CYBER SECURITY NEWS – WEEK OF SEPTEMBER 25, 2023
Space and defense tech maker Exail Technologies exposes database access
- Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases.
- According to the team, Exail’s exposed .env file contained database credentials. If the database would have been open to the public, attackers could have used the credentials to access the company’s data. However, in this case, it was not open to the public.
- “Once inside, attackers could view, modify, or delete sensitive data and execute unauthorized operations. The publicly hosted environment was exposed to the internet, meaning that anyone could’ve used these credentials to access sensitive information stored in this database,” researchers explained.
Cyberattack on Kansas town affects email, phone, payment systems
- Pittsburg — home to about 20,000 people along the state’s border with Missouri and Oklahoma — said it discovered the incident over the weekend. The attack caused an IT outage that limited government systems but did not affect 911 dispatch and other utilities.
- The city’s incident response team “took proactive measures to protect city data and network systems” while also hiring forensic experts to “ fully understand the extent and implications” of the attack.
- City operations will continue and public safety services remained in operation despite the attack. The city did not respond to requests for comment about whether it was a ransomware attack and whether a ransom will be paid.
- No group has taken credit for the attack. A medical center and wastewater facilities in Kansas have previously faced cybersecurity incidents over the last three years.
Pizza Hut Australia hack: data breach exposes customer information and order details
- Company says it believes about 193,000 customers are affected by the breach, which it spotted in early September.
- Pizza Hut’s Australian operations have been hit by a cyber-attack, the company says, with customer data including delivery addresses and order details stolen in the hack.
- In an email to customers on, Pizza Hut Australia’s chief executive, Phil Reed, said the company became aware in early September that there had been “unauthorised third party” access to some of the company’s data.
- Reed said the data obtained includes customer details and online order details from Pizza Hut’s customer database, including names, delivery address and instructions, email addresses and contact numbers.
Ohio community college data theft breach affects nearly 300K
- An Ohio community college is notifying 290,000 people of a data theft breach this spring that may have compromised their personal, financial and health information.
- In a breach notification Wednesday, Lakeland Community College did not provide any details on the attack, which occurred between March 7 and March 31, but the Vice Society ransomware group earlier this year had listed the college on its data leak website.
- While the community college breach may be relatively small, the incident illustrates why small schools such as this are now favored targets of cybercriminals, according to security researchers. In fact, a Sophos survey in June of 400 respondents in education found that about 80% of schools have reported hacking incidents, including ransomware, in the past year.
Air Canada says hackers accessed limited employee records during cyberattack
- Canada’s largest airline announced a data breach this week that involved the information of employees, but said its operations and customer data was not impacted.
- The company did not respond to requests for comment about when the attack occurred and whether it was a byproduct of a ransomware attack.
- “An unauthorized group briefly obtained limited access to an internal Air Canada system related to limited personal information of some employees and certain records. We can confirm that our flight operations systems and customer facing systems were not affected,” the company said.
- “No customer information was accessed. We have contacted parties whose information has been involved as appropriate, as well as the relevant authorities. We can also confirm all our systems are fully operational.” The company added that it worked with cybersecurity experts to further lockdown its systems following the incident.
Government of Bermuda links cyberattack to Russian hackers
- The Government of British overseas territory Bermuda has linked a cyberattack affecting all its departments’ IT systems since Thursday to hackers based out of Russia.
- “The public is advised that the Government Is currently experiencing internet/email and phone service interruptions. All Departments are impacted,” the Bermuda Government said.
- David Burt, the Premier of Bermuda, also said in a press conference based on a briefing received right before the event that the investigation is yet to find evidence the attackers have stolen data from impacted systems.