Attack

IOTW: US healthcare group data breach affects two million

IOTW: US healthcare group data breach affects two million

Shields Health Care Group has disclosed it was subject to a recent cyber security incident which could affect up to two million of its patients. The company said it was alerted to suspicious activity that may have involved data compromise on 28 March 2022. Following the alert, Shields immediately launched an investigation into this issue and worked with subject matter specialists to determine the full nature and scope of the event. This investigation determined that an unknown actor gained access to certain Shields systems from 7 to 21 March 2022, Shields said in a statement. During this timeframe some data…
Read More
IOTW: Turkish-based airline leaves 6.5 TB of sensitive data exposed

IOTW: Turkish-based airline leaves 6.5 TB of sensitive data exposed

Turkish-based airline, Pegasus Airlines, has had sensitive Electronic Flight Bag (EFB) information leased according to a cyber security team at SafetyDetectives. SafetyDetectives said in published findings on 30 May that an ASW S3 bucket containing the airline’s EFB information was left without password protection, leaking a range of sensitive flight data. The S3 bucket’s information was linked to an EFB software developed by PegasusEFB that pilots use for aircraft navigation, takeoff/landing, refueling, safety procedures, and various other in-flight processes, according to SafetyDetectives. A total of 6.2 TB of data was exposed, equating to almost 23 million files found on the…
Read More
IOTW: Costa Rica embroiled in severe, ongoing cyber-attack

IOTW: Costa Rica embroiled in severe, ongoing cyber-attack

Costa Rica’s newly elected president, Rodrigo Chaves, declared a state of emergency on 8 May following a month of devastating ransomware attacks carried out by the Conti ransomware gang. The gang has infiltrated Costa Rican government systems and is holding data to ransom. Originally the ransom stood at $10mn but has recently increased to $20mn. The attack has been described by the Costa Rican government as “unprecedented” in the country, adding that it is impossible to know its magnitude. A message on 16 May highlighted by cyber security company BetterCyber stated that the ransomware gang said it has “insiders” within…
Read More
Top five recent cyber-attacks you should know about

Top five recent cyber-attacks you should know about

Every week CS Hub covers an Incident of the Week and explores what happened in a recent cyber-attack or data breach as well as what security professionals can learn from the attack. In this overview discover how car rental company Sixt dealt with a recent cyber incident, why greeting card retailer Funky Pigeon halted orders and the reason social engineering attacks remain a threat to businesses. Become a Cyber Security Hub member and gain exclusive access to our upcoming digital events, industry reports and expert webinars Car rental chaos after DNS incident Car rental company Sixt confirmed on 1 May…
Read More
Russia ramps up hacking and jamming efforts in Ukraine

Russia ramps up hacking and jamming efforts in Ukraine

Russia was behind the cyberattack against a satellite internet network servicing Ukraine in February 2022, just hours befor the invasion of Ukraine began, it has been confirmed by Western governments. As Ukrainian troops battle the Russians on the ground, a full cyber-offensive against the Eastern-European nation continues and is said to be ramping up. The February incident saw commercial satellite operator Viasat experience a partial outage of its KA-SAT network in Europe as a result of a “multifaceted and deliberate cyber-attack.” Viasat has previously explained that the incident was a denial-of-service attack which made it difficult for many modems to…
Read More
IOTW: Cyber-attack forces Lincoln College to close

IOTW: Cyber-attack forces Lincoln College to close

Illinois’ Lincoln College will close its doors on 13 May 2022 as a cyber-attack dealt financial blows it was unable to recover from following unprecedented challenges posed by the Covid-19 pandemic. Lincoln College attributed the Covid-19 pandemic, coupled with the cyber-attack in December 2021, for its financial woes and poor enrollment rates in 2022, despite a bumper year for enrollment in 2019. The Covid-19 pandemic has drastically impacted recruitment and fundraising efforts. The College said the economic burdens initiated by the pandemic required large investments in technology and campus safety measures, followed by a significant drop in enrollment. Cyber-attack takes…
Read More
IOTW: Car rental customers face chaos during Sixt cyber-attack

IOTW: Car rental customers face chaos during Sixt cyber-attack

Car rental company Sixt confirmed on 1 May that it had detected IT irregularities on 29 April and had been subject to a cyber-attack. On confirming the attack, Sixt, which has more than 2,000 locations across 110 countries, said it was able to contain it at an early stage. The type of attack has not been made public and it is unclear if customer or employee data was lost or stolen. “As a standard precautionary measure, access to IT systems was immediately restricted and the pre-planned recovery processes were initiated,” Sixt said in a statement. “Many central Sixt systems, in…
Read More
Coca-Cola at center of new Stormous hacking claims

Coca-Cola at center of new Stormous hacking claims

Beverage manufacturing behemoth, Coca-Cola, is currently investigating a report that data stolen from its network is being sold by cyber criminals. The Russia-linked hacking group behind Stormous ransomware claims to have stolen 161 GB of data from Coca-Cola. The list of stolen files, seen by CISOAdvisor, shows file names which likely contain financial data, passwords and commercial accounts. The Coca-Cola listing on the Stormous leak site asks for 1.6bn bitcoin and just over $64,000, in return for the stolen data. In the listing the hacking group said: “We hacked come of the company’s servers and passed a large amount of…
Read More
IOTW: Cyber incident halts Funky Pigeon online orders

IOTW: Cyber incident halts Funky Pigeon online orders

WHSmith subsidiary and online card retailer Funky Pigeon was forced to halt all online orders as it dealt with a cyber security incident which occurred on 14 April 2022. Confirming the incident on 19 April WHSmith explained that Funky Pigeon temporarily suspended orders from its website and an investigation was being carried out regarding the detail of the incident with external, unspecified IT specialists. Funky Pigeon confirmed it has isolated relevant systems and said its customer-facing website was not affected by the cyber security incident. Customer data “not at risk” The retailer said “no customer payment data, such as bank…
Read More
Okta concludes investigation following cyber compromise

Okta concludes investigation following cyber compromise

Okta, an identity and access management company, has released a comprehensive conclusion of its investigation into a compromise of one of its third-party vendors in January 2022. Okta’s investigation focused on a five-day window between 16 and 21 January and ultimately found that the adversary had control for just 25 minutes. On 22 March the Lapsus$ hacking group posted on their official Telegram group claiming they had breached the company. During that time the threat actor accessed two active customer tenants within Okta’s SuperUser application. It viewed limited additional information in certain other applications like Slack and Jira that cannot…
Read More