Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Bank Data Leak. Show all posts
Windows 7
2FA Authentication Bank Data Leak Cyber Security IT Network Malicious actor Microsoft Protocols Supply Chain Platform UK Government Vulnerability and Exploits. Windows 7

UK Military Data Breach via Outdated Windows 7 System

A Windows 7 machine belonging to a high-security fencing company was the stunning weak link in a shocking cybersecurity incident that exposed vital military data. This hack not only underlines the need for organizations, including those that don't seem to be in the military industry, to maintain strong digital defenses, but it also raises questions about the health of cybersecurity policies.

The attack was started by the LockBit ransomware organization, which targeted Zaun, the high-security fencing manufacturer, according to reports from TechSpot and CPO Magazine. The attackers took advantage of a flaw in the Windows 7 operating system, which Microsoft no longer officially supports and as a result, is not up to date with security patches. This emphasizes the dangers of employing old software, especially in crucial industries.

The compromised fencing company was entrusted with safeguarding the perimeters of sensitive military installations in the UK. Consequently, the breach allowed the attackers to access vital data, potentially compromising national security. This incident underscores the importance of rigorous cybersecurity measures within the defense supply chain, where vulnerabilities can have far-reaching consequences.

The breach also serves as a reminder that cybercriminals often target the weakest links in an organization's cybersecurity chain. In this case, it was a legacy system running an outdated operating system. To mitigate such risks, organizations, especially those handling sensitive data, must regularly update their systems and invest in robust cybersecurity infrastructure.

As investigations continue, the fencing company and other organizations in similar positions need to assess their cybersecurity postures. Regular security audits, employee training, and the implementation of the latest security technologies are critical steps in preventing such breaches.

Moreover, the incident reinforces the need for collaboration and information sharing between the public and private sectors. The government and military should work closely with contractors and suppliers to ensure that their cybersecurity practices meet the highest standards, as the security of one entity can impact many others in the supply chain.

The breach of military data through a high-security fencing firm's Windows 7 computer serves as a stark reminder of the ever-present and evolving cybersecurity threats. It highlights the critical importance of keeping software up to date, securing supply chains, and fostering collaboration between various stakeholders. 

Read more »
Ransomware Attacks.
Australian Government Bank Data Leak Cyber Crime Ransomware Attacks.

Australian Medibank Alert Customers After Private Data Leak

The major health insurer in Australia, Medibank Private Ltd (MPL.AX), revealed on Wednesday that the hacker may leak additional stolen data if the company continues to refuse to pay the demanded ransom. 

Prime Minister Anthony Albanese acknowledged that he is one of the millions of Australian Medibank customers who may have been impacted by the most recent cyberattack, but he supported the insurer's refusal to pay a ransom.

"For some, this is incredibly difficult. It will worry me that part of this information has been made public as I am also a Medibank Private customer," said Albanese.

According to Medibank, additional Australian customers' private medical information will likely be posted on the dark web as the perpetrators of the most recent cyberattack try to put more pressure on the insurance.

A sample of customer information, which included names, addresses, dates of birth, phone numbers, and email addresses, was discovered to have been placed online on the dark web this morning. In other instances, the passport numbers of foreign students who had registered with Medibank Group's partner company ahm were also made public.

If a hacker gained access to the prime minister's personal or medical information, it is not immediately evident. According to Medibank, information on 9.7 million of both current and former clients was exposed.

Federal Cyber Security Minister Clare O'Neil stated in a statement on Wednesday that Medibank's decision to forego paying a ransom is in line with the government's recommendation. Customers that were affected were encouraged to be extremely vigilant against extortion attempts. On Wednesday, Medibank Chief Executive David Koczkar called the occurrence 'a criminal crime.'

Since September, there has been an increase in cyberattacks in Australia, with at least eight businesses reporting intrusions, including the telecom company Optus, which is owned by Singapore Telecommunications (STEL.SI).
Read more »
Ransomware attack
Bank Data Leak Conti Ransomware Cyber Attacks Indonesian Banks Ransomware attack

Conti Cyberattack Reported via Bank Indonesia

 

The Indonesian central bank was hit by ransomware, but the threat was reduced and the attack had no impact on the country's essential services. As per the bank, the situation was contained before it had a negative influence on BI's essential services, as Reuters initially reported.

