At a glance.
- Data breach derails Dutch national rail company.
- Latitude data breach far larger than initially thought.
- Strangers don’t need to see more pics of your kids.
- Financial services company breach exposes credit card data.
Data breach derails Dutch national rail company.
The Dutch national railway, NS, has disclosed that the data of approximately 780,000 customers were potentially exposed in a recent breach impacting third-party market research firm Blauw. The intruders gained access to Blauw’s data through an unnamed software supplier. The NL Times reports that the compromised data include, for example, names, email addresses, and telephone numbers of NS passengers who participated in a satisfaction survey handled by Blauw. NS says that no financial information was exposed, and while they have not yet confirmed that customer data were involved in the breach, the likelihood is high enough that they thought it best to notify passengers. Blauw says that as many as fourteen of the corporate clients might have been impacted, but the company is still investigating the scope of the breach.
Latitude data breach far larger than initially thought.
Earlier this month Australia’s Latitude Financial Services disclosed it suffered a data breach, and now the company has admitted that the scope of the incident is substantially larger than it first estimated. The number of impacted individuals has increased from 328,000 to a whopping 14 million. Latitude CEO Ahmed Fahour stated, "It is hugely disappointing that such a significant number of additional customers and applicants have been affected by this incident. We apologise unreservedly.” The breach was the result of a threat actor illegally obtaining an employee's login, allowing them to infiltrate two of the company's service providers. Bleeping Computer explains that the impacted individuals are largely customers or loan applicants from Australia and New Zealand. Latitude issued a statement explaining, "As our forensic review continues to progress, we have identified that approximately 7.9 million Australian and New Zealand driver license numbers were stolen, of which approximately 3.2 million, or 40%, were provided to us in the last 10 years. A further approximately 6.1 million records dating back to at least 2005 were also stolen, of which approximately 5.7 million, or 94%, were provided before 2013." The hackers made off with around 53,000 passport numbers as well. In addition to the traditional document replacement and credit monitoring offers, the Australian Federal Police has announced it’s expanding "Operation Guardian" — a joint initiative with state and territory police established in September to serve the victims of the Optus and Medibank attacks – to include Latitude.
(Added, 6:45 PM, March 29th, 2023. Sally Vincent, Senior Threat Research Engineer at LogRhythm sent us some comments to set the Latitude breach into context:
"Latitude Financial, an Australian consumer credit business offering personal loans and finance, has just disclosed that personal data of roughly 14 million customers has been stolen in a cyberattack initially estimated to affect only 330,000 individuals. After disclosing earlier this week that it had noticed some unusual activity on its networks, the company has now admitted to the large number of customers affected. Data stolen in the attack includes driver’s license numbers, passport numbers, names, addresses, birthdays and phone numbers.
"This incident is the latest in a string of attacks in Australia, following that on Optus, one of the country’s largest telecommunications companies, which compromised the data of nearly 10 million Australians, and a similar attack on Medibank, which also impacted nearly 10 million Australian citizens, including the country's prime minister.
"Unfortunately, financial institutions provide hackers with a significant incentive to steal and sell private information. These organizations continue to be extremely vulnerable to attacks as long as these hackers can continue to make money from their crimes, and financial institutions need to have a strong cybersecurity posture to be able to defend against these efforts to steal and extort data. This posture should include effective incident and response plans in addition to other preventative measures like password hygiene, threat detection, and real-time monitoring and visibility capabilities. In addition, diligent patching, creating backups, and giving priority to educational training are essential for prioritizing security and protecting priceless data.")
Strangers don’t need to see more pics of your kids.
Researchers at Secure Data Recovery recently conducted a study to better understand what types of content Americans overshare on social media, and they found that 75% of respondents feel most parents overshare about their children online. Nearly three-quarters admitted they don’t personally know everyone who views their posts, and almost half say they regret something they’ve shared on social media. 24% of respondents confessed they do not not use the “private” setting offered by most social media platforms that keeps a user's posts away from the prying eyes of strangers, and even out of those that do, 62% (mostly millennials) admitted they have accepted a friend request from someone they don’t know. Location (59%) and age (57%) are the sensitive data most commonly overshared on social media, and respondents said Snapchat (50%) and Instagram (47%) are the apps upon which they’re most concerned about revealing too much private data. Religion, politics, and bodily functions were among the subjects Americans are most tired of hearing about, while most people are fine with seeing pics of users’ cute pets and plants. On a darker note, death is the third most shared life event (29), following vacations and graduations. And about those kids: nearly one-third of parents share details about their “first day of school” pics, often revealing their child’s grade, school, and teacher, info that could easily reveal a child’s location to wrongdoers.
US financial services company breach exposes credit card data.
The Record reports that NCB Management Services, an American company that purchases debt, experienced a cyberattack that exposed the sensitive financial data of 494,969 clients. Based out of the state of Pennsylvania, the company discovered the breach on February 4 and notified impacted individuals last week. The notification states, “Recently, confidential client account information maintained by NCB was accessed by an unauthorized party. The information involved may have included details about a credit card account that you formerly had with Bank of America.” The compromised data include names, addresses, phone numbers, email addresses, dates of birth, jobs, salary, driver's license numbers, and Social Security numbers, as well as financial data like credit card numbers and bank routing numbers. NCB noted that the affected credit card accounts had already been closed. The company stated, “NCB is no longer servicing your closed credit card account with Bank of America,” and directed those with questions to contact Bank of America directly. Although the incident has not been labeled a ransomware attack, NCB claimed that it has “obtained assurances that the third party no longer has any of the information on its systems,” a statement that often indicates the breached company is engaged in ransom negotiation talks with the attackers.