CYBER SECURITY NEWS – WEEK OF JANUARY 29, 2024
Netherlands-based Medical Lab’s Unsecured Database Exposed 1.3 million records, COVID Test Info
- An unsecured database appearing to belong to Coronalab.eu, which is owned by Microbe & Lab, a Netherlands-based medical laboratory, exposed 1.3 million records on the internet including COVID test results and other personal identifiable information.
- The database’s approximately 1.3 million exposed records include 118,441 certificates, 506,663 appointments, 660,173 testing samples, and a small number of internal application files.
- The leaked COVID test records contain patient names, nationality, passport number and test results, as well as the price, location and type of test conducted. The database also contained thousands of QR codes and hundreds of
.csv
files that show appointment details and patient email addresses.
Global Retailer BuyGoods.com Leaks 198GB of Internal and User PII, KYC data
- A cybersecurity researcher recently uncovered a misconfigured cloud database that left a wealth of sensitive data exposed. The affected database contained records attributed to customers of BuyGoods.com.
- The exposed database, totalling 198.3 gigabytes in size, lacked any form of security authentication, being openly accessible to the public. Within this unprotected database were more than 260,000 records, containing a comprehensive range of information including details regarding affiliate payouts, refund transactions, invoices, accounting records, and various other forms of data.
- The exposed server also laid bare the personal records of customers and affiliates, containing highly sensitive Personally Identifiable Information (PII) and Know Your Customer (KYC) data, including customer’s selfies alongside their personal identification cards, licenses, passports, and even unredacted credit card details.
LoanDepot says 16.6 million customers had ‘sensitive personal’ information stolen in cyberattack
- About 16.6 million LoanDepot customers had their “sensitive personal” information” stolen in a cyberattack earlier this month, which the loan and mortgage giant has described as a ransomware attack.
- LoanDepot did not say what kind of sensitive and personal customer data was stolen but said in a filing with federal regulators that it would notify the affected customers of the data breach.
- While LoanDepot says on its cyber incident updates page that it has brought some customer portals back online, many of its online services remain inaccessible into their second week. Customers have said they have been unable to make payments or access their online accounts since the incident, which began around January 8.
23andMe data breach: Hackers stole raw genotype data, health reports
- Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27.
- The hackers downloaded the data of 6.9 million people of the existing 14 million customers after breaching around 14,000 user accounts.
- The credentials used by the attackers to breach the customers’ accounts were stolen in other data breaches or used on previously compromised online platforms.
Trezor support site breach exposes personal data of 66,000 customers
- Trezor issued a security alert after identifying a data breach that occurred on January 17 due to unauthorized access to their third-party support ticketing portal.
- The popular hardware cryptocurrency wallet vendor says that the investigation on the incident is ongoing but it found no evidence so far that users’ digital assets were compromised in the incident.
- However, a subset of 66,000 users who have interacted with Trezor Support since December 2021 may have had their names or usernames, and email addresses exposed to an unauthorized party.
Jason’s Deli says customer data exposed in credential stuffing attack
- Hackers obtained credentials of member accounts at Jason’s Deli from other sources and, on December 21, 2023, used them in a credential stuffing attack against the restaurant’s website.
- The amount of data exposed in these credential stuffing attacks depends on the type of information a Jason’s Deli member has added to their online profiles and may include Full Name, Address, Phone Number, Birthday, House account number etc.
- According to a listing at the Office of the Maine Attorney General, the total number of potentially impacted customers is 344,034 people.