At a glance.
- Taiwan citizens' data found on the dark web.
- Cyberattacks reported in Minnesota.
- Amtrak Guest Rewards breached.
- More sites found doing port scanning.
Taiwan citizens' data found on the dark web.
The Taiwan Whole Country Home Registry DB, a 3.5 gigabyte database belonging to the Ministry of the Interior’s Department of Household Registration, has been found on the dark web, Taiwan News reports. Researchers at Cyble attribute the breach to a known hacker, "Toogood," and say the data include "names, addresses, genders, dates of birth, and other private information of more than 20 million citizens."
Cyberattacks reported in Minnesota.
There have been many claims that the attacks represent an operation by Anonymous designed to punish Minnesota for the death of George Floyd in police custody, a death that's provoked widespread protest and rioting. Many of the reports in social media claim that Anonymous is releasing email addresses and passwords from the Minneapolis Police Department. But that seems, researcher Troy Hunt says, to be almost surely false. The email addresses and passwords displayed as evidence seem to come from older breaches, and from such online resources as Have I Been Pwned.
Civil unrest will certainly continue, however, to manifest itself in cyberspace, through hacking, disinformation, doxing, and denial-of-service. Minnesota's chief information officer Tarek Tomes said yesterday that the state's Security Operations Center "is defending against distributed denial-of-service cyber-attacks aimed at overloading state information systems and networks to tip them offline," the Twin Cities Pioneer Press reports. He added that the state had succeeded in preventing disruption of operations.
Amtrak Guest Rewards breached.
Amtrak, the US National Railroad Passenger Corporation, has disclosed a data breach that affects Amtrak Guest Rewards Accounts. BleepingComputer reports that Amtrak believes "no financial data, credit card info, or Social Security numbers" were compromised, and the railroad says that the incident was quickly contained. Only guest account numbers appear to have been involved, but Amtrak has asked its passengers to change their passwords.
More sites found doing port scanning.
Last week eBay was found port scanning computers of users visiting their site. BleepingComputer looked at other prominent sites and determined that eBay isn't alone: Citibank, TD Bank, Ameriprise, Chick-fil-A, Lendup, BeachBody, Equifax IQ connect, TIAA-CREF, Sky, GumTree, and WePay are port scanning, too. The practice appears to be more widespread than earlier thought.