CYBER SECURITY NEWS – WEEK OF SEPTEMBER 30, 2024
106 million Americans exposed as massive data leak rocks background check firm
- A massive data leak at the background check firm MC2 Data has exposed sensitive information of approximately 106 million Americans, representing about one-third of the U.S. population.
- The breach was discovered by Cybernews on August 7, revealing that a database containing 2.2TB of personal data was left unprotected and accessible online.
- The leaked data includes names, email addresses, IP addresses, encrypted passwords, partial payment information, home addresses, dates of birth, phone numbers, property records, and employment history.
- Notably, it also affected over 2.3 million subscribers to MC2 Data’s services, which are typically used for background checks by employers and landlords.
U.S. govt agency CMS says data breach impacted 3.1 million people
- The Centers for Medicare & Medicaid Services (CMS) has revealed that a data breach linked to the MOVEit attacks by the Cl0p ransomware group has affected over 3.1 million health plan beneficiaries.
- The breach occurred after hackers compromised the Wisconsin Physicians Service (WPS), which administers Medicare services.
- On September 6, CMS announced it would notify nearly 947,000 Medicare beneficiaries whose personally identifiable information was exposed.
- The total number of affected individuals includes deceased persons and others whose data was collected by WPS.
- The breach investigation indicated that WPS had implemented security updates in June 2023, but the hackers had already accessed its network prior to this patch. Stolen data includes names, Social Security numbers, dates of birth, and Medicare identifiers.
- To assist those impacted, CMS is providing a 12-month free credit monitoring service through Experian.
Wells Fargo Customers’ Bank Account and Social Security Numbers Exposed, Used for Fraud in Mysterious Data Breach
- A recent data breach at Wells Fargo has compromised sensitive information of an undisclosed number of customers.
- An insider accessed this data, which includes names, addresses, Social Security numbers, and bank account details, between May 2022 and March 2023.
- The bank confirmed the breach in a letter to customers and began notifying them last month.
- Wells Fargo has indicated that they are monitoring accounts for suspicious activity and reviewing security measures to prevent future incidents.
Hacker selling Dell employees’ data after a second alleged data breach
- Dell Technologies is facing serious security issues following two alleged data breaches that have exposed sensitive information of over 10,800 employees.
- A hacker known as “grep” claimed responsibility for both incidents, posting a sample of the stolen data on BreachForums.
- The first breach, described as minor, involved internal employee data, while the second breach, termed “significant,” involved approximately 3.5 GB of data, including employee IDs and other identifiers.
- The hacker indicated that the breaches were facilitated by compromised Atlassian tools, specifically mentioning access to Jira and Confluence.
Financial Services Giant MoneyGram Systems Down After Cyberattack
- MoneyGram International is currently addressing a significant cybersecurity incident that has disrupted its operations.
- The company confirmed the breach, stating it is working with external cybersecurity experts and law enforcement to mitigate the impact.
- They are focused on restoring key transactional systems and have assured customers that pending transactions will be processed once systems are fully operational.
- The cyberattack follows a network outage reported on September 21, which prompted MoneyGram to investigate and take protective measures, including taking systems offline.
AutoCanada says ransomware attack “may” impact employee data
- AutoCanada has reported that a ransomware attack, claimed by the Hunters International group, may have compromised employee data.
- The attack occurred in August, prompting the company to take certain IT systems offline, which caused operational disruptions at its 66 dealerships.
- Although no fraud campaigns targeting affected individuals have been detected, AutoCanada is notifying potentially impacted employees about the risks.
- The ransomware gang announced the attack on September 17, claiming to have stolen terabytes of sensitive data, including personal information such as full names, addresses, dates of birth, payroll details, social insurance numbers, and bank account information.
- AutoCanada is currently investigating the full extent of the breach and has set up an FAQ page to provide updates.
- In response to the incident, the company is offering three years of free identity theft protection and credit monitoring through Equifax for those affected.
Kia dealer portal flaw could let attackers hack millions of cars
- Security researchers have uncovered critical vulnerabilities in Kia’s dealer portal that could allow hackers to locate and control millions of Kia vehicles manufactured after 2013 using only the vehicle’s license plate.
- Discovered on June 11, 2024, these flaws enable attackers to remotely lock, unlock, start, or locate a vehicle within 30 seconds, regardless of whether it has an active Kia Connect subscription.
- The vulnerabilities also expose sensitive personal information of car owners, including names, phone numbers, and addresses.
- Attackers could potentially add themselves as secondary users to the vehicles without the owners’ consent.
Meta pays the price for storing hundreds of millions of passwords in plaintext
- Meta has been fined $101.6 million by the European Union’s Data Protection Commission (DPC) for improperly storing user passwords in plaintext, a violation of GDPR regulations.
- The inquiry began in 2019 when Meta disclosed that it had stored hundreds of millions of Facebook and Instagram passwords without encryption, making them accessible to around 20,000 employees.
- The DPC found that Meta failed to notify authorities of the breach within the required 72-hour timeframe and did not adequately document the incident.