The Week in Breach News: 02/23/22 – 03/01/22

Risk to Business: 2.177= Severe

The State Bar of California is investigating a data breach after learning that a third-party website had published confidential information about 260,000 attorney discipline cases in California and other jurisdictions. The exposed data included case numbers, file dates, information about the types of cases and their statuses, respondent and complaining witness names. 

Risk to Business: 2.807=Moderate

New York’s ethics commission has shut down its online filing system after a cyberattack. The attack impacted several functions including a web server for the agency’s lobbying application and financial disclosure filing systems as well as other functions. The systems were taken offline late last week and will remain offline for the foreseeable future.

Risk to Business: 1.616 = Severe

Legendary graphics chipmaker Nvidia has been hit with ransomware that took several of the company’s functions down for days, including internal email and developer tools. Ransomware group Lapsus$ is claiming responsibility. The group claims to have some 1TB of Nvidia threatening to leak it if Nvidia doesn’t pay an unspecified sum. In a highly unusual turn of events, a few days later, Lapsus$ took to the web to indignantly complain that Nvidia had hacked them in return, encrypting the data that Lapsus$ had snatched. The group says they have backups, and they’ll start publishing Nvidia’s data soon.  

Risk to Business: 1.414 = Extreme

Bridgestone is shutting down production at its factories around the US as the company deals with an unspecified cybersecurity incident. The company released a statement saying that it was immediately disconnecting and pausing production at factories in the US and Latin America, with no projected timeline for reopening provided to employees.

Risk to Business: 2.771=Moderate

An Amazon S3 bucket that belonged to French kids’ fashion retailer Melijoe was left accessible on the web with no authentication controls in place, exposing the sensitive and personal data of potentially hundreds of thousands of customers. The bucket has exposed almost 2 million files, totaling around 200 GB of data, including wish lists, purchases, preferences and other customer data. 

Risk to Individual: 2.822=Moderate

The Preferences dataset exposed forms of customer PII and sensitive customer data, including email addresses, names of children, genders, dates of birth, preferences of brands. Other datasets included SKUs of purchased items, payment type (but not payment card or bank information), order dates and delivery preferences.  

Risk to Business: 1.719 = Severe

Axis has shut down all of its public-facing services in response to alerts from its cybersecurity and intrusion detection system on Sunday, the company said in a statement. Axis said that its Case Insight tool in the US and the Camera Station License System were dealing with partial outages as well as Device Manager Extend Device upgrades for OS and apps. The incident is under investigation and services are expected to be restored quickly.  

Risk to Business: 1.231 = Extreme

Owners of Asustor NAS drives have discovered that their devices have been hit by DeadBolt ransomware. Users were greeted with a message from the DeadBolt ransomware attempting to extort 0.03 bitcoins (approximately US $1140 at current exchange rates) for the promised release of a decryption key that would allow users to access their data. Asustor is investigating the matter and in the meantime, the company has disabled functionality which can allow remote access to its NAS drives: ASUSTOR EZ-Connect, ASUSTOR EZ Sync, and ezconnect.to  

Risk to Business: 1.892 = Severe

Toyota announced that it is shutting down its domestic factory operations briefly after a cyberattack at a supplier. The supplier, Kojima Industries Corp, has admitted to being attacked but offered no further information. It was not made clear how long Toyota’s Japanese factories, which total one-third of its production yearly, will be closed.