At a glance.
- Ransomware group publishes Canadian nurses' data.
- Hacker dumps allegedly stolen Airbus data.
Ransomware group publishes Canadian nurses' data.
The Canadian Nurses Association (CNA), a professional association representing nurses across all thirteen provinces and territories in Canada, has confirmed it suffered a data breach in April. The announcement comes after the Snatch ransomware gang published 37GB of data allegedly stolen from the CNA. A statement from the association explains, "We have since completed our investigation into the incident and any members impacted by this incident are being notified accordingly. We are engaging with our members and working closely with our industry-leading partners to implement enhanced security measures to protect our systems, and to prevent this type of incident in the future.” SC Media notes that Snatch also claims to have stolen data from South Africa’s Department of Defence, but an investigation carried out by the South African National Defense Force has found no evidence of a breach.
Hacker dumps allegedly stolen Airbus data.
Airbus, the international aerospace behemoth based out of France, is investigating a possible intrusion after a hacker alleged he was in possession of data on thousands of the company's vendors. The hacker, who goes by the handle “USDoD,” posted the data on popular hacker marketplace BreachForums, claiming he’d infiltrated an Airbus web portal after breaching the account of an airline employee located in Turkey. The stolen data allegedly belongs to over three thousand Airbus vendors, and the compromised info includes names, street addresses, phone numbers, and email addresses.
USDoD (no relation to the actual US Department of Defense), who appears to be connected to the 2022 breach of the US Federal Bureau of Investigation’s (FBI) InfraGard system, posted the Airbus data publicly without making any ransom demands, so it’s unclear what his motives are. Airbus spokesperson Philippe Gmerek told the Record that attackers had infiltrated an “IT account associated with an Airbus customer” that was used to download business documents dedicated to this customer from an Airbus web portal. Gmerek added, “Immediate remedial and follow-up measures were taken by our security teams to prevent our systems from being compromised.” Coincidentally (or perhaps it’s no coincidence?), the FBI, US Cyber Command and the Cybersecurity and Infrastructure Security Agency last week issued a warning that nation-state threat actors had exploited two vulnerabilities to attack an unnamed aerospace company earlier this year.