At a glance.
- RateForce exposes customer data in unprotected database.
- Researchers analyze 6 million stolen credit cards.
- Gen Digital discloses data exposure linked to MOVEit attack.
- Extortionists contact student victims of University of Manchester attack.
RateForce exposes customer data in unprotected database.
Researcher Jeremiah Fowler has discovered an unprotected database on the open web exposing over 250k documents linked to auto insurance policies and containing highly sensitive personal identifiable information. The database – which includes images of vehicle registrations, division of motor vehicle registration applications, certificate of insurance cards, driver’s licenses, and more – initially appeared to be connected to USA Underwriters, an insurance agency located in the US state of Michigan. The database was exposed for at least two weeks while Fowler attempted to get USA Underwriters to return his calls, vpnMentor recounts. Strangely, after the database was secured, a person claiming to be with the Detroit police department contacted Fowler for questioning, and the individual informed Fowler the database was actually owned by third-party vendor RateForce, which provides an app allowing users to compare car insurance quotes online. There’s some evidence indicating that the individual who contacted Fowler was not a detective but a USA Underwriters employee.
Researchers analyze 6 million stolen credit cards.
NordVPN conducted an analysis of stolen credit card numbers published on the web and found that for two out of every three cards, the numbers were accompanied by private cardholder info like addresses, phone numbers, and even Social Security numbers. Cybersecurity advisor Adrianus Warmenhoven says the personal data bundled with the cards makes them inherently more dangerous. “In the past, experts linked payment card fraud to brute-forcing attacks — when a criminal tries to guess a payment card number and CVV to use their victim's card,” he explained. “However, most of the cards we found during our research were sold alongside the email and home addresses of their victims, which are impossible to brute force. We can therefore conclude that they were stolen using more sophisticated methods, such as phishing and malware.” GlobeNewswire News Room adds that nearly 60% of the 6 million stolen cards analyzed belonged to Americans, and the average price of an American card was $6.86. According to NordVPN’s card fraud risk index, the US is the fifth country most prone to card fraud; the top three are Malta, Australia, and New Zealand. Confirming widely believed notions that Anglo-European countries are being targeted by large-scale hacking operations, Russia had the lowest risk score, and China was 3rd from last.
Gen Digital discloses data exposure linked to MOVEit attack.
The impact of the MOVEit file-transfer software hack continues to ripple across the world. Security Week reports that Gen Digital, parent company to popular cybersecurity brands like Avast, Avira, AVG, Norton, and LifeLock, has confirmed that employee data were compromised in the MOVEit ransomware attack. Security researcher Dominic Alvieri warned on Monday that Cl0p, the threat group allegedly behind the MOVEit hack, had added Norton LifeLock to its leak site. Not long after, Gen Digital confirmed that attackers had accessed the personal employee data including names, addresses, birth dates, and business email addresses. “We use MOVEit for file transfers and have remediated all of the known vulnerabilities in the system,” Gen stated. Subsequent investigation revealed that no customer or partner data had been exposed. Gen added, “We immediately investigated the scope of the issue and have notified the relevant data protection regulators and our employees whose data may have been impacted.”
Extortionists contact student victims of University of Manchester attack.
England’s University of Manchester disclosed on June 9 that it suffered a cyberattack. Now the threat actors, who claim to have stolen 7 TB of data, have begun contacting students directly with extortion demands. An email sent to students reads, "We would like to inform all students, lecturers, administration, and staff that we have successfully hacked manchester.ac.uk network on June 6 2023. We have stolen 7TB of data, including confidential personal information from students and staff, research data, medical data, police reports, drug test results, databases, HR documents, finance documents, and more." The email goes on to claim that the administration has been in communication with the hackers for over a week and has refused to meet the cybercriminals' ransom demands. “They do not care about you or that ALL your personal information and research work will soon be sold and/or made public!” the hackers warn. Students have begun tweeting about the email that arrived in their inboxes, Bleeping Computer reports. The identity of the threat group behind the attack has not been determined, but administrators say the attack is not linked to the MOVEit hack.