InTegriLogic Blog
The Week in Breach News: 02/28/24 – 03/05/24
This week: China may be behind a data breach at Taiwan’s biggest telecom and American Express suffers a data breach through its supply chain.
Golden Corral
https://www.bleepingcomputer.com/news/security/golden-corral-restaurant-chain-data-breach-impacts-183-000-people/
Exploit: Hacking
Golden Corral: Restaurant Chain
Risk to Business: 1.771 = Severe
Golden Corral, a nationwide restaurant chain in the U.S., has announced that it has experienced a data breach that impacted an estimated 180,000 people. The company said that bad actors had access to its systems between August 11 and August 15, 2023. During that period, they grabbed sensitive data belonging to about 180,00yees and former employees. The stolen information could include employee, dependent, and beneficiary names, Social Security numbers, financial account information, driver’s license numbers, medical information, username and password and health insurance information.
How It Could Affect Your Business: Businesses like restaurants are at just as much risk for cybersecurity trouble as businesses in other service industries.
U-Haul
https://www.iotworldtoday.com/security/u-haul-data-breach-affects-67-000-across-us-canada#close-modal
Exploit: Hacking
U-Haul: Truck Rental Company
Risk to Business: 1.691 = Severe
Ubiquitous truck rental firm U-Haul has announced that it has experienced a data breach that impacts customers in the U.S. and Canada. The breach took place between July 20 and October 2, 2023, and affected about 67,000 customers. Those customers may have had their personally identifiable information (PII) exposed including their names, dates of birth and driver’s license numbers. U-aul is informing the victims by letter.
How It Could Affect Your Business: Companies like U-Haul serve both consumers and businesses, making them likely to hold a wide variety of data.
American Express
https://www.bankinfosecurity.com/hack-at-services-firm-hits-24-million-eye-doctor-patients-a-24418
Exploit: Supply Chain Data Breach
American Express: Credit Card Company
Risk to Business: 1.301 = Extreme
American Express has filed a data breach notification warning customers that their data may have been exposed. In the notification, American Express said that a third-party service provider engaged by numerous merchants experienced unauthorized access to its systems. Cardholders’ American Express Card account numbers, names and card expiration data may have been exposed in the incident. American Express did not disclose how many customers were impacted or name the merchant processor involved.
How It Could Affect Your Business: Even big companies can experience a data breach because of a cybersecurity problem at one of their service providers.
Scotland – Scottish Ambulance Service (SAS)
https://sg.news.yahoo.com/scottish-ambulance-apologise-staff-data-093340514.html
Exploit: Human Error
Scottish Ambulance Service (SAS): Ambulance Service
Risk to Business: 1.462 = Extreme
Scottish Ambulance Service (SAS) has released an apology for their recent data breach. The January 16 incident was caused by an employee carelessly attaching the wrong document to an email, giving the recipients a look at a confidential spreadsheet. The email went out to first responders and the spreadsheet contained personal data about other first responders.
How It Could Affect Your Business: The most likely vector for a data breach is always going to be people, but security awareness training helps eliminate careless mistakes.
Malawi – Malawi Department of Immigration
https://www.darkreading.com/cyberattacks-data-breaches/malawi-immigration-department-halts-services-amid-cyberattack
Exploit: Ransomware
Malawi Department of Immigration: Government Agency
Risk to Business: 1.702 = Severe
A ransomware attack has disrupted the operations of the Malawi Department of Immigration. The agency has been unable to issue passports for the last two weeks due to the attack on the immigration service’s computer network. The President of Malawi said that the cybercriminals have made a ransom demand, but the government will not pay it. The agency is working on a plan to begin issuing passports in the next three weeks and reinforcing its security long-term.
How it Could Affect Your Business: It’s never a wise move for anyone to pay extortionists who will almost certainly come back for more.
Taiwan – Chunghwa Telecom
https://www.darkreading.com/cyberattacks-data-breaches/taiwan-telco-breached-data-sold-on-dark-web
Exploit: Ransomware
Chunghwa Telecom: Telecommunications Company
Risk to Business: 1.836 = Severe
Suspected Chinese hackers gained entry into the systems of Taiwan’s largest telecom, Chunghwa Telecom. The attackers made off with 1.7TB of data that was published on the dark web. Taiwanese officials confirmed that the stolen data includes documents from the armed forces, foreign affairs ministry and coast guard. However, officials at Taiwan’s Defense Ministry were quick to say that the leaked data, including contracts, did not contain confidential information.
How it Could Affect Your Business: Nation-state hacking is frequently the cause of cyber attacks on infrastructure targets like telecommunications companies.
Hong Kong – Cutout.Pro
https://www.bleepingcomputer.com/news/security/20-million-cutoutpro-user-records-leaked-on-data-breach-forum/
Exploit: Hacking
Cutout.Pro: AI Photo Editing Tool
Risk to Business: 1.566 = Severe
AI-powered photo and video editing platform Cutout.Pro has admitted that it suffered a data breach. An estimated 21.4 million customer records were exposed. A hacker going by the name “KryptonZambie” shared a link to CSV files containing 5.93 GB on a popular dark web leak forum. About 20 million of the stolen records contained unique email addresses. The purloined records contained a variety of information, including a user’s User ID and profile picture, API access key, account creation date, email address, user IP address, mobile phone number, password and salt used in hashing, user type and account status.
How it Could Affect Your Business: Data is still a valuable and profitable commodity on the dark web, and cybercriminals are always hunting for fresh sources.
China – YX International
https://techcrunch.com/2024/02/29/leaky-database-two-factor-codes/
Exploit: Misconfiguration
YX International: Technology Company
Risk to Business: 1.802 = Severe
YX International, a company that specializes in routing SMS messages, has experienced a data breach thanks to an unsecured database. The researcher who discovered the database noted that it contained information that went back to July 2023, and it was apparently still in use. That information includes the contents of text messages sent to users on behalf of some of the world’s biggest tech companies like Facebook, WhatsApp, Google and TikTok. Those messages contained a variety of data including one-time passcodes and password reset links.
How it Could Affect Your Business: Employee errors like failing to secure a database can turn into expensive nightmares for businesses fast.