Editor's Message

Welcome to DBD. 2023 has been the worst year on record for Data-Leaking Ransomware Attacks, and despite Law Enforcement gains, show no signs of slowing down. On a more positive note, our PRiSM platform continues to gain recognition and is now officially endorsed as a Ransomware Intelligence Resource by the SANS Institute. With that in mind, we would like to take this opportunity to thank you for all your very much appreciated and continued support. Stay safe. :)

Monday 6 April 2020

Data Breaches Digest - Week 15 2020

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 6th April and 12th April 2020.

12th April

Coronavirus and Managing Remote Work Cyber Risks

Cryptocurrency Hackability, All That One Needs to Know

Cyber risk assessment: AI and ML are critical cyber security tools

Cybersecurity cases rise by 82.5%

Hacker Hits Italy-Owned Bank’s Emails, Data Breach Unknown

Irish data protection commissioner liaises with European colleagues over Zoom concerns

Login credentials stolen in hack of San Francisco International Airport websites

Pakistan's FIA asked to probe mobile data breach

SEC settles with two suspects in EDGAR hacking case

The Impact of Coronavirus on Cybersecurity

11th April

Data of 115m Pakistani mobile users put up for sale on dark web

Epilepsy Foundation followers exposed to seizure-inducing strobe lights in cyber attack

Is Zoom doomed?

Staff Mailboxes at Italy's Monte Dei Paschi Suffer Hacker Attack

10th April

3 Business Reasons Why You Shouldn’t Be Slashing Security Right Now

115 Million Pakistani Mobile Users Data Go on Sale on Dark Web, claims cybersec company

As coronavirus intensifies, so does cybercrime for businesses

Box CPO: Malware Presents "Tremendous Amount of Exposure" for Companies

Brazilian food and drug regulator bans Zoom

Compromised Zoom Credentials Swapped in Underground Forums

Coronavirus: Teachers in Singapore stop using Zoom after 'lewd' incidents

Dutch police take down 15 DDoS services in a week

Gambling company to set aside $30 million to deal with cyber-attack fallout

How Can CDOs Resurrect Data Protection?

Protecting long-term care facilities from cyberattacks and data breaches

San Francisco International Websites Hacked: Airport Discloses Data Breach

'Serious risk' of personal data leaks to add to honours blunder

Sextortion emails and porn scams are back – don’t let them scare you!

Suspecting Cyber Attack, Mediterranean Shipping Company Reports Network Outage

The Equifax Saga: It Could Happen Again. Don’t Let It

The importance of security for printers and other office software

The line between biological and cyber-threats has never been so thin

Tips For Businesses To Prevent And Recover From Cyber Attacks

Top Ways to Guard Against Work-from-Home Phishing Threats

Travelex paid $2.3 million in ransom to restore its systems

Travelex Ransomware Attack Payment: $2.3 Million

9th April

4 Statistical Reasons Data Security Should Be a Top Priority for Small Businesses

7 Ways Hackers and Scammers Are Exploiting Coronavirus Panic

After SpaceX, Google bans its employees from using Zoom over security concerns

All That Cloud Data Is Causing Firms to Focus on the Wrong Security Issues

Bisq Bitcoin exchange slams on the brakes after exploit of critical security flaw, crypto theft

Cabinet Office at risk of further data breaches, review concludes

City settles with Equifax for $1.5M over data breach

Coronavirus Cyberscams and Other Attacks – Scammers Are Still at It

Coronavirus online scams: How to protect your data and device

Cyber Security: More than just an IT issue

Data Breach Report: RigUp Exposes More Than 70,000 Private Files

Delete this VPN now, millions of users warned

Department for Education data protection ‘tightened significantly’ after massive breach of learner records

Fleeceware apps discovered on the iOS App Store

Hackers leak personal info of Vianet users

Healthcare security: LA respiratory hospital hit by supplier data breach

How Covid-19 will revolutionise SMEs' cyber security practices

Inoculating Against the Long-Term Fraud Implications of Remote Working

Is Zoom safe to use?

Maropost’s Leaky Database on Google Cloud Server Exposes 95 Million Email Records

Online scams, apps and trends to be aware of during the pandemic

Putting zero trust into action

Reducing the risk of email attacks

Review raises questions over Cabinet Office’s handling of personal data

SBTech ordered to set aside $30m to settle hacking claims

Travelex paid the ransom, breach investigation still underway

US Senate, German government tell staff not to use Zoom

Vianet’s customer data compromised with latest leaks (with official statement)

Zoom faces federal scrutiny over data privacy concerns

8th April

95M records exposed on database belonging to marketing firm Maropost

BlackBerry uncovers hacker tools that it says opened data servers for a decade

Can fingerprint authentication on smartphones be fooled with 3D printing?

