CYBER SECURITY NEWS – WEEK OF MARCH 25, 2024
Google Firebase may have exposed 125M records from misconfigurations
- More than 900 misconfigured Google Firebase websites could have leaked nearly 125 million user records, according to a recent post by a trio of security researchers.
- A security researcher first reported on January 10 that in hacking into Chattr.ai, the AI-based hiring system, they had successfully accessed popular retail food websites such as Applebee’s, Chick-fil-A, KFC, Subway and Taco Bell.
- The trio of security researchers then scanned the internet for exposed PII via misconfigured Firebase instances and found leaked records, including important bank details, billing information and invoices. The leaked data also included names, phone numbers, email addresses and passwords.
New Zealand media company: Hackers directly targeting individuals after alleged data breach
- MediaWorks, a company based in New Zealand, is investigating an alleged security incident after a hacker claimed to have stolen the data of just over 2.4 million people and began targeting individuals for extortion payments. The company said in a statement that the “claims relate to data from website competition entries”, which have now been moved “to a new secure database”.
- According to the hacker — who announced they were attempting to sell the data on a cybercrime forum — the stolen material includes personally identifying information such as names, addresses, dates of birth and phone and email contact details.
- MediaWorks has confirmed the database held “name, date of birth, gender, address, post code and mobile number” information, as well as in some cases images or videos uploaded as part of people’s entries to the competition.
Nations Direct Mortgage alerts 83,000 to personal data leaks from December cyberattack
- Nevada-based Nations Direct Mortgage said more than 83,000 customers were affected by a late 2023 data breach that leaked Social Security numbers and other sensitive information.
- The company said it discovered the cybersecurity incident on December 30 that prompted an investigation while keeping law enforcement and other governmental agencies notified of the cyberattack.
- In letters sent to victims, the company informed that an unauthorized third party obtained access to and potentially removed data of certain individuals from across the country. Based on their investigation, the company said that the victims’ name, address, social security number, and unique Nations Direct loan number may have been obtained by the unauthorized third party bad actor.
SCAA Suffers Cyberattack: 70,000 Members’ Data Potentially Compromised
- Unauthorized third parties breached the computer servers of the South China Athletic Association (SCAA) on March 17,2024, sparking concerns over the security of member data.
- The Office of the Privacy Commissioner for Personal Data (PCPD), Hong Kong, estimated that approximately 70,000 data subjects could be affected by the breach.
- The SCAA outlined immediate response actions, including the shutdown of affected computer equipment to mitigate potential risks to the members’ personal data security (including name, date of birth, ID number, address).
Jacksonville Beach and other US municipalities report data breaches following cyberattacks
- The city government of Jacksonville Beach disclosed that 48,949 people had personal information accessed during a January cyberattack. In letters to victims, the city said names and Social Security numbers were obtained by the hackers.
- The investigation carried out by the City of Jacksonville Beach (COJB) determined that certain files in COJB systems were subject to unauthorized access and that information may have been taken from the network between January 22, 2024 through January 29, 2024.
- The attack was claimed by the LockBit ransomware gang in February, and officials acknowledged the posting and confirmed that they are still working with federal law enforcement agencies on the investigation.
Fujitsu found malware on IT systems, confirms data breach
- Japanese tech giant Fujitsu, the world’s sixth largest IT services provider, discovered that several of its systems were infected by malware and warned that the hackers stole customer data.
- An announcement published late last week on the firm’s news portal disclosed that a major cybersecurity incident had compromised systems and data, including sensitive information of customers. The company said that the security breach was limited to Japan and there was no impact outside the country.
- In a notice, the company confirmed the presence of malware on several of their business computers, and that files containing personal information and information related to customers could have been illicitly removed. The company said that it had reported the breach to Japan’s Personal Information Protection Commission, and that it has yet to receive reports whether information about the company’s personnel or its customers has been misused.
Florida Man Sues G.M. and LexisNexis Over Sale of His Cadillac Data
- Romeo Chicco, a resident of Florida, filed a federal complaint seeking class-action status, with a complaint that data on his driving habits from his own Cadillac XT6 was shared with insurers without his consent.
- According to the complaint, several insurance companies rejected his attempts to buy auto insurance, and that an agent at Liberty Mutual informed him that the reason for rejection was because of the driver behavior information in his LexisNexis report.
- In his complaint against LexisNexis Risk Solutions, a data broker, and General Motors, Mr. Chicco accused the companies of violation of privacy and consumer protection laws.