At a glance.
- CDK Global says systems will likely be down for the rest of the month.
- LockBit's claim to have breached the US Federal Reserve appears to be false.
- Threat actors target critical MOVEit flaw.
- Neiman Marcus sustains data breach via Snowflake account.
CDK Global says systems will likely be down for the rest of the month.
CDK Global, a company that provides sales management software to nearly 15,000 car dealerships across the US, has notified its clients that its tools will likely be down for the remainder of the month following a "ransom event" the company sustained last week, CBS News reports. CDK told customers in a memo, "Should you need to make alternate plans for your month-end financial close process, you should do so to help keep your dealership working until the applications are recovered."
Reuters cites a source as saying the incident has "impacted about half of Volkswagen dealers and around 60% of Audi's dealers in the United States," while "Honda, Toyota, and Hyundai [are] monitoring the situation to understand the impact of the outage."
LockBit's claim to have breached the US Federal Reserve appears to be false.
CyberDaily says the LockBit ransomware gang's claims to have breached the US Federal Reserve were likely false after the group failed to publish any data belonging to the banking system. LockBit said it would begin leaking Federal Reserve data yesterday, but instead posted data allegedly belonging to Evolve Bank & Trust, a bank that was penalized by the Federal Reserve earlier this month. While it's possible the Evolve data was taken from Federal Reserve systems, many security experts are skeptical of LockBit's claims as the group has been known to lie and exaggerate in the past.
Threat actors target critical MOVEit flaw.
Progress Software yesterday disclosed a critical authentication bypass flaw (CVE-2024-5806) affecting its MOVEit Transfer solution, and threat actors are already attempting to exploit the vulnerability, BleepingComputer reports. The flaw can allow an attacker to "access sensitive data stored on the MOVEit Transfer server, upload, download, delete, or modify files, and intercept or tamper with file transfers."
Neiman Marcus sustains data breach via Snowflake account.
US luxury retailer Neiman Marcus has disclosed a data breach affecting 64,000 people, the Register reports. The company said in a statement, "Neiman Marcus Group (NMG) recently learned that an unauthorized party gained access to a cloud database platform used by NMG that is provided by a third party, Snowflake. Promptly after discovering the incident, NMG took steps to contain it, including by disabling access to the platform. We also began an investigation with assistance from leading cybersecurity experts and notified law enforcement authorities."
A criminal threat actor dubbed "Sp1d3r" is selling the alleged stolen data for $150,000. According to the threat actor's listing, the data dump contains "names, addresses, phone numbers, the last four digits of customers' Social Security numbers, plus 50 million customer email addresses with IP addresses, 12 million gift card numbers, and 6 billion rows of customer shopping records, employee data, store information."