latest post.
- The website of the luxury hotels and restaurants group was accessible after the alleged Edwardian Hotels cyberattack.
- Neither the Twitter/X page nor the website of the luxury hotels group made any reference to a ransomware attack or a data security incident.
- BlackBasta hackers have released samples of data purportedly obtained from the ransomware attack on Edwardian Hotels in London. BetterCyber en Español, a cybersecurity company, documented screenshots of the sample data discovered on the BlackBasta website.