At a glance.
- Cybercriminals scoot their way into Whoosh’s data.
- Leaks found in Amazon RDS databases.
- Europe weighs in on World Cup privacy concerns. Hackers prey on the young.
Cybercriminals scoot their way into Whoosh’s data.
Russia’s leading urban mobility service platform, a scooter-sharing app called Whoosh, has confirmed it experienced a data breach, Bleeping Computer reports. On Friday a hacker began selling data he claimed was linked to 7.2 million Whoosh customers on a hacking forum. The data allegedly includes promotion codes granting free access to the platform, partial user identification info like email addresses and phone numbers, as well as partial payment card details for a subset of 1,900,000 users. While the Whoosh acknowledged earlier this month it had experienced a cyberincident, the company claimed its IT staff had contained the attack and that no customer data had been accessed. In a statement released Tuesday, Whoosh admitted a data leak had occurred and said they’re working with law enforcement to remove the customer info from the dark web. A spokesperson stated, "The leak did not affect sensitive user data, such as account access, transaction information, or travel details. Our security procedures also exclude the possibility of third parties gaining access to full payment data of users' bank cards."
Leaks found in Amazon RDS databases.
Researchers at security firm Mitiga have discovered hundreds of databases containing personally identifiable information are being exposed monthly through Amazon’s popular Relational Database Service (Amazon RDS), a Platform-as-a-Service (PaaS) offering first released in 2009. RDS users can employ RDS snapshots, an intuitive feature that helps users backup their databases. The snapshots can be shared across different AWS accounts, and Mitiga found a number of snapshots were being shared publicly for hours to weeks, either intentionally or in error. The researchers warn that threat actors could exploit this issue to access the data in the snapshots, and the nature of the service prevents users from knowing if an unauthorized third party has accessed the data.
Europe weighs in on World Cup privacy concerns.
The 2022 World Cup is set to begin in Qatar in just a few days, and as we noted yesterday, privacy experts are advising attendees to be on high alert about potential threats to their personal data. As the Register reports, of particular concern are two required Cup apps: Ehteraz, a Covid-19 tracker from the Qatari Ministry of Public Health, and Hayya, a platform from the government's Supreme Committee for Delivery & Legacy that controls entry to the games and public transit. Analysts say the apps are collecting extraneous user data and could be used to monitor fans’ locations. POLITICO reports that the BfDI, Germany's data protection agency, released a statement Tuesday advising football fans to install the two apps only "if it is absolutely necessary," and to use a burner phone if possible. “The data processing of both apps probably goes much further than the descriptions of the data protection notices and processing purposes in the app stores indicate,” the BfDI explains. “One of the apps collects data on whether and with which number a telephone call is made. The other app actively prevents the device on which it is installed from going into sleep mode. It is also obvious that the data used by the apps not only remain locally on the device, but are also transmitted to a central server.” Norway’s data protection agency has warned that Qatari officials could use “the extensive access the apps require" to snoop on visitors or even take control of their devices, and France's Junior Minister for Digital Jean-Noël Barrot tweeted a similar warning.
Hackers prey on the young.
Or at least on their data. Our youngest citizens are easily our most vulnerable, and Becker’s Health Review takes a look at why pediatric patients make attractive targets for cybercriminals. Stoddard Manikin, chief information security officer at Children's Healthcare of Atlanta, says threat actors have been targeting children's hospitals to use data stolen from pediatric health records to apply for loans, knowing that suspicious activity on children’s accounts often goes undetected. He also noted that nation-state-backed attackers are increasingly targeting hospital research data. "Ransomware attacks against the U.S. healthcare industry are up tremendously in the last few years. And unfortunately, we see a lot of our peer organizations impacted on a weekly basis," Mr. Manikin stated. "When you get into hospital systems — some of which are a couple of hospitals, some of which are dozens or even hundreds — then they have no choice but to recover at great expense and great impact."