At a glance.
- Vice Society takes credit for Lewis & Clark cyberattack.
- BetterHelp agrees to settlement for sharing customer data without consent.
- Capita system outage stokes fears of data breach.
- Hacktivists claim to have tricked wives of Russian combat pilots into revealing personal information.
Vice Society takes credit for Lewis & Clark cyberattack.
US higher education institution Lewis & Clark College last month disclosed it had suffered a cyberattack, and the Record reports that the Vice Society ransomware group has now taken responsibility for the incident. As evidence, the cybercrime gang, which was connected to several attacks on schools last year, posted samples of data allegedly stolen from the school including passports, insurance files, and tax documents. On March 3, administrators notified the school community that several of its systems were offline, and on March 24 the school confirmed it had “experienced an IT security incident which negatively impacted systems and services across” its campuses. In response to Vice taking credit for the attack, the school stated on Friday, "When cybercriminals publish data of this nature, they do so on portions of the internet that are unindexed, not easily searchable, and only accessible by means of special software, which means that it may take a while to investigate the scope and nature of this claim.” Lewis & Clark, which is located in the state of Oregon, has not confirmed if a ransom has been demanded, but has stated they have no intention of paying. The incident is in keeping with Vice’s M.O. of infiltrating school networks and publishing sensitive data. The gang is responsible for the recent leak of student mental health data stolen from Los Angeles schools, and most recently the threat group claimed responsibility for an attack on the UK’s Tanbridge House School.
BetterHelp agrees to settlement for sharing customer data without consent.
The US Federal Trade Commission (FTC) on Thursday announced that online mental health counseling company BetterHelp has agreed to pay $7.8 million to settle charges that it improperly shared customers’ sensitive data, the Verge reports. Despite the fact that BetterHelp’s sign-up process “promised consumers that it would not use or disclose their personal health data except for limited purposes,” the FTC alleges the platform shared user info including email addresses and health questionnaire answers with companies including Facebook, Snapchat, Criteo, and Pinterest for “advertising purposes.” The regulator also claims BetterHelp intentionally misled users by giving its customer service representatives false scripts indicating that they weren’t sharing customer data, and by placing a HIPAA seal on its website despite the fact that “no government agency or other third party reviewed [BetterHelp]’s information practices for compliance with HIPAA, let alone determined that the practices met the requirements of HIPAA.” In addition to the settlement charges, the FTC’s proposed order would require BetterHelp to improve its customer handling protocols, including asking all third parties to delete the data in question, and establishing a “comprehensive privacy program” that includes enlisting an independent third party to conduct privacy assessments.
Capita system outage stokes fears of data breach.
Capita, a London-based business process outsourcing and professional services company, has suffered an IT incident, inciting worries that the company was hit with a cyberattack that might have exposed government data. The Telegraph explains that the company runs crucial operations for the National Health Service and the military, as well as the licensing process for the BBC. Staff say computer systems suddenly stopped working on Friday, preventing them from logging into their accounts and shutting down council phone lines. Capita confirmed it was investigating a “technical issue” but has not yet identified the cause. The outage mainly impacts the Office365 program suite, but clients’ systems are apparently unaffected. A spokesperson issued a statement Friday evening saying, “We would like to reassure any customers whose services have been affected that we are making good progress and working closely with our technical partners to swiftly resolve the issues.” One source said the National Cyber Security Centre, the Cabinet Office, and other government agencies had been notified, and that impacted workers, including those supporting critical infrastructure, were forced to resort to using pen and paper to conduct operations. As the Guardian notes, the incident highlights the risks involved with the government’s growing dependence on outsourcing. With £6.5 billion of public sector contracts covering several sectors including London’s congestion charge system and army recruiting, Capita is one of the UK government’s largest suppliers. Proactive adds that Capita coordinates maintenance at the UK’s Submarine Training Centre, fire and rescue operations for the Ministry of Defence, and Transport for London’s road-charging system. Private customers include Thames Water, gambling company William Hill, BMW, and British telecom O2. Fortunately, the impact on government systems appears to be minimal so far. A Cabinet Office spokesperson stated, “We are aware of an incident affecting some systems within Capita and we are in regular contact with the company as they continue to investigate the issue.”
Hacktivists claim to have tricked wives of Russian combat pilots into revealing personal information.
And, finally, Cyber Resistance, a pro-Ukrainian hacktivist group, is reported to have inveigled the spouses of officers in the Russian 960th Assault Aviation Regiment (responsible for killing some six-hundred civilians who had taken shelter in a Mariupol theater last year, as well as having hit hospitals) into participating in a bogus morale-building calendar photoshoot, in the course of which the identities of the regiment's officers were revealed. The wife of Colonel Sergey Valeriyvich Atroschenko, the regiment's commander, was duped into organizing the photoshoot. The Telegraph writes, "The 41-year-old believed she was communicating with an officer from her husband’s regiment, and not a Ukrainian activist, when she agreed to take part and organise the 'patriotic photo shoot' at an airfield near the city of Primorsko-Akhtarsk in the Krasnodar Krai, on the shores of the Sea of Azov."
HackRead reports that the information obtained included a great deal of sensitive data. InfoNapalm, a hacktivist group cooperating with Cyber Resistance explained, “Among the large volumes of correspondence and spam in the mail dumps of the 960th AAR commander, Col. Sergey Atroshchenko, we managed to find and isolate various detailed lists of pilots, performance evaluation records of officers, bulletins, memos, theoretical and practical calculations, etc. which are of material interest for the Ukrainian intelligence.” Both Cyber Resistance and InfoNapalm have a longer track record than most hacktivist groups involved in Russia’s war. They were formed in response to Russia's 2014 invasion of Crimea.
The data pulled and partially published by Cyber Resistance unfortunately also included information about the wives themselves, who after all flew no strikes and bombed no hospitals.