Attack

The Albanian government has reported that it has suffered under a cyber-attack following the severance of its political ties to Iran in August of this year. The cyber-attack was confirmed by Albanian Prime Minister Edi Rama in a tweet on September 10, just days after Albania cut ties with Iran. Një tjetër sulm kibernetik nga të njëjtët agresorë, tanimë të ekspozuar dhe dënuar prej vendeve aleate e mike të Shqipërisë, është shënuar mbrëmë mbi sistemin TIMS! Ndërkohë vazhdojmë punojmë përditë pa orar me aleatët për t'i bërë të papenetrueshme sistemet tona digjitale. — Edi Rama (@ediramaal) September 10, 2022 In…

Samsung has been hit with a class action lawsuit following its data breach in July of this year which saw the company’s US servers hacked and customer data accessed. Following the breach, Samsung confirmed on August 4 that “name, contact and demographic information, date of birth and product registration information” may have been accessed by the hackers. The lawsuit alleges that Samsung violated privacy and contract laws and was filed with the US District Court for Nevada on September 6 by Shelby Harmer “on behalf of Samsung’s customers whose personally identifiable information was stolen by cybercriminals”. It alleges that Samsung…

Intercontinental Hotels Group (IHG), the hospitality company whose brands include Holiday Inn, Crowne Plaza and Regent Hotels, has reported that its booking systems are down following unauthorized access to its technology systems. The activity was reported on September 6, 2022 with the company explaining that its booking channels and “other applications” had been “significantly disrupted”. The disruption is still ongoing at the time of writing. IHG reassured customers in a statement that they could still contact hotels directly to book rooms. One company’s employee, however, advised customers via Twitter to not do this as they “won’t be given a central…

Samsung has warned its US customers that their data may have been accessed following a hack in July of this year. In a statement the technology company said it had discovered a “cyber security incident” which may have led to the sharing of customer information including “name, contact and demographic information, date of birth and product registration information”. The breach was the result of an unauthorized third party gaining access to Samsung’s US systems in late July, and “acquir[ing] information” from them. It was confirmed on August 4, 2022 via an internal investigation at Samsung that personal customer information was…

The US Federal Bureau of Investigation (FBI) has said it will deploy Cyber Action Teams (CAT) to Montenegro in the wake of a series of “persistent and ongoing” cyber-attacks against the country’s infrastructure.  The country has been suffering a series of cyber-attacks targeted at critical infrastructure including transportation services, electricity and water supply systems and online portals that citizens use to access various state services. Among those are 150 work stations in 10 state institutions that became infected with malware.   The attacks have forced state-managed IT infrastructure offline and several power plants to switch to manual controls. In a…

Twilio has released an updated on the cyber-attack it suffered in August Add bookmark The phishing attack that led to a data breach for communications company Twilio has led to 163 companies, each with hundreds of customers of their own, being affected by the breach. The breach, now referred to as Oktapus by researchers, involved a targeted phishing attack against Twilio employees to gain unauthorized access to Twilio’s servers and its customer data. The breach was discovered on 4 August. The communications platform disclosed in an update on the attack that it has identified 163 Twilio customers whose “data was…

Bad actors may have gained access to millions of users’ information between June and July Add bookmark A data breach on student loan servicer Nelnet Servicing has caused the confidential information of  over 2.5 million users to be leaked. Nelnet Servicing provides technology services including a website portal to two student loan companies, Edfinancial and OSLA services. On 21 July 2022, Nelnet contacted the two student loan servicing companies it provides technology services to about a cybersecurity vulnerability, which was discovered due to some "suspicious activity". Once the vulnerability was discovered, Nelnet worked to secure its information system and launch…

The password management service reported that a data breach involved unauthorized access to its development environment Add bookmark LastPass, a password manager which has 25 million users, has confirmed that its source code was stolen during a data breach. Karim Toubba, CEO of LastPass, explained that the breach was discovered after noticing some suspicious activity within the LastPass development environment two weeks ago. A third party gained unauthorized access to the environment through a compromised developer account. This third party then took “some proprietary LastPass technical information” and “portions of source code”. LastPass has taken measures while an investigation into…

American streaming service Plex has urged its customer to change their passwords following a third-party data breach that allowed unauthorized access to users' emails, usernames and encrypted passwords. In a statement sent to Plex customers and posted on its forum, the company said it had “discovered suspicious activity on one of [its] databases” on August 23, 2022 and had investigated the activity immediately. The company said that it “does appear” that a third party was able to “access a limited subset of data that includes emails, usernames and encrypted passwords”.  The statement noted that it was “out of an abundance…

The DDoS attack on a Google Cloud Armour user peaked at 46 million rps Add bookmark Google has reported that it has blocked the ‘largest’ distributed denial of service (DDoS) attack on record, which had a peak of 46 million requests per second (rps). The attack took place at 9:45am PT on 1 June and targeted a Google Cloud Armour user with HTTPS for a duration of 69 minutes. The attack had 5,256 source IPs from 132 countries contributing to it. Google reported that the attack was the biggest Layer 7 DDoS attack reported to date, at 76 percent larger…