Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 28 December 2020

Data Breaches Digest - Week 53 2020

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 28th December 2020 and 3rd January 2021.

3rd January

2021 brings an alert of a new phishing scam

2021 Cybersecurity Trends: Bigger Budgets, Endpoint Emphasis and Cloud

AIDA Ships Face Service Disruptions – Ransomware Attack Suspected

Beware: PayPal phishing texts state your account is 'limited'

Cybersecurity is the Top Priority of Enterprises in 2021

Data Of 10 Cr Digital Payments Transactions Leaked After Attack On Juspay’s Server

Free check to see if your router has been hacked by criminals

Hackers Freeze NYC Public School Systems

How Does Fraud Impact Emotional Well-Being?

How To Protect Your Business From Ransomware Attacks

Kaspersky: Enterprises that disclose breaches proactively suffer less financial damage

Over 100 Million Credit, Debit Cardholders' Data Leaked on Dark Web

Scamsters eye 'foodies' online, swindle lakhs

Second T-Mobile Data Breach Reported Within A Year

T-Mobile says hackers accessed some customer call records in data breach

When an American company tricks its employees into thinking they have earned a bonus

Why cyber-risk education is the new form of literacy countries must keep up with

Why Small and Medium-Sized Professional Service Firms Are a Big Target for Ransomware Attacks

2nd January

Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways

Cyberattack cripples NYC DOE’s teacher disciplinary system

Personal info at risk when you shop on public Wi-Fi

Ransomware attack cripples NYC DOE’s teacher disciplinary system

Secret backdoor discovered in Zyxel firewall and AP controllers

1st January

5 Cybersecurity Trends CISOs Must Track in 2021

A Data-Backed Look At the Post-Coronavirus Cybersecurity Landscape

Amey suffers cyber attack from ransomware

Around the World in 2021 Hacker Predictions

Automation for Better or Worse in 2021

Banbury area residents warned of scammers promising a coronavirus vaccine

CISOs Prioritized Rapid Remote Work Shift Over Cybersecurity

Cyberattacks strike at COVID-19 vaccine cold chains

Cyber security threat predictions for 2021

Facebook Messenger Phishing Scam Is Letting Hackers Into Accounts, Here’s How

Hackers Breach IndiGo’s Servers And Could Release Internal Documents

HMRC warning: Self Assessment scam circulates as vital deadline falls this month

How The COVID-19 Pandemic Empowered Cybercriminals, Hackers & Cyberattacks

How to avoid a cyber hack

How to Transform Your Cybersecurity Posture

HP predicts cyberattacks to become more targeted in 2021

Mega ad phishing campaign hits over 6.15 lakh Facebook users; here's all you need to know

Microsoft Says One Account Used To View Source Code In Solorigate Hack

Online fraud and five ways for users to protect themselves

Police offer tips to avoid email phishing scams

Premium Bonds: NS&I explains how customers can keep their details safe from new scams

Ransomware, Data Breach and Phishing

The Year of the Hack: 5 of 2020’s Biggest Security Breaches

WhatsApp scammers around you, stay safe with these handy tips

Why Financial Organisations Are a Prime Target for Cyber-Attacks

31st December

3-2-1...Happy New Year! How Backup Can Ensure Your Data Protection and Security in 2021 and Beyond

4 ways to get proactive and strengthen your cybersecurity position

10 biggest patient data breaches in 2020

2020 in review: Our top privacy and security tips

2020 set the stage for cybersecurity priorities in 2021

Adobe Flash Player is officially dead tomorrow

Be a Hacker in Ten Minutes With No Expertise Required

Beware of paying that ransomware threat

Bill and Melinda Gates Foundation backed project suffers data breach, 930,000 children affected

Charlotte's Wyndham Capital involved in class-action lawsuit over data breaches

Coronavirus scams rise warning by Trading Standards Scotland

County officials say courthouse experiencing phishing scam, no info compromised

Cybersecurity and What’s Not Working from Home

Cybersecurity in 2021 – what can we expect?

Data Breach At Northwestern Memorial, Hospital Says No Evidence Of Fraud

Data breach broker selling user records stolen from 26 companies

FBI warn hackers are hijacking smart home devices for swatting

Fergus Falls health system's computer network disrupted after ransomware attack

Financial services industry hit with tens of millions of attacks per day

Four ways to improve the relationship between security and IT

Hacked home cams used to livestream police raids in swatting attacks

Hospital remains vigilant amid new cyber threat

How to prevent the security risks of a remote workforce

Instagram Top 9 Warning: Downloading bogus 'best nine' app today can delete your account

Jamaica: Government putting fight to cyber criminals

Japanese aerospace company Kawasaki reports data breach

Kim Kardashian & Dua Lipa Headline 2020’s Celebrity Hacked List

Ledger won’t compensate users affected by data leak

Malaysia: Police Warn Of Scammers Harvesting Personal Information From JPJ, SPR, and MyEG Portals

Microsoft: SolarWinds hackers accessed our source code

Microsoft Edge Allows Users to Scan for Exposed Passwords

Non-profit founded by Gates Foundation suffers massive exposure of student records

One in four businesses hit by more than 7 cyber-attacks in 2020

Proposed New FinCEN Rules for Crypto Wallets Raise Privacy Concerns; Larger Transactions Would No Longer Be Anonymous

Ransomware 2020: A Year of Many Changes

Ransomware attack strikes Nygard IT systems on Dec. 12, receiver company assessing impact

Russian hackers accessed Microsoft’s vital source code in massive cyber attack that targeted US government

