Data Privacy | Leakage | Breaches

Exclusive: Software vendors would have to disclose breaches to U.S. government users under new order: draft

March 26, 2021 – SAN FRANCISCO/WASHINGTON (Reuters) – A planned Biden administration executive order will require many software vendors to notify their federal government customers when the companies have a cybersecurity breach, according to a draft seen by Reuters. Source: Reuters

‘Security risks’: Ministers’ private email accounts in historical data breach

February 26, 2021 – A private email account used by Queensland Premier Annastacia Palaszczuk, and potentially the password unlocking a linked social media platform, was exposed in a 2016 data breach that affected more than 150 million other LinkedIn users across the globe. Source: Brisbane Times

January 28, 2021 – Australia’s privacy watchdog has taken aim at a growing number of organisations that it says take too long to assess data breaches or that downplay the significance in customer notifications.

The Office of the Australian Information Commissioner (OAIC) issued multiple warnings in its latest report [pdf] on notifiable data breaches (NDB). Source: itnews 

January 25, 2021 — Australia’s securities regulator has suffered a cyber security breach on a server it used to transfer files including credit licence applications where some information may have been viewed.

The Australian Securities and Investment Commission (ASIC) said it became aware of the incident on January 15 although it does not appear the credit licence forms or attachments were downloaded. Source: yahoo! news

January 11, 2021 — More than 400GB of public and private profile data for 214 million social-media users from around the world has been exposed to the internet – including details for celebrities and social-media influencers in the U.S. and elsewhere.

The leak stems from a misconfigured ElasticSearch database owned by Chinese social-media management company SocialArks, which contained personally identifiable information (PII) from users of Facebook, Instagram, LinkedIn and other platforms, according to researchers at Safety Detectives. Source: Threatpost

Mountain View, Carlifornia: January 11, 2021 — Signal and Telegram messaging apps are seeing a sudden increase in demand after larger rival WhatsApp’s updated terms of service raised eyebrows on social media last week.

This is even as Turkish President Recep Tayyip Erdogan’s media office and the country’s defence ministry told journalists they are quitting WhatsApp as well, joining the global flight from the popular messaging app over new usage terms that have sparked privacy concerns. Source: The Straits Times

January 15, 2021 — WhatsApp on Friday announced a three-month delay of a new privacy policy originally slated to go into effect on February 8th following widespread confusion over whether the new policy would mandate data sharing with Facebook.

The update does not in fact affect data sharing with Facebook with regard to user chats or other profile information; WhatsApp has repeatedly clarified that its update addresses business chats in the event a user converses with a company’s customer service platform through WhatsApp. Source: THE VERGE

January 11, 2021 — Networking device maker Ubiquiti has announced a security incident that may have exposed its customers’ data.

Ubiquiti is a very popular networking device manufacturer best known for its UniFi line of wired and wireless network products and a cloud management platform.

Today, Ubiquiti began emailing customers to change their passwords and enable 2FA after an attacker hacked their systems hosted at a third-party cloud provider. Source: BLEEPINGCOMPUTER

January 11, 2021 — More than 400GB of public and private profile data for 214 million social-media users from around the world has been exposed to the internet – including details for celebrities and social-media influencers in the U.S. and elsewhere.

The leak stems from a misconfigured ElasticSearch database owned by Chinese social-media management company SocialArks, which contained personally identifiable information (PII) from users of Facebook, Instagram, LinkedIn and other platforms, according to researchers at Safety Detectives. Source: threatpost

January 8, 2021 — Since Facebook acquired WhatsApp in 2014, users have wondered and worried about how much data would flow between the two platforms. Many of them experienced a rude awakening this week, as a new in-app notification raises awareness about a step WhatsApp actually took to share more with Facebook back in 2016.

On Monday, WhatsApp updated its terms of use and privacy policy, primarily to expand on its practices around how WhatsApp business users can store their communications. Source: WIRED

December 29, 2020 — A security incident at Kawasaki Heavy Industries has potentially exposed sensitive data to external parties, the company has confirmed.

The Japanese firm, which manufactures motorcycles, military aircraft, and industrial machinery, among many other products, said an internal audit back in June revealed that its domestic servers had been accessed via an overseas office in Thailand.

It later discovered further unauthorized access via satellite offices in Indonesia, the Philippines, and the US. Source: The Daily Swig

Malwarebytes detects leaked tools from FireEye breach

December 10, 2020 – Hello folks! If you have not heard yet, the security firm FireEye has had a breach of many red team assessment tools used for identification of vulnerabilities to help protect customers.

While it is not known exactly who was behind this attack, a big concern is the sharing and use of these stolen red team tools by both sophisticated and non-sophisticated actors, similar to what we saw in 2017 with the ShadowBrokers group breach of the NSA’s Equation Group. Source: MalwareBytes

December 2, 2020 — According to the Estonian Information System Authority – also known by its Estonian acronym, RIA – three Estonian ministries reported cybersecurity incidents in November that resulted in significant breaches of personal data.

