CYBER SECURITY NEWS – WEEK OF MARCH 04, 2024
20 million Cutout.Pro user records leaked on data breach forum
- AI service Cutout.Pro has suffered a data breach exposing the personal information of 20 million members, including email addresses, hashed and salted passwords, IP addresses, and names.
- On Tuesday, someone using the alias ‘KryptonZambie’ shared a link on the BreachForums hacking forum to CSV files containing 5.93 GB of data stolen from Cutout.Pro. These CSV files contain what appears to be a database dump consisting of 41.4 million records, with 20 million of those records consisting of unique email addresses.
- The data that was leaked includes the following information: User ID and profile picture, API access key, Account creation date, Email address, User IP address, Mobile phone number, Password and salt used in hashing, User type and account status
Hackers Leak 2.5M Private Plane Owners’ Data Linked to LA Intl. Airport Breach
- The notorious hacker known as IntelBroker claims to have breached the database of the Los Angeles International Airport, making off with a trove of confidential user data belonging to private plane owners. The breach, according to the hacker, took place in February 2024.
- The incident has apparently resulted in the compromise of a significant 2.5 million records, including sensitive information such as: Full Names, CPA numbers, Email addresses, Company names, Plane model numbers, Tail numbers.
- According to IntelBroker, they exploited a vulnerability in the airport’s Customer Relationship Management (CRM) system to gain unauthorized access to the database.
Law firm reports data breach affecting more than 325,000 people
- Houser LLP, a U.S. law firm that specializes in serving high-profile financial institutions, said a system breach discovered in May 2023 exposed the personal data — possibly including sensitive information such as credit card numbers — of more than 325,000 people.
- The data included names “and one or more of Social Security number, driver’s license number, individual tax identification number, financial account information, and medical information,” Houser said.
- An unspecified third-party company later determined that there was “unauthorized access” to Houser’s network between May 7 and May 9, the firm said.
Golden Corral restaurant chain data breach impacts 183,000 people
- The Golden Corral American restaurant chain disclosed a data breach after attackers behind an August cyberattack stole the personal information of over 180,000 people.
- In a press release, the company said that attackers had access to its systems between August 11 and August 15 and stole the sensitive data of “current and former employees and beneficiaries.” Golden Corral revealed in a filing with Maine’s Attorney General that 183,272 individuals had their data stolen in the attack.
- Golden Corral discovered while investigating the incident that the stolen information could include employee, dependent, and beneficiary names, Social Security numbers, financial account information, driver’s license numbers, medical information, username and password, and health insurance information.
Insomniac Games alerts employees hit by ransomware data breach
- Sony subsidiary Insomniac Games is sending data breach notification letters to employees whose personal information was stolen and leaked online following a Rhysida ransomware attack in November.
- In December, Sony said they were investigating the Rhysida ransomware gang’s claims that they breached Insomniac Games and stole over 1.3 million files from its network. After negotiations failed when the game studio refused to pay the $2 million ransom, Rhysida dumped 1.67 TB of documents on its dark web leak site.
- The leaked files include personal information belonging to employees and former employees, many ID scans and internal documents, such as contract information and licensing agreements with Marvel and Nvidia, as well as screenshots of Insomniac Games’ upcoming Wolverine game.
Ransomware gang claims they stole 6TB of Change Healthcare data
- The BlackCat/ALPHV ransomware gang has officially claimed responsibility for a cyberattack on Optum, a subsidiary of UnitedHealth Group (UHG), which led to an ongoing outage affecting the Change Healthcare platform. In a statement published on their dark web leak site today, BlackCat said that they allegedly stole 6TB of data from Change Healthcare’s network belonging to “thousands of healthcare providers, insurance providers, pharmacies, etc.”
- The ransomware gang claims that they stole source code for Change Healthcare solutions and sensitive information belonging to many partners, including the U.S. military’s Tricare healthcare program, the Medicare federal health insurance program, CVS Caremark, MetLife, Health Net, and tens of other healthcare insurance providers.
- Per BlackCat’s claims, the sensitive data stolen from Change Healthcare contains a wide range of information on millions of people, including their medical records, insurance records, dental records, payments information, claims information, patients’ PII data (i.e., phone numbers, addresses, social security numbers, email addresses, and more), active US military/navy personnel PII data.