At a glance.
- US government agencies issue official warning about school cyberattacks.
- Baltimore County Public Schools believe no PII stolen in recent ransomware attack.
- Spotify vulnerability exposes user data.
- Over a million impacted by dental provider data breach.
- Massive Indian credit card breach.
- TSYS sustains ransomware attack; data are being leaked.
US government agencies issue official warning about school cyberattacks.
Following recent cyberattacks that interrupted distance learning at US schools, a Joint Cybersecurity Advisory has been released by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) confirming that K-12 learning institutions are being targeted by malware operators seeking to steal data and disrupt instruction. The analysis identifies ZeuS and Shlayer as the top malware strains involved, and also warns that future attackers might exploit security weaknesses in social engineering, distance learning tools, remote desktop protocol services, and end-of-life software. The advisory recommends that institutions devise plans for frequent network patching and employee training to protect themselves against potential attacks.
Baltimore County school district believes no personal data stolen in recent attack.
Baltimore County officials in the US state of Maryland have stated they believe “at this point” no student or employee data were compromised in the ransomware attack that forced Baltimore County Public Schools to halt instruction for several days in November, the Baltimore Sun reports. However, with any cyberattack it is difficult to prove with any certainty that data are safe. Cybersecurity analyst Brett Callow of Emsisoft stated that it’s “not always possible to tell what did happen because the attackers try to scramble systems and log files as much as they can” and that it can take up to a month for a thorough analysis.
Spotify vulnerability exposes user data.
TechCrunch reports that a software vulnerability at Spotify has led the music streaming platform to reset a number of user passwords due to the accidental exposure of account information to Spotify’s business partners. It is unclear how many accounts were impacted or exactly how the data were exposed.
Over a million impacted by dental provider data breach.
Dental Care Alliance, a US dental support organization that serves more than three hundred practices in twenty states, experienced a data breach that potentially compromised the data of more than one million patients, reports Infosecurity Magazine. Though the affected individuals and the necessary regulatory bodies have been notified, Dental Care Alliance has chosen not to offer any remediation services, as they claim they have no reason to believe the data were used for malicious purposes.
Massive Indian credit card breach.
Inc42 Media reports that the data of 7 million Indian credit card holders have been exposed on the dark web via a 2 GB Google Drive database. The data, which is from a period between 2010 and 2019, include names, contact info, and employer and income information, as well as 500,000 permanent account (PAN) numbers. It is unclear how the exposed individuals are linked, as they do not appear to be connected by their banking institution, employer, or income bracket. It's also unclear what the source of the leaked database might be.
Conti ransomware hits paycard processor TSYS.
KrebsOnSecurity reports that the major paycard processor TSYS has sustained a Conti ransomware attack. The gang responsible began posting stolen data on December 8th. We received comments from Mark Bower, senior vice president at comforte AG, who sees the incident as another case study of how attractive to criminals companies that hold large databases of information belonging to third-parties can be:
“Data processors and payment organizations at the heart of entire industries are always on the radar of attackers. The high volumes of third-party data make them very attractive – both for the data they handle themselves and the data they have been entrusted with. Historically, they have also been entities where an attack to the administrative side has led to subsequent and secondary breaches of core processing platforms from attackers using data in emails, files, and databases.
"While so far, the good news is the core processing systems have not been impacted, likely from a modern data-centric approach to protecting it that’s common in leading payment processors, the bottom line is that this sends a clear reminder to any organization in the scaled data collection and processing business to ensure data security is implemented end-to-end, or made a top priority for the next year as we collect, store and process more sensitive data than ever.
"Privacy and security regulations are clearly motivation, but having gigabytes of sensitive data leaked can quickly morph into an uncontainable nightmare with equally uncontained cost impact without it.”