"Last month, BI was informed of a ransomware attack. The bank was targeted by a cyber-attack. This is a true crime, the bank had witnessed," said Erwin Haryono, spokesman for Bank Indonesia. 

According to CNN Indonesia, the criminals allegedly took "non-critical" staff data and planted ransomware payloads on multiple computers on the bank's network during the attack on a central bank branch on the island of Sumatra. While Bank Indonesia didn't disclose who was behind the ransomware assault, security experts believe it was perpetrated by the Conti ransomware gang. 

Conti is a Russian-speaking ransomware cell that has infected over 400 companies globally, including 290 in the United States alone. Phishing emails (malicious URLs or attachments) or stolen/cracked windows remote protocol (RDP) credentials are primarily used attack vectors by Conti attackers to access victim networks. 

The group appears to target high-profile company networks, which infiltrate by using BazarLoader or TrickBot malware to gain illegal remote access to crucial devices. Threat actors strive to spread the infection by infecting additional linked devices after compromising the network. The cybercriminals then take records, encrypt servers and desktops, and demand a ransom payment. 

The Conti ransomware group claimed responsibility for the attack and listed Bank Indonesia among its victims on a Tor leaks site, claiming to have stolen about 14 GB (13.88 GB) of data.

Ransomware is used by cybercriminals to infiltrate selected network operations, infect critical data, and encrypt systems, rendering it unavailable to others. To decrypt infected systems, threat actors demand a ransom. If the victim continues to resist, hackers can threaten to expose secret information in order to put more pressure on the individual or organization.

Bank Indonesia should analyze the severity of the attack, according to Miftah Fadhli, a cybersecurity specialist at the NGO Institute of Policy Research and Advocacy (ELSAM), because it might "carry a major danger" and affect its transactions.
Read more »
User Security
Bank Data Leak Data Breach Personal Data Breach Sensitive Data Leak User Data User Privacy User Security

African Bank Alerts of Data Breach With Personal Details Compromised

 

South African retail bank African Bank has confirmed that one of its debt recovery partners, Debt-IN, was targeted by a ransomware attack in April 2021. 

Expert security advice determined at the time that there was no indication that the ransomware assault resulted in a data leak – nevertheless, Debt-IN is now aware of the fact that the personal information of some customers, including several African Bank Loan customers under debt review, has been breached. 

Debt-IN is certain that no data communicated after April 1, 2021, has been compromised, as per the bank. 

It stated, “A robust mitigation plan has been implemented by Debt-IN to contain and reduce any further adverse impact.”

“We have been collaborating with Debt-IN to address this breach. We have notified the relevant regulatory authorities and we are also in the process of alerting customers who have been affected, via email and SMS.” 

African Bank's fraud prevention team has significantly enhanced security safeguards to protect all clients as an added precaution. 

“If you detect any suspicious activity, or feel that your information has been compromised, you can apply for a free Protective Registration listing with the Southern African Fraud Prevention Services (SAFPS),” the bank added. 

“This will alert banks and credit providers that an identity has been compromised. You can apply by emailing protection@safps.org.za.” 

Latest in a line of high-profile data breaches

Customers of African Bank can contact 0861 111 011 if they detect suspicious activity on their accounts. The breach is the most recent in a string of high-profile data breaches and cyber assaults in South Africa this year. 

Following an investigation into the data breach at Experian in August 2020, the Hawks caught a 36-year-old suspect in Gauteng last week (15 September). 

The South African Banking Risk Information Centre (SABRIC) stated that Experian, a consumer credit reporting firm, has suffered a data breach, compromising the personal information of millions of South Africans. 

Experian initially disclosed that there had been a data breach that leaked personal details of up to 24 million South Africans and 793,749 business enterprises to a potential criminal. 

In recent months, the Justice Department was also targeted by a ransomware attack, and it is currently working to restore its systems. In July, Transnet was also targeted in a similar manner.
Read more »
Subscribe to: Posts (Atom)