At a glance.
- LockBit's mindset.
- PII for British gun owners exposed.
- Fujitsu data breach.
- Power Apps vulnerability exposes health data.
- Québec Ministry of Health reassures citizens over QR code scare.
A peek inside the minds behind LockBit.
Flashpoint takes a look at cybersecurity channel Russian OSINT’s recent interview with the operators of LockBit, the ransomware group that has claimed responsibility for attacks on one hundred and fifty victims, including the recent (allegedly massive, but now substantially debunked) breach of consulting firm Accenture. Addressing LockBit’s survival despite recent shutdowns of other gangs like Cl0p and Egregor amidst pressure from law enforcement, LockBit claims they have no fear of police: “The pressure of the security forces can be felt only when they have already come to you with a warrant and jumped into your window.” They also claim they’re unconcerned about government regulations, asserting no law can prevent a victim from paying up when valuable data is on the line. The Russia-based gang explained how the country’s strained relationship with the West continues to give them impunity. “The non-friendly relations of the West are beneficial for us. It allows us to conduct such an aggressive business and feel calm being in the countries of the former USSR…” Other discussion points include the gang’s methods for recruiting new talent and their focus on targets in the US, UK, and Canada.
The hunters become the (illegitimately) hunted.
The Register discusses how a data dump exposed the names and addresses of over one hundred thousand British gun owners. The data, likely stolen in the July breach of online firearm marketplace Guntrader, was released as a Google Earth-compatible CSV file, essentially creating a treasure map complete with geographic coordinates pointing directly to the breach victims’ homes. Published on an animal rights blog with the intent of targeting hunting enthusiasts, the dump demonstrates how stolen data, once compromised, can have long-lasting repercussions.
Fujitsu customer data exposed.
Threat group Marketo is selling 4GB of data they claim they swiped from leading Japanese tech company Fujitsu, and the firm has confirmed that the data “appears to be related to customers.” Marketo has already received at least seventy bids for the data, which they claim includes private customer info, budget data, project details, and other company documents. A Fujitsu spokesperson explained to ZDNet that the data does not appear to be connected to the recent breach of Fujitsu’s ProjectWeb platform that exposed government data back in May.
Power Apps bug compromises health data.
GovTech reports that a glitch in Microsoft Power Apps exposed the public health records of COVID-19 vaccine clinic patients located in the US state of Texas. According to a report from UpGuard Research, over a million records were impacted, but after duplicates were removed the number of unique records is closer to 326,000. Denton County officials secured the data as soon as they were notified of the breach and suspended use of the app until the bug was corrected. The Power Apps malfunction has impacted forty-seven organizations including government agencies in the states of Indiana, Maryland, and New York and companies like Ford and American Airlines.
Québec offers reassurance over QR code scare.
Le Devoir reports that Québec's Ministry of Health is assuring citizens of the province that the QR codes used in its vaccine-tracking system are safe. The reassurance comes after Crypto.Québec reported that QR codes associated with prominent political figures had been compromised, with attendant exposure of personal data.