Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 23 March 2020

Data Breaches Digest - Week 13 2020

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 23rd March and 29th March 2020.

29th March

Finastra Says Cyber-Attack Sought to Take Advantage of COVID-19 Driven Shift to Remote Operations

How Is Covid-19 Creating Data Breaches?

Source code of Dharma ransomware pops up for sale on hacking forums

What’s the Difference between Hacking and Phishing?

28th March

A mysterious hacker group is eavesdropping on corporate email and FTP traffic

Data of 9,735 teachers shared after 'phishing' email breach

How to protect your business from cyber attacks

27th March

75% of Large Businesses Suffered Security Breaches in 2019

ACSC issues warning around coronavirus-themed malicious cyber activity

Booz Allen analyzed 200+ Russian hacking operations to better understand their tactics

Chubb investigates possible data breach

Coronavirus and home working: Cyber criminals shift focus to target remote workers

Cyberinsurance carrier Chubb investigating possible data breach

Data breach at Teaching Council

FBI takes down hacker platform Deer.io

Four ways to prevent data breaches

Hackers Attack Database of India’s COVID-19 Patients and Potential Suspects

Insurance firm Chubb may be latest Maze ransomware victim

Norwegian Cruise Line experiences data breach of travel agents records

Social Bluebook was hacked, exposing 217,000 influencers’ accounts

Thousands of Dark Web sites deleted in attack on free hosting service

Tupperware e-Commerce Web Site Hacked by Credit Card Skimmers

Virgin Media faces £4.5BILLION compensation payout after data breach left personal details of 900,000 customers online for 10 months, lawyers say

Virgin Media faces £4.5billion fine after exposing customers’ PORN searches

Virgin Media Facing Huge Compensation Bill Over Data Breach

26th March

#COVID19 Drives Phishing Emails Up 667% in Under a Month

All 4G Networks Susceptible to DoS Attacks

Businesses can avoid fines if customer data is encrypted or redacted

Cyber insurer Chubb had data stolen in Maze ransomware attack

D-Link and Linksys routers hacked to point users to coronavirus-themed malware

Data Deposit Box Exposes PII of 270K Users

Data on Covid-19 patients and suspects in Kerala hacked

Delhi Police Issues List Of “Dangerous” Websites Exploiting Coronavirus Scare

Disney+ Users Are Furious After Hacked Accounts Lead to Customer Service Headaches

Google says no APP users have been phished to date

Hackers Hit Cybersecurity Insurance Co Chubb

Half of firms have spotted a cyberattack - and here is the most common one you will face

Internal AMD source files surface online after data breach

Intersections between Records Management and Security Management

Kenya cyber attacks up by half to 37m in one quarter

Medical and military contractor Kimchuk hit by data-stealing ransomware

Rare BadUSB attack detected in the wild against US hospitality provider

Security Firm Keepnet Labs Database Leaked 5 Billion Records Of Breached Data

Singapore most exposed, but also most prepared in cybersecurity: Deloitte

SpyCloud Releases Research Report, Noting Breach Exposure of the Fortune 1000

Thousands of Darknet Websites Went Down Following Hosting Provider Hack

Three-Quarters of Large Firms Suffered Security Breach Last Year

Toronto residents’ data improperly shared with councillor’s office in privacy breach

Tupperware Site Hacked by Digital Skimming Gang

UK organizations becoming more resilient to data breaches and cyber-attacks

Xbox Series X Graphics Source Code Reportedly Stolen, Being Held for $100 Million Ransom

25th March

140K Patients Impacted in Tandem Diabetes Care Phishing Attack

Almost half of UK businesses suffered a cyber attack in past year

AMD Reports Theft of Graphics IP, Stolen Information Not Core to Competitiveness

Ameren Missouri supplier hit by ransomware attack amid growing concern for critical infrastructure

Android Malware Takes Payment for ‘Coronavirus Finder’ Map

APT41 Exploited Cisco, Citrix and Zoho Bugs in Wide-Ranging Campaign

Breach at third party supplier impacted General Electric employees

Brit housing association blabs 3,500 folks' sexual orientation, ethnicity in email blunder

Chinese Regulator Probes Weibo Data Breach

Cincinnati Firm Faces $5m Data Breach Lawsuit

Critical infrastructure attacks more worrying than data breaches for most security pros

