InForce Cyber

Threat Report May 2021

The month of May was the month of the Data Breach attacks. Here are some topics to support this statement:

Ireland’s Health Service Executive

Conti ransomware operators claim to have exfiltrated over 700GB of information from HSE. The gang claims to have accessed the HSE network for over two weeks prior to the attack. The threat actors claim to have stolen patient and employee information, financial statements, payrolls, contracts, and more. 

Armed Forces of Brazil

On May 3rd, 2021, the army published a booklet revealing the personal details of Brazilian generals on the ebook publishing platform Calaméo. The booklet exposed the generals’ names, phone numbers, emails, and names of their spouses and aides. According to Núcleo Jornalismo, the booklet contained classified information. The Army Social Communication Center stated the information in the booklet is outdated. 

Health Service Executive (Ireland)

The HSE confirmed that data belonging to patients has been leaked online following a Conti ransomware attack. The data includes sensitive patient information and some corporate documents. 

Toshiba (France)

On May 14th, 2021, DarkSide ransomware operators claimed to have stolen confidential information from a Toshiba entity in France. Over 740GB of data, including management, new businesses, and personal data, were allegedly exfiltrated. Toshiba confirmed a cyberattack against some of its European servers.  

Oxford University (UK)

A technical issue with DARS, the relationship management system used by the university, has allowed unauthorised Oxford Single Sign-On users to view sensitive data of Pembroke College’s alumni. The exposed data includes full names, ages, addresses, telephone numbers, and notes taken during calls held between telethon workers and the alumni. Some telethon training documentation was also compromised. 

The Sturdy Memorial Hospital (US)

The hospital paid a ransom to attackers following an incident that occurred on February 9th, 2021. Some impacted data belonged to healthcare providers that it previously partnered with, including Harbor Medical Associates, South Shore Medical Center, and providers linked to the South Shore Physician Hospital Organization. The stolen data included addresses, phone numbers, Social Security numbers, financial information, medical information, and more.

1.7 million customers’ data likely leaked from Japan dating app operator

Japanese dating app operator Net Marketing Co. said Friday personal data of 1.71 million users, including names and face photos, was likely leaked due to unauthorized access to its server.

The operator of the Omiai dating app said customer information provided to the company between January 2018 and last month might have been stolen, as its probe found its data server was hacked at least several times last month. 

8.3 million plaintext passwords exposed in DailyQuiz data breach

The personal details of 13 million DailyQuiz users have been leaked online earlier this year after a hacker breached the quiz builder’s database and stole its content, which he later put up for sale.

The data, of which The Record has obtained copies from two different sources, contains details about 12.8 million users, including plaintext passwords, emails, and IP addresses for 8.3 million accounts. 

Data Breaches
User info linked to 18cr Domino’s orders leaked
Chennai: In a major data leak, customer information related to 18 crore orders placed with Domino’s India have been made public by a hacker who claims to have breached the pizza major’s servers. The day on which an order was placed on Domino’s website or app, the exact delivery location, and the amount spent were among the information put out by the hacker. “Domino’s India Data Breach 13TB employee files and customer details. Search your phone number or mail id. 180M rows searchable,” reads a web page with a search link created by the hacker. The hackers also declared that payment details and employee files will be made public soon..
23 Android Apps Expose Over 100,000,000 Users’ Personal Data
Misconfigurations in multiple Android apps leaked sensitive data of more than 100 million users, potentially making them a lucrative target for malicious actors.“By not following best-practices when configuring and integrating third-party cloud-services into applications, millions of users’ private data was exposed,“ Check Point researchers said in an analysis published today and shared with The Hacker News.“In some cases, this type of misuse only affects the users, however, the developers were also left vulnerable. The misconfigurations put users’ personal data and developer’s internal resources, such as access to update mechanisms, storage, and more at risk.“
A UK recruitment firm exposed sensitive applicants data for months
FastTrack Reflex Recruitment firm recently joined the ranks of other companies that have been affected by data leaks due to misconfigured AWS S3 buckets. This data breach majorly affected the applicants whose CVs containing personal information were leaked, reports the research team at Website Planet.
Herff Jones credit card breach impacts college students across the US
Graduating students from several universities in the U.S. have been reporting fraudulent transactions after using payment cards at popular cap and gown maker Herff Jones. In the wake of the reports that started last Sunday, the company started an investigation to determine the extent of the data breach.