Search This Blog

Showing posts with label Private Information. Show all posts

Civicom Data Breach Disclosed 8TB of Files


Civicom, a New York City-based company that provides audio, online videoconferencing, and market analysis services, has been discovered to be giving its customers access to a goldmine of personal and sensitive data. 

Civicom excels in virtual meetings over the internet, and the files contain audio and video recordings of private customer sessions. Unfortunately, the S3 bucket was left open to the public with no password or security verification, allowing everyone with knowledge on how to discover damaged databases to access the data.

"The greatest audio and web conferencing services on the world, webinar services, global marketing research services, top transcription/CRM entry provider, general transcription service and more online jury trials." according to the company's Homepage. 

It was caused by a misconfigured AWS S3 bucket, rather than attackers intentionally hacking into the system, as is usual of this type of data breach. There were four different datasets exposed as listed below:

  • Conferences on video.
  • Highlights that have been clipped. 
  • Recordings on audio.
  • Transcripts of Audio. 

Countless hours of video and audio recordings, as well as hundreds of written transcripts, reveal Civicom's clients' private chats. Several businesses are likely to have discussed the following topics during these discussions: 
  • Sensitive business information (perhaps includes market research calls). 
  • Confidential information. 
  • Properties of the mind. 
It is worth noting that a number of client companies have employees whose personal information is visible on the bucket. Employees of Civicom clients' PII which have been exposed include complete names and photos of the faces and bodies of staff. At the time of the event, the bucket was active and being updated, and it had been active since February 2018. The management of Civicom's bucket is not Amazon's responsibility, therefore this data leak is not Amazon's fault. 

Civicom exposed 8 gigabytes of records containing more than 100,000 files, according to the Website Planet Security Team, which discovered the database. This was due to one of Civicom's unencrypted Amazon S3 buckets. The AWS S3 bucket has been active since 2018, according to the Website Planet Security Team. 

On October 28th, 2021, the researchers discovered the vulnerability and notified Civicom of the situation on October 30th, 2021.  After three months, Civicom replied to Website Planet and retrieved the bucket on January 26th, 2022. Nonetheless, the good news is, the bucket is not accessible to the general public.

Think Twice Before Downloading Pirated Software, Your Private Details Might Be at Risk


Purchasing software can be expensive, especially for those who have tight pockets. Many students and researchers find themselves in tough situations due to those costs. Some then turn to pirated software. However, it takes a heavy toll on software designers as their work is stolen from them. 

The issue with carrying out a pirated software download is that it consists of any titles used outside the permission parameters provided by the developer or distributor. That could mean using a cheaply made and illegally copied version. The cracked version is often embedded with malware as it allows the threat actors to compromise large numbers of personal computers and access the number of stolen credentials with ease. Here are some of the risks of downloading and using illegal software. 

Malicious content

Downloading pirated software can pose serious security risks, especially for those who use their computers for activities like banking, shopping, and submitting health insurance. Recently, cybersecurity experts uncovered evidence of illegitimate software key generators and cracked platforms containing ransomware that stole users’ passwords. 

According to a report by security firm Cybereason, one cracked software can affect more than 500,000 machines. Additionally, a study from the Digital Citizens Alliance discovered that one-third of pirated software contained malware. It also identified that software downloaded from illegal sources was 28 times more likely to contain malware than software downloaded from legitimate sources. 

Legitimacy issues 

Downloading pirated software is a punishable offense in almost every country around the globe. It is considered a violation of software copyright law and the punishment for violating the local copyright laws depends on the country in which the people concerned are being charged. 

Another major consequence is that you may be blocked by the software provider temporarily or permanently. For instance, if you pirate a copy of Adobe Photoshop, then Adobe could block you from using any of their software in the future. Particularly, if you rely on this software for your work, this could cause a serious problem.

Lack of updates 

The biggest ramification of using pirated software is the lack of updates. For legitimate software, manufacturers roll out timely updates not only to add new features but also to patch existing vulnerabilities in the software code. However, this is not feasible in the case of pirated software. Downloading a cracked version deprives you of new features and functionalities and also leaves you vulnerable to attackers due to issues in existing codes.

Private Information of 50,000 French Healthcare Workers Stolen


French authorities unearthed a glut of stolen credentials on the dark web, apparently belonging to the healthcare workers. The authorities have alerted the healthcare department and advised them to remain vigilant. In recent weeks, threat actors have attacked several French hospitals – including hospitals in Dax and Villefranche-sur-Saone.

The French Ministry of Social Affairs and Health issued an alert this week stating, France Computer Emergency Response Team notified our department regarding the sale of a list of 50,000 user accounts on a cybercriminal platform which includes login/password credentials apparently belonging to French healthcare workers. 

The alert notes that “it is difficult to accurately describe the origin of this leak, but the impact that the use of login/agent password couples can have on the security of institutions’ information systems is more easily valuable. That includes attempts to connect to remote means of access, such as Outlook web access and VPN. Once the connection is successful, attackers can use all the resources allocated to the compromised account to break into the information system.”

The French health ministry also admitted that several healthcare facilities in the nation have been attacked by malware involving Emotet, TrickBot, and Ryuk and while explaining the same, it said that “particular attention should be paid to this because these three malwares are used in complex chains of attacks that have a strong impact on the activity of victims. Scan campaigns from the infrastructure of the TA505 (Clop ransomware activity cluster) and UNC1878 (Ryuk ransomware activity cluster) targeting health facilities were also reported.”

Mutuelle Nationale des Hospitaliers (MNH), the latest victim of a ransomware attack stated, “we spotted an intrusion into our data system on February 5 and our cybersecurity team quickly determined the potency of the cyber-attack. The computer systems were taken offline to negate the spread of the virus and to shield the personal information of our members, staff, and our partners.”

Threat actors are using the same tactics of attacking the healthcare department in France and other nations as well. For instance, last week in South Korea threat actors attempted to steal Covid-19 vaccine and treatment data from pharmaceutical maker Pfizer.