The three ministries were the economy ministry, the foreign ministry and the social affairs ministry. Source: estonian world

November 25, 2020 — A hacker has now leaked the credentials for almost 50,000 vulnerable Fortinet VPNs.

Over the weekend a hacker had posted a list of one-line exploits for CVE-2018-13379 to steal VPN credentials from these devices, as reported by BleepingComputer.

November 9, 2020 — A widely used hotel reservation platform has exposed 10 million files related to guests at various hotels around the world, thanks to a misconfigured Amazon Web Services S3 bucket. The records include sensitive data, including credit-card details.

Prestige Software’s “Cloud Hospitality” is used by hotels to integrate their reservation systems with online booking websites like Expedia and Booking.com. Source: ThreatPost

Singapore: October 30, 2020 — Personal information from 1.1 million RedMart accounts was stolen from e-commerce platform Lazada and sold online in a data breach.

A Lazada spokesperson confirmed this on Friday (Oct 30). Source: CNA

October 27, 2020 — A large data breach has been suffered by the Nitro PDF service. The data loss has impacted many large technology organizations, including Google, Apple, Microsoft, Chase, and Citibank. Source: Digital Journal

October 8, 2020 — UPDATED A ransomware attack on a Mississippi ambulance service resulted in a data breach affecting an as yet unknown number of patients, investigators have discovered.

The security incident at AAA Ambulance Service (AAA), based in Mississippi, US, was discovered on July 1, 2020.

After taking “immediate steps” to mitigate the attack, AAA said it employed a third-party forensic team to conduct an investigation. Source: The Daily Swig

October 1, 2020 — Dfat has admitted it inadvertently revealed the email addresses of almost 3,000 vulnerable Australians stranded overseas in a data breach that has been labelled a “complete stuff-up”.

The addresses were included in an email sent to multiple recipients before midday on Wednesday by the Covid-19 consular operations section of Dfat. Source: The Guardian

October 1, 2020 — Malicious actor accessed failover database for a year.

Users of CloudBees’ CodeShip are advised to immediately rotate any keys and other secrets in their pipelines after the DevOps solutions provider discovered a long-lasting data breach affecting the continuous integration and deployment (CI/CD) system. Source: IT News

Australia: September 21, 2020 — The University of Tasmania has today contacted students whose personal information was inadvertently made accessible to all users with a utas.edu.au email address.

The data, which is used to inform the ways the University supports students in their studies, contained personally identifiable information of 19,900 students. Source: ESPC

Malaysia: September 14, 2020 — A Chinese company with ties to Beijing’s military and intelligence networks has amassed a vast database of detailed personal information on 2.4 million people, including 1,400 Malaysians.

According to a report from the Australian Broadcasting Corporation (ABC), the database has been leaked from the Shenzhen company Zhenhua Data, which is believed to be used by China’s intelligence service.

Source: FMT

Australia: September 9, 2020 — NSW Customer Services minister Victor Dominello says the victims of Service NSW’s email compromise are receiving “hypercare”, despite the 186,000 affected customers still waiting to learn of the breach.

Breaking his silence since the extent of the data breach was revealed, Dominello took to LinkedIn late on Tuesday to talk up the measures taken by the one-stop-shop for government services. Source: ITNews

Aug 14, 2020 – SANS has shared the indicators of compromise for a recent phishing attack that compromised one of their email accounts and led to a data breach. Source: Bleeping Computer

August 6, 2020 – The National Security Agency (NSA) has released an information sheet with guidance on how to limit location data exposure for National Security System (NSS) / Department of Defense (DoD) system users, as well as the general public. Source: US-CERT

July 20, 2020 – A massive data breach has exposed thousands of Western Australians’ sensitive medical records and leaked them online.

The state’s confidential coronavirus management system stores thousands of medical alerts, notifications and requests, including doctor and patient names, their addresses, phone numbers and health concerns. Source: 9NEWS

San Francisco: July 16, 2020 – Twitter (TWTR.N) said hackers accessed its internal systems to hijack some of the platform’s top voices including U.S. presidential candidate Joe Biden, reality TV star Kim Kardashian, former U.S. President Barack Obama and billionaire Elon Musk and used them to solicit digital currency. Source: Reuters

July 15, 2020 – New Zealand Police are investigating the possible hacking of a research company, and the potential compromise of information sent to the company by Police for the purposes of service quality research. Source: ESPC

Brussels: July 13, 2020 – Europe’s top court will on Thursday rule on the legality of tools companies use to transfer Europeans’ data around the world, in the latest clash between Facebook and Austrian privacy activist Max Schrems. Source: Reuters

July 13, 2020 – India’s recent ban of dozens of Chinese mobile apps gives local start-ups some leeway to develop products to replace the affected services, but the country’s existing data protection laws are inadequate, said Mishi Choudhary from the Software Freedom Law Center. Source: CNBC

July 12, 2020 – Recently, when our research team was performing their regular deepweb and darkweb sweeps, they came across a post in which a credible actor claimed to be in possession of records of 45 million+ travelers to Thailand and Malaysia from multiple countries. Source: Cyble, Inc