The Week in Breach News: 09/08/21 – 09/14/21 | CloudSmart IT

The Week in Breach News: 09/08/21 – 09/14/21

Hackers snatched the PII of over 7 million people in the biggest breach in Israeli history, a UN credential compromise incident leads to more trouble & just when you thought COVID-19 threats were gone, they’re back.



United Nations

https://www.infosecurity-magazine.com/news/hackers-steal-data-from-united/ 

Exploit: Credential Compromise

United Nations: Global Intergovernmental Organization 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.623 = Severe

 

Hackers have broken into the computer network of the United Nations and made off with data. The unidentified cybercriminals responsible for the hit appear to have gained access using employee login credentials stolen from a UN employee. Reports say that the bad actors logged into the employee’s Umoja account, the enterprise resource planning system implemented by the UN in 2015. This intrusion took place over an extended period of time. Investigators determined that the UN’s systems were first accessed by hackers on April 5, 2021, and that network intrusions continued to take place until August 7.

Individual Impact: No information was available at press time to clarify what type of data was stolen.  

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: This is a big target that regularly handles and sensitive data. The fact that it took several months to detect an intrusion is worrying.

 


Texas Right to Life

https://techcrunch.com/2021/09/07/texas-right-to-life-website-exposed-job-applicants-resumes/

Exploit: Misconfiguration

DuPage Medical Group: Healthcare Practice 

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.636 = Moderate

Anti-choice political action group Texas Right to Life is in hot water after it exposed the personal information of hundreds of job applicants on its website. Investigators have blamed a configuration error that allowed anyone to access all applicants’ resumes, which were stored in an unprotected directory. No additional information appears to have been exposed.  

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.712 = Moderate

Job applicants had names, phone numbers, addresses and details of their employment history exposed, as the data included complete resumes for approximately 300 people..

Customers Impacted: 300 job applicants

How It Could Affect Your Customers’ Business Sloppy setups are responsible for too any data breaches. Establishing a strong cybersecurity culture combats this problem.

 


Dotty’s

https://portswigger.net/daily-swig/data-breach-at-us-restaurant-and-gambling-chain-dottys-may-have-leaked-sensitive-customer-information

Exploit: Ransomware

Dotty’s: Fast Food Restaurant and Gambling Parlor Chain

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.673=Severe

Dotty’s, a fast food chain that offers gambling services across 175 locations, has experienced a cyberattack that severely impacted operations. The chain, owned and operated by Nevada Restaurant Services, announced that malware was discovered on some computer systems that allowed cybercriminals to access and copy customer data including some highly sensitive material. 

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.673=Severe

The data snatched includes customer names, dates of birth, Social Security numbers, driver’s license or state ID numbers, passport numbers, financial account and/or routing numbers, health insurance information, treatment information, biometric data, medical records, taxpayer identification numbers, and credit card numbers and/or expiration dates. Impacted customers are being informed by mail.  

Customers Impacted:

How It Could Affect Your Customers’ Business Whe a company fails to keep highly sensitive data like this safe, it’s going to give customers and partners pause.


United Kingdom – McDonald’s

https://www.bleepingcomputer.com/news/security/mcdonalds-leaks-password-for-monopoly-vip-database-to-winners/

Exploit: Misconfiguration

McDonald’s: Fast Food Chain 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.917 = Severe

The popular “Monopoly” game is back at McDonald’s in the UK, and winners received a surprise when the login names and passwords for the game’s database were made available to all winners. A Misconfiguration caused automated emails that went out to prize winners to contain the relevant usernames and passwords for both the production and staging database servers, allowing anyone to access the information. The missent information also included sensitive back-end info like hostnames for Azure SQL databases.

Individual Impact: The company contends that no customer inforation was compromised.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Human error will always be the biggest enemy of cybersecurity. Ensure that mistakes like this don’t happen by making sure everone knows that they’re responsible for security and not just the IT team.

 



Israel – City4U

https://www.jpost.com/israel-news/hacker-claims-to-have-stolen-information-of-7-million-israelis-678905

Exploit: Hacking

City4U: Municipal Services Platform 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.721 = Severe

Cybercriminals are claiming to have committed an audacious hack that scored them the personal information of around seven million Israelis, approximately 80% of Israel’s population, by hacking into City4U. The website is used by municipalities to allow residents to conduct business like paying utility bills, taxes and fines. The hackers made the claim through a telegram posting, providing samples of the stolen data as proof that included photos of identity cards and financial data.

Customers Impacted: 700,000

How it Could Affect Your Customers’ Business Human error is still the biggest cause of a data breach and this is one mistake that’s going to cost a fortune by the time GDPR penalties are calculated.

 


France – France-Visas

https://www.connexionfrance.com/French-news/Personal-details-of-8-700-French-visa-applicants-exposed-by-hackers

Exploit: Hacking

France-Visas: Government Services Platform 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.919 = Severe

A cyber-attack has compromised the data of around 8,700 people applying for visas to visit or move to France via the official government-run France-Visas website. No details of the nationalities affected or other information about the applicants that had information exposed was released, but French officials say that they have been contacted by mail.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.778 = Severe

Applicant PII including names, passport and identity card numbers, nationalities and birth dates was snatched by the hackers. No financial information was exposed. Officials noted a low potential for misuse because of strict GDPR compliance procedures.

Individual Impact: No clear reporting on the data stolen was available at press time, but users can safely assume that nay data they’ve entered on the platform is compromised.

Customers Impacted: 8,700

How it Could Affect Your Customers’ Business Huge data hauls like this are goldmines for cybercriminals, who can make plenty of cash by selling 2020’s number one desirable resource on the dark web: personal data.

 



Singapore – MyRepublic

https://www.zdnet.com/article/myrepublic-customers-compromised-in-third-party-data-breach/

Exploit: Third Party Breach

MyRepublic: Mobile Carrier 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.802 = Severe

Mobile Carrier MyRepublic has announced that 80,000 of its mobile subscribers in Singapore have had their personal data compromised, following a security breach on a third-party data storage platform. The company disclosed that the incident was uncovered on August 29 and the relevant authorities had been informed of the breach, including industry regulator Infocomm Media Development Authority (IMDA) and the country’s Personal Data Protection Commission, which oversees Singapore’s Personal Data Protection Act (PDPA).   

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.802 = Severe

Cybercriminals were able to access customer records containing PII like the identity verification documents that customers had provided for mobile services registration, including scanned copies of national identity cards and residential addresses of foreign residents. 

Customers Impacted: 80,000 mobile subscribers

How it Could Affect Your Customers’ Business: Third party risk is escalating as business operations become less centralized and more businesses rely on specialty services providers for day-to-day chores.

 


South Africa – Department of Justice and Constitutional Development 

https://securityaffairs.co/wordpress/122128/cyber-crime/department-of-justice-and-constitutional-development-of-south-africa-ransomware.html

Exploit: Ransomware

Department of Justice and Constitutional Development: Government Agency 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.802 = Severe

A ransomware attack struck the Department of Justice and Constitutional Development of South Africa. According to a department statement, many departments have been impacted, including the issuing of letters of authority, bail services, departmental email and the departmental website. Some services are available through old-fashioned pen and paper and child support payments won’t be delayed. The department announced that its team is working to restore operations. The incident is under investigation, and no word was available at press time on who was responsible for the attack.

Individual Risk: The department claims that no data has been exfiltrated by the ransomware operators

How it Could Affect Your Customers’ Business: Ransomware doesn’t always go after data. Sometimes cybercriminals want to hold the whole business to ransom, impeding operations and notching up embarrassment.


 


1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.