WEEK OF MARCH 28, 2022
HubSpot data breach compromises data of top cryptocurrency investment platforms
- HubSpot, a popular marketing platform, suffered the breach of an internal email account last week that compromised the customer data of 30 of its clients.
- The stolen data of crypto investors on BlockFi, Circle, NYDIG, and others can be leveraged by hackers to launch phishing, smishing, and vishing attacks.
- It is unclear whether the attacker specifically wanted to target the cryptocurrency players, but this seems to be the case based on HubSpot’s initial assessment.
- “At this time, we believe this to be a targeted incident focused on customers in the cryptocurrency industry,” HubSpot said. Most of the affected 30 companies provide cryptocurrency services.
FBI sees growing Russian hacker interest in US energy firms
- The FBI is warning that it has seen increased interest by Russian hackers in energy companies since the start of Russia’s war against Ukraine, though it is offering no indication that a specific cyberattack is planned.
- An FBI advisory obtained by The Associated Press on Tuesday says Russian hackers have scanned at least five energy companies for vulnerabilities and at least 18 other companies in sectors including the defense industrial base and financial services. The advisory does not identify any of the companies.
- Scanning a network for flaws or vulnerabilities is common and does not indicate that an attack is forthcoming, though the activity can sometimes be a precursor of one.
Background check company sued over data breach
- Four parallel data breach lawsuits have been filed against a 45-year-old background check services company based in Massachusetts.
- Creative Services, Inc. (CSI), located in Mansfield, provides background screening, drug testing and security consulting services to employers, institutions and governments in the United States and overseas.
- According to an official filing by the company, on November 26 2021, CSI detected suspicious activity on its computer systems. The company then learned that an unauthorized individual had gained access to the company’s network and may have copied certain files dating from November 2018 to November 2021.
AI experts warn of potential cyberwar facing banking sector
- U.S. financial institutions’ machine-learning models are a potential avenue for attacks, experts said.
- Fears of Russia-linked cyberattacks, long a threat to businesses, gained new urgency when Russian soldiers launched a full-scale invasion of Ukraine last month. U.S. authorities have flagged the U.S. financial system, a central pillar in the U.S. sanctions regime, as an attractive target, and officials and security experts have warned for weeks about the possibility of retaliatory cyberattacks from Russia.
- “It’s a huge unaccounted-for risk,” said Andrew Burt, a former policy adviser to the head of the cyber division at the Federal Bureau of Investigation who now runs AI-focused law firm BNH. “The vulnerabilities of AI and complex analytic systems are significant and very widely overlooked by many of the organizations employing them.”
Medical service leaks 12,000 sensitive patient images
- A medical Q&A service provider is facing questions about its security processes after a cloud misconfiguration appeared to leak sensitive images of thousands of patients, including infants.
- A team at Safety Detectives traced the exposed Amazon S3 bucket back to Japanese firm Doctors Me. It was apparently left open with no authentication controls in place.
- However, the cloud storage misconfiguration left 300,000 files at the mercy of potential malicious actors. The 30GB trove featured over 12,000 unique images, including the faces and private areas of children and infants, according to Safety Detectives.
Hacktivists leak data allegedly stolen from Russian energy giant Transneft
- Roughly 79 gigabytes of emails allegedly stolen from Russian state-controlled oil pipeline company Transneft emerged on a known leaks hosting website.
- The largest pipeline company in the world, the Moscow-based Transneft transports oil and oil products in Russia and the CIS countries, operating more than 70,000 kilometers of pipelines.
- The leaked data is said to have been exfiltrated from the OMEGA Company, the multi-discipline research and development department of Transneft.
- The Anonymous hacktivists who took responsibility for the attack posted the data on leak hosting website Distributed Denial of Secrets. They claim to have hacked Transneft in response to Russia’s invasion of Ukraine.