CYBER SECURITY NEWS – WEEK OF JANUARY 22, 2024
Vans, Supreme owner VF Corp says hackers stole 35 million customers’ personal data
- VF Corp said it does not retain consumer Social Security numbers, bank account information, or payment card information for its consumer businesses, nor does the company have evidence that the hackers stole customer passwords.
- VF Corp. previously said the hackers disrupted its operations “by encrypting some IT systems,” implying a ransomware attack. The ransomware and extortion gang known as ALPHV (or BlackCat) later claimed credit for the breach.
- VF said at the time of the incident that it was experiencing operational disruptions and its “ability to fulfill orders.” In its Thursday filing, VF said it is “still experiencing minor residual impacts from the cyber incident,” but that it has caught up on fulfilling orders that were delayed.
Cooper Aerobics: Data security incident raises concerns of personal information exposure
- On January 5, 2024, the organization notified individuals about where unauthorized access to its network, stemmed from a Cooper Aerobics data breach, potentially exposing personal information.
- Upon discovering the Cooper Aerobics data breach, firm initiated immediate remediation efforts and launched a thorough investigation with external cybersecurity professionals.
- The Cooper Aerobics data breach investigation revealed that on February 3, 2023, an unauthorized party potentially removed certain files containing personal or protected health information from the organization network.
National Bank of Angola says it mitigated cyberattack
- In a statement, the bank said the January 6 cybersecurity incident was mitigated “without significant impacts on its infrastructure and data.”
- “Following the incident, access to technological infrastructures and, consequently, the safe and efficient provision of institutional services were ensured in a controlled manner,” it said.
- No hacking group has taken credit for the incident but in 2022 someone on the cybercriminal forum Exploit offered access to the bank’s systems for an undisclosed price.
Russian hackers stole Microsoft corporate emails in month-long breach
- Microsoft warned Friday night that some of its corporate email accounts were breached and data stolen by a Russian state-sponsored hacking group known as Midnight Blizzard.
- Microsoft says the threat actors breached their systems in November 2023 when they conducted a password spray attack to access a legacy non-production test tenant account.
- The fact that the hackers were able to gain access to the account using a brute force attack indicates it was not protected with two-factor authentication (2FA) or multi-factor authentication (MFA), a security practice that Microsoft recommends on all types of online accounts.
Clearview Resources Ltd hit by cyberattack, suffers $1.5 million in damages
- In response to the cyberattack on Clearview, the firm promptly engaged independent security experts to investigate the incident.
- The Clearview cyberattack unfolded through the compromise of an internal email address, which was exploited by malicious actors to redirect company funds to a third-party account.
- In an updated press statement released in January 2024, Clearview explained, “An internal email address was compromised and used by fraudulent actors to redirect the transfer of certain Company funds to a third-party account, resulting in the loss of US$1.5 million.”
Kansas State University cyberattack disrupts IT network and services
- Kansas State University (K-State) announced it is managing a cybersecurity incident that has disrupted certain network systems, including VPN, K-State Today emails, and video services on Canvas and Mediasite.
- On Tuesday morning, the university announced on its media portal that it was experiencing disruption in some IT systems, and by the afternoon, it confirmed a cyberattack had caused it.
- Impacted systems were taken offline upon detection of the attack, resulting in the unavailability of VPN, emails, Canvas and Mediasite videos, printing, shared drives, and mailing list management services (Listservs).