100 million users affected in a Quora breach
The question and answer website Quora has become a recent victim of a data breach that affected over 100 million users. In an email that was sent to potentially affected users the officials stated that the network had been compromised last Friday. Immediately after discovering the incident, the company “already taken steps to contain the incident” and “leading digital forensics and security firm” are currently investigating the breach. “All customer information is valuable to fraudsters. Name, physical and email addresses, passwords, the content of emails – everything that can be used to compile an identity will be used,”. “We must change the current equation of “breach = fraud” by changing how we think about online identity verification. We need to protect all customer data, but more importantly, we need to make it valueless.” Security experts conclude that currently it is impossible to determine how the attackers manages to compromise the system.
Four-year attack on 1-800-FLOWERS
Better late than never, however, this might sound a bit disputable while speaking about cyber incidents. Canadian retail operations of 1-800-FLOWERS has disclosed a four-year data breach. The attack affected those customers who purchased goods on the website of the company; experts warn that payment card data might have been exposed. The company 1873349 Ontario, Inc., the owner of www.1800Flowers.ca, published the details of the incident in a breach notification to affected consumers on Nov. 30. The victims were informed that an unauthorized party gained access to the database that contained payment details from Aug. 15, 2014 through Sept. 15, 2018. “To help prevent a similar incident from occurring in the future, we have redesigned the Canadian website and implemented additional security measures,” the breach notification said.
Redwood Eye Care incident
It seems that we have not mentioned any frauds for a long time, so here you are. The Redwood Eye Center has informed some 16,000 California residents about the possible compromise of their personal information. The data may have been reached when a company subcontractor suffered a ransomware attack. On September 19, The Redwood Eye Center was notified that that third-party vendor IT Lighthouse, which hosts Redwood’s medical records database, became a victim of a ransomware attack. Hackers managed to lock the server containing 16,055 the company’s customer records.
Atlanta did not pay the ransom
Earlier in March, hackers infiltrated Atlanta’s computer systems and demanded the ransom. Recently, the officials of the city commented that it was decided not to pay the ransom. Iranian malefactors Faramarz Shahi Savandi and Mohammed Mehdi Shah Mansouri were indicted last week in connection to a series of SamSam cyber attacks on Atlanta and several other municipalities, hospitals and state agencies. “The Iranian defendants allegedly used hacking and malware to cause more than $30 million in losses to more than 200 victims,” U.S. deputy attorney general Rod Rosenstein explained. “According to the indictment, the hackers infiltrated computer systems in 10 states and Canada and then demanded payment.” The malware attacks disrupted city services by infecting some 3,789 municipal computers. “The city of Atlanta did not pay the ransom,” the U.S. attorney’s office commented.
The biggest data loss of the last five years
International hotel group Marriott International confirmed a cyber attack and revealed that the data of about 500 million guests, including passport and credit card details, might have been compromised. The attack on the organization was called the biggest in the last five years since the attack on Yahoo in 2013, when the attackers accessed all of its three billion users. and the hotelier said Marriott was investigating “unauthorised access” of guest reservation database at its Starwood unit since 2014. The hotel group officials received an alert on September 8 from an internal security tool and found out that someone made attempts to access its Starwood guest reservation database. “Marriott recently discovered that an unauthorised party had copied and encrypted information, and took steps towards removing it,” the officials commented.
Uber fined for security failure
As a result of a cyber attack, information of 2.7 million UK Uber customers has been exposed. The company has been fined £385,000 by a UK watchdog for failing to protect critical data. “Avoidable data security flaws” allowed malefactors access the details of the customers including full names, email addresses and phone numbers, and download them, the Information Commissioner’s Office (ICO) commented. Also, the details of almost 82,000 UK drivers including details of journeys made and how much they were paid were accessed as well during the incident in October and November 2016. “This was not only a serious failure of data security on Uber’s part, but a complete disregard for the customers and drivers whose personal information was stolen,” said ICO director of investigations Steve Eckersley, “At the time, no steps were taken to inform anyone affected by the breach, or to offer help and support. That left them vulnerable.” The affected customers and drivers were only informed about the incident when Uber made an announcement in November 2017. Uber confirmed paying the attackers responsible $100,000 to delete the obtained data. Uber was handed a separate €600,000 fine by the data protection authority in the Netherlands as well.
Russian cyber campaign spreads malware
A hacking group that presumably works on behalf of the Russian state is believed to stand behind delivering malware to targets across Europe. The criminals use Brexit as a lure for conducting cyber operations. The UK’s departure from the European Union is said to be the latest in a line of latest in a line of current affairs topics. Fancy Bear group, which is also known as APT28, Sofacy and a variety of other names uses them aiming to trick targets into downloading malware. Earlier this month, the hacking operation that is thought to have links to the Kremlin was applying phishing lures relating the recent Lion Air crash just off the coast of Indonesia. Speaking about the current campaign, the group is referred to as SNAKEMACKEREL and exploits Brexit in order to deliver trojan malware. The campaign is also believed to have targeted a number of government departments including ministries of foreign affairs, political think-tanks, and defence organisations across Europe. “The threat group is likely to be seeking access to insights on the latest political affairs, including confidential documents on national interests related to current news headlines such as Brexit,” ,” Michael Yip, security principal at Accenture Security’s iDefense Threat Intelligence commented.
Attacks on UAE and Lebanese government
Actually, the “Russian malware” was not the only thing targeting governmental organizations last week. In another cyber incident, Emirati government may have been compromised and the critical data has been left vulnerable to blackmail. Researchers at the Cisco Talos Intelligence Group said that UAE police and the country’s Telecommunication Regulatory Authority, which is also responsible for protection against cyber attacks, were among the victims. According to the experts, Lebanon’s finance ministry and the Lebanese carrier Middle East Airlines were also targeted. The experts also presume that the attackers first examined their victims before launching their attack as they had a special scheme that allowed them to access confidential records and emails.