Mage Data strengthens its data security posture with the ISO 27001 certification. READ MORE >




CYBER SECURITY NEWS – WEEK OF SEPTEMBER 23, 2024


Data on nearly 1 million NHS patients leaked online following ransomware attack on London hospitals

  • A significant data breach affecting nearly one million NHS patients has emerged following a ransomware attack on London hospitals earlier this year.
  • The Qilin ransomware gang published sensitive patient information, including medical symptoms related to conditions like cancer and sexually transmitted infections.
  • An analysis by CaseMatrix estimates that over 900,000 individuals’ data was compromised, though neither NHS England nor the affected pathology service provider, Synnovis, have confirmed these figures.
  • The leaked data includes personal details such as names, dates of birth, NHS numbers, and contact information, alongside sensitive pathology and histology forms that detail patients’ medical conditions.

*Source

Fuel industry software hit by data leak, IDs and Drivers Licenses exposed

  • A significant data leak has affected FleetPanda, a cloud-based fleet management software used in the fuel industry.
  • Cybersecurity researcher Jeremiah Fowler discovered that the company maintained an unsecured database containing 780,191 personal documents totaling 193 GB.
  • This database included sensitive information such as driver’s licenses, background checks, and various documents related to fuel shipments and deliveries, all of which contain personally identifiable information (PII).
  • The files, which were generated between 2019 and August 2024, were accessible without a password, raising concerns about potential unauthorized access before the database was secured.

*Source

Dell investigates data breach claims after hacker leaks employee info

  • Dell is currently investigating claims of a data breach after a hacker, known as “grep,” leaked information about over 10,000 employees.
  • The breach allegedly occurred in September 2024 and includes sensitive details such as employees’ unique identifiers, full names, and employment status.
  • A small sample of the data was shared publicly, while access to the complete database can be obtained for a fee of approximately $0.30 on a hacking forum.
  • In response to these allegations, Dell confirmed that their security team is looking into the situation.

*Source

Sibanye-Stillwater Mining Company Confirms Data Breach Exposing Information of 7,258 Employees

  • Sibanye-Stillwater, a mining company operating the only platinum and palladium mines in the U.S., has confirmed a significant data breach affecting 7,258 employees.
  • The cyberattack, detected in July 2024 but occurring in June, compromised sensitive personal information including names, Social Security numbers, financial details, and medical information.
  • The breach caused operational disruptions across the company’s global IT systems, although core mining activities remained largely unaffected.

*Source

Thousands of ServiceNow KB Instances Expose Sensitive Corporate Data

  • Security researchers have discovered that over 1,000 ServiceNow instances, representing 45% of those tested, are unintentionally exposing sensitive data from their Knowledge Base (KB) articles due to misconfigurations.
  • Exposed data includes personally identifiable information (PII), internal system details, user credentials, and access tokens for live production systems
  • Many organizations with multiple ServiceNow instances had consistently misconfigured KB access controls across each one, indicating a systematic misunderstanding
  • Around 60% of exposures involve older versions of KBs set to allow public access by default, while others have “User Criteria” rules unintentionally granting access to unauthenticated user
  • ServiceNow has provided guidance to customers on addressing the issue and began proactively taking action to help protect customers whose KBs may still permit greater access than desired

*Source

Disney ditching Slack after massive July data breach

  • Disney is moving away from Slack as its primary internal communication platform after a massive data breach in July 2024 exposed over 1TB of confidential messages and files
  • The company has already begun migrating to new “streamlined enterprise-wide collaboration tools” and plans to complete the transition by the end of its next fiscal quarter
  • The breach, carried out by a threat actor named ‘NullBulge’, compromised almost 10,000 Slack channels containing sensitive information such as upcoming project details, financial data, IT infrastructure details, and other confidential materials.

*Source

Ascension’s Financial Comeback Stalled by Costly Cyberattack, Resulting in $1.8 Billion Loss

  • In May 2024, Ascension Health, one of the largest nonprofit health systems in the U.S., suffered a significant cyberattack that severely impacted its financial recovery efforts.
  • Prior to the attack, Ascension was on track to improve its financial performance, having reported a $332 million operating loss for the first ten months of the fiscal year ending April 30, 2024, a substantial improvement from a $1.9 billion loss during the same period the previous year.
  • However, following the cyberattack, Ascension’s total operating loss surged to $1.8 billion by the end of the fiscal year.
  • The organization attributed this decline to widespread disruptions in clinical operations, interruptions in access to critical systems, and increased expenses related to remediation efforts.
  • The attack not only hindered revenue generation due to business interruptions but also necessitated additional spending to restore normal operations.

*Source

Star Health Data Breach: A Breach Of Trust And Accountability

  • Star Health, one of India’s largest health insurers, recently experienced a significant data breach that compromised the personal details of over 31 million customers.
  • This incident, attributed to a hacker known as “xenZen,” involved the creation of chatbots that allowed unauthorized access to sensitive documents, including medical records and tax information, totaling more than 7.24 terabytes of data.
  • Critics have pointed out potential deficiencies in Star Health’s technology and engineering practices, questioning whether outdated systems or poor integration with third-party components contributed to the breach. Industry observers have also highlighted weaknesses in the company’s DevOps capabilities, suggesting that they were unable to manage the influx of requests effectively.
  • For affected policyholders, the breach poses significant risks, including identity theft and fraud.
  • While Star Health has not yet provided a comprehensive response regarding the extent of the leak or future protective measures, regulatory scrutiny from the Insurance Regulatory and Development Authority of India (IRDAI) is anticipated.

*Source

SECUREFACT ARCHIVE >