CYBER SECURITY NEWS – WEEK OF OCTOBER 17, 2022
Tata Power, a top power producer in India, confirms cyberattack
- In a brief statement released on Friday, the Mumbai-based company said that the attack impacted some of its IT systems.
- “The company has taken steps to retrieve and restore the systems. All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer-facing portals and touchpoints,” it said in its filing with local stock exchanges.
- Tata Power did not share any further specifics on the matter.
Toyota reveals data leak of 300,000 customers
- Japanese car giant Toyota has warned that nearly 300,000 customers may have had their personal data leaked after an access key was publicly available on GitHub for almost five years.
- In a statement on its website, Toyota said that the email addresses and customer control numbers of 296,019 people who have used T-Connect, a telematics service that connects vehicles via a network, since July 2017, were exposed.
- The firm added that while there is no evidence that the data was accessed by a third party following an analysis of the access history of the data server, it “could not be completely ruled out.”
- The leak was caused by part of the source code of the T-Connect site being mistakenly uploaded to GitHub by a website development contractor, remaining on the site for almost five years from December 2017 to September 15, 2022. This source code contained the access key to the T-Connect data server, which provided access to users’ email addresses and customer control numbers.
Intel confirms source code leak
- Intel has confirmed that the alleged leak of its Alder Lake BIOS source code is authentic, potentially raising cybersecurity risks for customers.
- Last week, the firm’s BIOS/UEFI code was apparently posted on 4chan and Github in a repository named ‘ICE_TEA_BIOS.’ This repository contains 5.97 GB of files, source code, private keys, change logs and compilation tools.
- It is currently unclear how the source code was accessed, and who was responsible.
- The leak relates to Intel’s 12th generation Intel Core processors, released in November 2021. Despite Intel’s reassurances, the leak could pose a security risk for customers, making it easier for cyber-criminals to discover vulnerabilities in the product.
Shein holding company fined $1.9m for not disclosing data breach
- Zoetop, the holding company behind retailer giant Romwe and Shein, has been fined $1.9m after it failed to properly inform customers of a data breach that reportedly affected millions of users.
- According to a notice from New York’s attorney general’s office this week, the 2018 data breach saw Zoetop failing to secure customers’ data, not adequately informing customers of it and trying to keep the real impact of the leak quiet.
- The 2018 hack saw credit cards and personal information theft, including names, emails and hashed passwords.
- The data breach reportedly affected 39 million Shein and seven million Romwe accounts, more than 800,000 of which belonged to New Yorkers.
Singtel’s Australian IT firm dialog suffers data breach
- Telecommunication giant Singtel has confirmed that another of its Australian subsidiaries, consulting unit Dialog, was the victim of a hack just weeks after the Optus breach was revealed.
- Writing a statement to the Singapore stock exchange on Monday, Singtel said Dialog, which was acquired by Singtel’s subsidiary NCS in April, confirmed the cybersecurity incident in which “an unauthorized third party may have accessed company data” on Saturday, September 10, 2022.
- The breach potentially affected fewer than 20 clients and 1000 current Dialog employees as well as former employees.
DJI drone tracking data exposed in the US
- Over 80,000 drone IDs were exposed in the leak of a database containing information from airspace monitoring devices manufactured by DJI.
- A majority of these devices (53) are located in the United States, while others are spread across Qatar, Germany, France, and Turkey. The database itself is hosted by Amazon Web Services (AWS) in the United States.
- More specifically, the leaked DJI drone data includes information such as the flight status, unique ID assigned to the aircraft, home location of the drone (which is usually the take-off point), timestamps, drone models, serial numbers, and the operator’s location. No personally identifiable information is present in the dataset.