Cybercriminals are living the dream – here’s how to stay safe

Cybersecurity prevention can save your company $682K

Dark_nexus botnet outstrips other malware with new, potent features

Data breach: Repubblika, Daphne Caruana Galizia Foundation file judicial protest

Data on 600,000 Email.it users for sale on dark web after email provider refuses to pay bounty

Data Protection and the Pandemic: What We Can Learn for Future Policy

Email.it data breach exposes 600,000 users

FBI warns of a phishing uptick as hackers latch on to coronavirus

Fraudster Puts Statue of Unity on Sale to Raise Pandemic Relief Fund

Hackers selling data of 600,000 Email.it customers on the Dark Web

How a Reactive Mindset Is a Threat to Data Security

Judicial protest filed over massive data breach

Less than half of businesses provide cybersecurity training

"Major systemic failure”: The Federal Court of Australia published full names of asylum seekers on the Commonwealth Courts Portal

Marketing giant Maropost exposes 95 million email records and doesn’t seem to care about it

Merchants Face An Increase In Cybersecurity Threats During COVID-19

Nearly 389,000 patients affected in March-reported breaches

Potential data breach reported at Colorado Mental Health Institute

Researchers use 3D-printed fingerprints to unlock an iPhone8, laptops

Shipbuilder Austal was hacked with stolen creds sold on dark web

Social Engineering Attacks: A Look at Social Engineering Examples in Action

The CSI Effect Comes to Cybersecurity

This is why the vicious xHelper malware resists factory wipes and reboots

University of Warwick hiding data security risks from students and staff

Vianet’s Data Breach Exposes More Than 170,000 Customers Personal Data

Video Calling Service Zoom Sued by Own Stakeholder For Not Revealing Privacy, Security Breach

Wawa says data breach affected thousands over 10 months

Working From Home and the Impact on Data Protection

Zoom sued over security lapses as stock slides

7th April

3 Proven Steps to Protect Your Data From Online Data Aggregators

37% of Businesses Expect to Grow by Investing in Cybersecurity

Cybersecurity vital during lockdown

Data of 600,000 email users up for sale on dark web

DDoS attacks took down Italy’s social security website amid COVID-19 crisis

Domain name registrar suspends 600 suspicious coronavirus websites

Drug testing firm sends data breach alerts after ransomware attack

Email provider got hacked, data of 600,000 users now sold on the dark web

Europol arrests man for coronavirus business email scam peddling masks, sanitizer

FBI Warns of a Sudden Rise in BEC Attacks Due to Coronavirus

Human errors account for 60% of all cyber-attacks

Network Segmentation: The First Line of Defense

New Ransomware Innovations Bring Shame

No COVID-19 Respite: Ransomware Keeps Pummeling Healthcare

Over 350,000 Microsoft Exchange servers still open to flaw that's under attack

Payments Processor nCourt Left Years Of Data Exposed

Phishing and Malware Attacks Against NASA Employees Have Doubled

Stockdale Radiology Is Circulating Notices About a Data Breach

Taiwan instructs government agencies not to use Zoom

These hackers have been quietly targeting Linux servers for years

UAE’s federal entities witness 11% jump in cyber attack attempts in March

UK Businesses Could Make Huge Savings on Cybersecurity Services

What is phishing? How this cyber attack works and how to prevent it

Zero in on Zero Trust

6th April

5 critical issues cybersecurity teams face with COVID-19

A Round-up of Data Breaches in March 2020

Algerian petroleum Joint Venture hit by Maze ransomware, data posted online

Australia on the cyber offence to bring down COVID-19 scammers

Australian Digital Health Agency reveals two 'probable' instances of Medicare fraud

Australian government advice on how to avoid coronavirus-related scams and cyber threats

BA and Marriott get GDPR fine reprieve

Battling cloud breaches requires a new type of 'privilege'

Beyond Zoom: How Safe Are Slack and Other Collaboration Apps?

Common Flaws Discovered in Penetration Tests Persist

Coronavirus-related cyberattacks surge in Brazil

Cyber criminals are trying a new trick to cash in on Zoom's popularity

DarkHotel hackers use VPN zero-day to breach Chinese government agencies

Data Thieves Hit California Property Management Company

Docker Users Targeted with Crypto Malware Via Exposed APIs

DoJ: Zoombombing Could Land You Behind Bars

Facebook’s official Twitter and Instagram accounts were hacked

Fake Zoom installers being used to distribute malware

Files sent to wrong address among large rise in data breaches

Hackers’ forum hacked, OGUsers database dumped (again)

Here's How an Automated Dialer Can Easily Find and Hack Your Zoom Meeting

If You Use the Key Ring App, Update Your Account Security Now

Interpol: Ransomware attacks on hospitals are increasing

Maze ransomware group hacks oil giant; leaks data online

Remote working has increased risk of a cyber breach, say businesses

Royal Bahamas Police Probe Patient Data Leak

Small business owners applying for COVID-19 relief may have had PII exposed, agency says

Tracking GDPR Fines

What Morrisons means for vicarious liability

Why healthcare cyber risk management is more important than ever

Zoom Blow as Thousands of User Videos Are Found Online