At a glance.
- IT services provider Cognizant sustains Maze ransomware attack.
- Report: large 3rd-party Android app store Aptoide breached.
- Michigan hospital discovers, discloses a 2019 email compromise that risked exposing patient data.
- Calgary accounting firm hit with ransomware.
- Sextortion wave suggests an undiscovered data breach.
- Children's online game Webkinz world hacked, 23 million credentials leaked.
Maze ransomware hits Cognizant.
BleepingComputer reports that the major IT services provider Cognizant was hit by a Maze ransomware attack on Friday. The company is working to contain the damage and restore normal operations. Maze now routinely steals data to give it additional leverage over its victims, and this can be expected to be the case with the Cognizant attack. BleepingComputer says the Maze gang denied involvement, but Cognizant has said publicly that the malware used against it was Maze.
Report: Aptoide breached.
Forbes reports that the large third-party Android app store Aptoide has been breached. According to ZDNet, the hacker who released what appeared to be twenty-million user records claims to have another nineteen-million more in reserve. Aptoide says it's investigating, and that it's taken steps to contain any breach.
Healthcare provider discovers, discloses, year-old breach.
Michigan-based Beaumont Health has disclosed that in March it discovered that between May 23rd and June 3rd of last year an unauthorized third-party accessed the hospital employee email accounts. The compromise of employee email "potentially compromised" information on up to 112,000 patients. The information that could have been exposed included "name, date of birth, diagnosis, diagnosis code, procedure, treatment location, treatment type, prescription information, Beaumont patient account number, and Beaumont medical record number." A smaller number of patients, about four hundred sixty, may have also suffered exposure of "Social Security numbers, financial account information, health insurance information, and driver's license or state identification numbers," the Detroit Free Press reports. WWJ News Radio quotes a hospital press release: "Our investigation was unable to determine definitively if any information was actually acquired by the unauthorized third party, and Beaumont has no knowledge of any inappropriate or misuse of data. Beaumont’s medical information remains secure…. However, out of an abundance of caution, we are issuing notices to anyone whose information may have been contained in the accessed accounts.”
Accounting firm hit by ransomware.
MNP, a large Calgary-based accounting firm, said at the end of last week that it had sustained a ransomware attack. The strain is unknown, but MNP took extraordinary steps to secure its systems and control the damage, at the cost of some disruption to its workers, BleepingComputer reports. It's unknown if data were compromised, but if indeed it was ransomware, it's now prudent to assume that this is the case. MNP expects investigation and full recovery to take several weeks.
A rise in sextortion attempts suggests an as-yet unidentified data breach.
India has seen a sharp increase in the number of sextortion attempts that seek to shame victims into paying lest their online pornography habits be outed to friends, family, and neighbors. Most sextortion attempts recently have amounted to little more than scareware, sometimes decorated with some credential-stuffing, but in this wave there seems to be more to it. The Hindu reports that the Maharashtra Cyber police say, “The victims receive their own account passwords or their browser history, which shows that they have accessed pornographic websites, in an email. The mails go on to demand large amounts of money in bitcoins in exchange for not making the details public. This has become rampant over the last few days and may be due to a data breach event.” It's proving to be a tough crime wave to investigate: people are informally telling the police about what's happened, but shame has largely deterred any from filing a formal complaint.
Some of the sextortion attempts, like a current wave in Northern Ireland that ITV is reporting, don't suggest an underlying data breach. They look like the familiar empty threats: your webcam has been hacked, we have indecent pictures of you, etc.
Hackers leak Webkinz World credentials.
Webkinz World, an online game toymaker Ganz maintains as an adjunct to its line of plush toys, was hacked earlier this month. ZDNet has confirmed that the data leaked are usernames and encrypted passwords for some 23 million users. The attackers are believed to have gained unauthorized access to the data by exploiting an SQL injection vulnerability in one of Webkinz World's web forms.