Cyber Security Breaches Survey 2020

Cybersecurity warning: 10 ways hackers are using automation to boost their attacks

Dark web hosting provider hacked again - 7,600 sites down

Data Breach Report: Cloud Storage Exposes 270,000 Users’ Private Information

Data protection as a means of defending intangible cultural assets

Enterprises struggle to patch endpoints against critical vulnerabilities

Equifax Data Breach Settlement – Consumers not Getting Payout

GE Employees Lit Up with Sensitive Doc Breach

Hacking isn't canceled: Chinese group attacked Citrix and Zoho during coronavirus lockdown

Housing association suffers data breach over coronavirus email

Infrastructure cyberattacks biggest concern for global IT security leaders

Legal industry at great risk from insider data breaches

Massive increase in South African network attacks

More Ransomware Gangs Join Data-Leaking Cult

New Cyber Hygiene Report Uncovers a Patching Dilemma in America

Password vulnerability at Fortune 1000 companies

Ransomware hits healthcare hardest, preys on SMBs

Six industries that need to hire a data protection officer

The Real Cost of Data Breach on Retail

TrickBot App Bypasses Non-SMS Banking 2FA

Tupperware Site Hacked With Fake Form to Steal Credit Cards

Tupperware website hacked and infected with payment card skimmer

World Health Organization sees targeted cyberattacks double

24th March

96% of IT leaders in the legal sector say insider data breaches are a major concern, according to new research unveiled today by Egress

Beazley: Ransomware Attacks Increasingly Paired With Data Breach

Canon breach exposes personal data of current, former GE employees, beneficiaries

Cloud misconfigurations are costing businesses trillions

Cyber-Attack Potentially Slows Down Development of Coronavirus Vaccine

GE Discloses Service Provider Canon Suffered Data Breach

‘General Electric’ Announces Disclosed Data Incident Concerning Employees

General Electric employees hit by Canon data breach

General Electric suffers data breach after service provider hack

Hackers tried to breach WHO systems amid coronavirus crisis

Hijackers stealing thousands of Disney+ and Netflix accounts

HPE says firmware bug will brick some SSDs starting in October this year

Indian property site hack leads to 2 million users’ data exposed

Insider data breaches in the legal sector are major concern

Insurers See Ransomware Claims More Than Double

Kaspersky finds new APT targeting the Middle East's industrial sector

Malicious 'Corona Anti-Virus' Software Discovered

Microsoft's Windows 10 warning: Astaroth malware is back. This time it's even stealthier

Ransomware Attacks, Funds Demanded Soared in 2019: Beazley

Ransomware Attacks Skyrocketed Last Year, Cyber Insurer Reports

Sex life details leaked in BBC data breaches

Sina Weibo Suffered Data Breach Exposing 538 Million Records Now On Sale

Tekya Malware Threatens Millions of Android Users via Google Play

The best practice approach to data protection

The personal data of more than 172 million Weibo users are available for purchase on Dark Web

Total Quality Logistics facing $5 million lawsuit over 'massive' data breach

TrickBot now pushes Android app for bypassing 2FA on banking accounts

UK Fintech Company Finastra Went Down After Ransomware Attack

Windows is being attacked by hackers, Microsoft admits

23rd March

Ameren Missouri Equipment Supplier Targeted In Ransomware Attack

Apache Tomcat Exploit Poised to Pounce, Stealing Files

Australian data breach notifications increased in the second half of 2019, but still lag behind other nations

Companies risk security breaches, corruption and bribery due to COVID-19

Data Privacy and Security in the Travel Industry

Diabetes device manufacturer notifies 140,000 patients of phishing attack

Finastra Updates Following Security Breach: We do not believe that any customer or employee data was accessed

Go Ahead, Blame Your Principal for the Data Breach

Hacker selling data of 538 million Weibo users

Healthcare data breach: Medical device manufacturer discloses phishing attack

Korea University staffer accused of data breach, sexual harassment

Macy’s Faces Class Action Lawsuit After October Data Breach

Ransomware group said to be publishing freight forwarding firm's data

Security Threats Soar Along with Data Volumes

Tech Giant GE Discloses Data Breach After Service Provider Hack

The real insider threat is the use of security software?

Virgin Media Data Breach: What Can Customers Do?

WHO unsuccessfully targeted by hackers earlier this month

Why Physical Data Destruction is Absolutely Vital

World's third largest cruise line Norwegian suffers data breach