At a glance.
- BTC Markets exposes customer data.
- Circles lawful intercept tools found in use by several governments.
- Healthcare organization suffers data breach.
- Rogue insider sells personal data.
Cryptocurrency exchange exposes customer email addresses.
BTC Markets, a cryptocurrency exchange based out of Australia, accidentally disclosed the data of its entire customer base, reports Cointelegraph. The exposure came when customer names and email addresses were sent around, visibly, in a marketing email. The recipients were batched in groups of one thousand, meaning each customer received the info of nine hundred ninety-nine others. BTC is working with the Office of the Australian Information Commissioner to determine the best way to minimize the damage from the leak, and customers have been advised to set up two-factor authentication to better secure their accounts.
Privacy watchdog discovers spyware used by nations across the globe.
Researchers at University of Toronto’s Citizen Lab uncovered evidence that at least twenty-five governments from across the globe have been using lawful intercept technology provided by surveillance firm Circles to remotely track individuals’ phones, reports CyberScoop. The governments involved span almost every continent, and iTnews reports that one of the Five Eyes, Australia, is among them. Circles is associated with the Israeli software surveillance vendor NSO Group, which has been accused in the past of supplying authoritarian leaders with surveillance equipment, and is currently being sued by Facebook for allegedly creating spyware used to infiltrate WhatsApp.
The spyware relies on vulnerabilities in the outdated Signalling System No. 7 (SS7) protocols used by phone carriers to route calls. By connecting to an SS7 network, threat actors can remotely and invisibly track a phone’s location and even intercept calls and SMS in what basically amounts to digital wiretapping. Motherboard reports an anonymous source with insider knowledge of Circles stated that the firm’s software can allow anyone to “track any phone number from any country and anywhere in the world." Citizen Lab’s analysis explains that they detected evidence of deployment of the software in the implicated countries by scanning for unique firewall signatures. NSO Group disputes the findings, and calls Citizen Lab's credibility into question. An NSO spokesperson told Forbes, “Given Citizen Lab’s track record, we imagine this will once again be based on inaccurate assumptions and without a full command of the facts.” (Citizen Lab has for several years been NSO Group's nemesis.)
Healthcare not-for-profit suffers data breach.
AspenPointe, a US nonprofit healthcare services provider, experienced a data breach that resulted in the loss of the medical data of nearly 300,000 patients, reports teiss. The compromised information, which was accessed when an unauthorized party infiltrated AspenPointe’s network, includes patient names, social security numbers, and diagnosis codes. Information privacy expert Robert Meyers of One Identity attributes the breach to mismanagement of access rights, possibly due to a lack of focus on data security during the pandemic. “The cause of this breach was that certain users were granted too much access,” he stated. “Hopefully, AspenPointe will have already revised its access privileges and implemented a new [privileged account management] system.”
Rogue employee sells customer data.
Business Insider reports that South African Absa, a financial services company, has disclosed that a rogue employee working as a credit analyst has been caught selling customer data to third parties. The employee is said to have had access to Absa's risk modelling processes as part of his job. We heard from Patryk Brożek, CEO of Fudo Security, who warns that deliberate malicious behavior shouldn't be overlooked by any organization's risk analysis. "Our recent studies have concluded that malicious employees' and contractors’ activity within an organization, along with human error, make up the most significant cybersecurity threat," he wrote, adding, "Yet, most popular protection tools, such as VPNs, multi-factor authentication, or IAM systems either do not address this risk or are cumbersome to deploy. Only session management and recording can fully protect companies from these types of threats.”