Search This Blog

Showing posts with label IT Systems. Show all posts

Riot Games Hit by Data Breach

Riot Games reported last week that a social engineering attempt had infiltrated the systems in their software platform. Motherboard got the ransom note that was sent to Riot Games and reported that hackers demanded $10 million in exchange for keeping the stolen source code a secret and erasing it from their servers.

The LoL and TFT teams are investigating how to cheat developers who might exploit the data that was obtained to create new tools and evaluating whether any fixes are necessary to resist such nefarious attempts. According to the game creator, the game source code obtained during the security breach also includes certain unreleased features that might not make it to the release stage.

Hackers gave Riot Games two sizable PDFs as proof, claiming that they would demonstrate their access to Packman and the League of Legends source code. These files were also obtained by Motherboard, and they seem to display directories connected to the game's code. According to the ransom message, the hackers threatened to remove the code from their servers in exchange for payment and give insight into how the intrusion occurred and offer guidance on preventing future breaches.

The hackers indicated Riot Games could contact them through a Telegram chat, and they provided a link to that chat in the post. The motherboard has joined this channel. Its members contained usernames that corresponded to the names of Riot Games personnel.

No player or user information was taken during the attempt, as per Riot, but the company warned that it would take some time to adequately protect the systems and that patches might be delayed. The breach is the subject of an investigation by Riot Games. It appears that the attacker did not utilize ransomware but instead concentrated on stealing source code so they could demand money from the business.

DIHK Suffers Cyberattacks, Shuts Down IT Systems

About the DIHK Attack

The association of German Chambers of Industry and Commerce (DIHK) was compelled to close down all of its IT systems and shut off digital services, telephones, e-mail servers, as a counter measure to the cyberattack. 

DIHK is an association of 79 chambers that represent organizations within the German state, with more than 3 million members having business ranging from small shops to large enterprises within the country. 

The organisations attends to matters of legal representation foreign trade promotion, consultation, regional economic development, training, and offers generic assistance services to the members. 

How did attackers breach DIHK

A statement released on the DIHK site explains the shutdown as a precautionary measures, and provide IT teams time to find a solution and bring out a counter measure. 

Few services of the companies are slowly getting available again after some aggressive reviews that make sure it's safe to use them. But, the restoration of service isn't complete at the moment. 

DIHK general manager Michael Bergmann via a LinkedIn post told the public about the cyberattack incident that happened on Wednesday, and noted the incident as 'massive.' Currently, DIHK can't sayfor how long the urgent shutdown measures will be needed. 

The attack shows hints of ransomware, the systems have been shut down to stop the malware from spreading further, however, this information hasn't been verified officially. 

Besides this, no announcements of a successful compromise off DIHK on any of the big ransomware websites, however, it is too soon to comment on that. The cyberattack's impact doesn't have any local focus. 

Bleeping Computers reports "individual divisions in North Rhine-Westphalia, Lower Saxony, Bavaria, and Mecklenburg-Western Pomerania have all confirmed facing problems. For example, the Chamber of Industry and Commerce in Köln informed the public that phone lines work to a limited extent, while its website was still offline at the time of this writing."

14 Account's Email System Targeted the Green Party of Germany


The foreign minister Annalena Baerbock and the economy minister Robert Habeck's email accounts were both compromised last month, according to the German Green party, which is a member of the coalition government of the nation. 

The party acknowledged a revelation published on Saturday by the German magazine Der Spiegel, but claimed that the two had stopped using official party accounts since January.

According to a report on a German magazine Der Spiegel on Thursday, the Green Party said that a total of 14 accounts, including the party's co-leaders' Omid Nouripour and Ricarda Lang, were also hacked and that certain messages were sent to other servers. The article further read that the attack also had an impact on the party's "Grüne Netz" intranet IT system, where private information is exchanged.

The party declined to acknowledge Der Spiegel's claim that an electronic trace suggested the cyberattack may have originated in Russia because of the current investigation by German authorities.

"More than these email accounts are affected," the party official claimed. The topic concerns emails using the domain "" The representative stated that it was yet unknown who had hacked in. The first indication of the attack came on May 30 and since June 13, when specialists determined that there had been a breach, access to the system has been restricted. 

Authorities blamed the unauthorized access on Russian state-sponsored hackers. Baerbock has consistently taken a harsh approach in response to Russia's abuse of human rights and aggression against Ukraine. Since taking office in December, Habeck has been in charge of Germany's initiatives to wean itself off of Russian energy sources.

Network logs, according to the Greens, did not reflect any signs of the increased traffic levels that would indicate the theft of a significant amount of data.

Wightlink Customers' Details Compromised in Cyber Attack


Wightlink, a UK ferry company, has been struck by a highly complex cyber-attack that may have exposed the personal information of "a small number of customers and staff." Wightlink stated, the incident, which occurred in February, reportedly impacted certain back-office IT systems but not its ferry services, booking system, and website.

According to the company, law enforcement and the UK's Information Commissioner's Office (ICO) have been contacted, since they have possible breach victims. Wightlink has three routes between Hampshire in southeast England and the Isle of Wight, an island off the south coast. The company claims to carry 4.6 million passengers each year on over 100 daily sailings.

Wightlink claimed in a statement received by The Daily Swig: “Unfortunately, despite Wightlink taking appropriate security measures, some of its back-office IT systems were affected by a cyber-attack last month. However, this criminal action has not affected Wightlink’s ferries and FastCats, which have continued to operate normally during and following the attack, nor were its booking system and website affected.” 

Wightlink said it hired third-party cybersecurity experts to analyse and analyse the situation as soon as it was detected. The operator stated it was working with the South East Regional Organised Crime Unit in addition to reporting the incident to the ICO. 

The company stated, “Wightlink does not process or store payment card details for bookings. However, the investigation has identified a small number of customers and staff for whom other items of personal information may have been compromised during the incident. 

Wightlink chief executive Keith Greenfield stated, “I would like to thank all my colleagues at Wightlink who responded quickly ensuring that the impact to customers was minimised and that cross-Solent travel and bookings were unaffected.”