Attack

A cyber attack against document transfer app MOVEit has resulted in data breaches of several high-profile UK organizations and businesses. Those affected includes the British Broadcasting Company (BBC), health and beauty retailer Boots and UK-based airline British Airways.  The attack involved the exploitation of a critical vulnerability in MOVEit’s infrastructure which allows malicious actors to break into company networks and steal data. The vulnerability was flagged by security researchers and the US government on June 1. The US Cybersecurity and Infrastructure Security Agency (CISA) urged all MOVEit clients to check for indications that malicious actors had gained unauthorized access to…

RomCom ransomware is being spread via poisoned Google adverts for legitimate software companies including Chat-GPT, PDF Reader Pro and Devolutions' Remote Desktop Manager. According to researchers at IT security company Trend Micro, malicious actors are using Google advertisements for trusted companies to entice people into clicking on the advert and downloading RomCom ransomware onto their devices. The malicious actors are doing this through the use of fake sites set up to look like legitimate ones with poisoned uploads that execute the malware on victims’ devices once it is downloaded. By using paid advertisements slots and SEO tactics, malicious actors can…

American dental insurer, MCNA Dental, has suffered a ransomware-related data breach that has exposed the data of more than 8.9 million patients. In a notice published to its website on May 26, MCNA Dental said that it became aware of malicious actors gaining unauthorized access to its systems on March 6. An investigation into the data breach revealed that malicious actors had been accessing MCNA Dental’s network since February 26. During the malware attack and subsequent data breach, a total of 8,923,662 patients had their data accessed. The data stolen by the hackers included contact information such as patient names,…

Catholic health system and nonprofit hospital chain CommonSpirit Health has said that a ransomware attack it suffered in October 2022 cost the company US$160 million. Ransomware attacks against healthcare companies are becoming all too common, with one in 42 healthcare organizations worldwide being the victim of ransomware attacks in the final quarter of 2022. With the average cost of a ransomware attack in the US reaching $9.44mn in 2022, the impact of these cyber attacks can be widespread and devastating. The ransomware attack occurred on October 2, 2022, and forced CommonSpirit Health to take its systems offline, impacting more than…

Car manufacturer Tesla’s CEO, Elon Musk, may have had his social security number leaked in a data breach that saw 100GB of confidential information accessed. The Dutch data protection watchdog, Autoriteit Persoonsgegevens (DPA), has said that Tesla may have failed to protect confidential data from employees, customers and business partners. According to news publication Reuters, Tesla has been accused of failing to protect employee, customer and business partner data after 100GB of confidential information was leaked by an employee. The DPA has said that it is “looking into” the data breach. According to German newspaper Handelsblatt, the publication which broke…

Italian eyewear brand Luxottica, parent company of Ray-Ban and Oakley, has confirmed that the data of more than 70 million customers was accessed in 2021. The data was exposed after a third-party data storage provider used by Luxottica suffered a cyber attack. It has not currently been made public how the hackers gained access to its network, or which company the third party was. The data breach and theft was revealed after a malicious actor posted a database of the information for sale on the dark web from April 30 to May 12.  In a statement to cyber security news…

Since OpenAI unleashed ChatGPT onto the world, opinion has been split between those who believe it will radically improve the way we live and work and those who are worried about its potential for disruption, particularly on the privacy of individuals and organizations. There have already been incidents where sensitive data has been leaked and employees have landed in hot water after entering confidential company information into the chatbot, with some countries even issuing a temporary ban on its use for data protection purposes. So, what does ChatGPT do with your data and how can you use it securely? Where…

Identity and credit checks during onboarding processes are causing customers to abandon their shopping carts. As regulatory oversight aimed at stopping financial fraud increases, the controls put in place for customer protection can cause friction in the onboarding process, preventing the simple, fast and convenient experience customers want. To overcome this challenge, B2C companies and online retailers must rethink their customer journeys. The cyber security protections put in place must yield fast, accurate, low-friction and invisible identity and credit checks.   Reducing fraud and friction in consumer experiences explores the challenges, solutions and next steps retailers can take to provide…

The United States (US) federal government has seized 13 domains linked to ‘booter’ websites that offered distributed denial of service (DDoS)-attacks-for-hire services.   So-called ‘booter’ sites allow people to pay malicious actors to launch DDoS attacks against people or organizations of their choice. DDoS attacks disrupt sites by overwhelming their infrastructure with a large amount of internet traffic, which overwhelms the site’s bandwidth and prevents users from accessing it.  The Federal Bureau of Investigation (FBI) seized the domains on May 8. The seizure revealed that “hundreds of thousands of registered users have used these services to launch millions of attacks against…

A cloud misconfiguration in car manufacturer Toyota’s servers may have leaked sensitive information belonging to more than two million customers. The cloud misconfiguration meant that sensitive information for those who subscribed to Toyota services T-Connect, G-Link, G-Link Lite and/or G-BOOK between January 2, 2012 to April 17, 2023 was accessible to unauthorized parties from November 6, 2013 to April 17, 2023. The data includes location information for impacted vehicles andthe time the vehicle was at said locations, as well as the in-vehicle terminal ID and Vehicle Identification Number (VIN). Unauthorized parties may have also been able to access “video taken…