Securing Work-From-Home Networks to Safeguard Your Business/a>

SMBs: How to find the right MSP for your cybersecurity needs

SMiShing Spawns the Need for a Better AI Mobile Phishing Defense

SolarWinds hackers accessed Microsoft source code

T-Mobile Claims It Resolved End-Of-Year Data Breach

T-Mobile data breach sees phone numbers and call records leaked online

T-Mobile reports a data breach that happened in November

T-Mobile rounds out this awful year with another data breach, affecting hundreds of thousands of subscribers

T-Mobile warns customers of second data breach in less than a year

The Coolest Hacks of 2020

Ticketmaster fined $10 million for breaking into rival’s systems

Ticketmaster fined $10m for business 'intrusions'

US Treasury Warns of Increasing Ransomware Campaigns Against Coronavirus Vaccine Research Institutions

Want to Keep Personal Data Secure? Here's How to Encrypt a File

Warner Music Group Sued in L.A. Over Data Breach

What Does 2021 Hold for Cybersecurity?

Whirlpool Hit With Ransomware Attack

30th December

4 of the Worst Data Breaches of All Time

5 Ransomware Predictions to Ring In 2021

11 healthcare malware, ransomware and phishing incidents in December

40% of small business employees worried they’ll be blamed for data breaches at work

2021 strategy predictions: Shifts in business models, shifts in security priorities

2021 will overburden already stressed infosec teams

Appliances Giant Whirlpool Suffered Ransomware Attack

Austin, Texas DPS Victims Of Suspected Russian Data Breach

Beware Of This Fake Instagram Top 9 App That Can Delete Your Account

Check Point Survey: Cyberattack Volumes Up During COVID-19 Pandemic

China settles over 3,100 personal data breach cases in 2020

CISA updates SolarWinds guidance, tells US govt agencies to update right away

Cyber Kidnappers Expected to Switch Tactics to Data Exfiltration in 2021

Cybersecurity: 4 key areas that IT leaders need to address

Cybersecurity challenges in 2021 and how to address them

Developers are in the Driver’s Seat: What Does it Mean for Security?

DHS orders federal agencies to update SolarWinds Orion platform

Emotet malware hits Lithuania's National Public Health Center

FBI, HHS Alert to COVID-19 Vaccine Fraud Schemes Aimed at Data Theft

FinCEN: Beware Scams Related to COVID-19 Vaccines

From Covid Data Theft To ‘Teaching India A Lesson’: Cyber Attacks Targeted India Inc In 2020

GenRx Pharmacy Ransomware Attack Leads to Disclosure of HIPAA Data Breach

GenRx Pharmacy ransomware attack leads to HIPAA data breach disclosure

Hackers go phishing for remote workers during pandemic

Hackers may have accessed employee's personal and banking information in TransLink cyberattack

Hackers publish client data stripped from Auckland financial services company on dark web

Health insurance cyber-attacks: How insurers can prevent weaponized files from staking a claim

Hyrule Warriors Publisher Suffers Data Breach

Israel, Cyberattacks and International Law

Kaggle Reportedly Hit By A Data Breach

Koei Tecmo Shuts Down Forums Following Data Hack

Koei Tecmo shuts down websites and forums following cyber attack

Lake Region Healthcare computer systems disrupted after ransomware attack

Local governments needn't face ransomware streak alone, experts say

Maintaining Control Over Your Security Infrastructure in a Multi-Cloud World

Mobile Endpoint Security: Still the Crack in the Enterprise's Cyber Armor

Protecting Your Online Services From DDoS Attacks

Scammers Go Smishing to Exploit Shipping Delays

T-Mobile data breach exposed phone numbers, call records

Take back your privacy from eavesdroppers

Taxpayers warned of COVID-19 related text scam

The biggest healthcare data breaches reported in 2020

The scariest thing about that GoDaddy phishing test story

The Sunburst hack was massive and devastating – 5 observations from a cybersecurity expert

There’s a new Facebook Messenger ‘video scam’ that you must know

TransLink slammed by cyber security expert for opaque ransomware response

TransLink warns staff hackers accessed personal banking information in cyberattack

Why You Should Stop Using Your Facebook Messenger App

29th December

5 reasons why scams survive, thrive, and succeed

6 Questions Attackers Ask Before Choosing an Asset to Exploit

21 Buttons Leaked Sensitive User Data Due to Misconfigured Hosting

484K Aetna ACE Plan Members Impacted by EyeMed Email Hack

2020 Work-for-Home Shift: What We Learned

A Review of Ransomware in 2020

After the worst year ever for ransomware, 2021 will be more of the same

Antwerp laboratory becomes latest victim of cyber-attack

Arcadia hospital hacked in widespread data breach

Brazilians mostly unaware of data protection regulations

Canada: Some transit employees tighten belts after payroll hit by TransLink ransomware attack

CISA releases free detection tool for Azure/M365 environment

Cyberpunk 2077 Mobile Version is a Ransomware

Cyberpunk 2077 Mobile version is not what it looks

Cybersecurity Predictions: Why 2021 Will be the Year for Human Layer Security

Estonian companies lose over €1 million annually to cyberattacks

FBI: Pranksters are hijacking smart devices to live-stream swatting incidents

Finance sector warned of Covid-19 vaccine fraud

Five steps to secure your business – From the C-suite to the assembly line

Germany: 'Colossal' cyber-attack knocks out Funke news group

Global cyber insurance market set for massive growth

GoDaddy email told employees they were getting a bonus, it was a phishing test

Here’s how to make your computer safe for crypto trading

Home Appliance Maker ‘Whirlpool’ Hit by Ransomware Actors

Honesty best policy to reduce financial cost of security breaches

Hotels, Hookups, Video Conferencing: Top 10 Data Breaches of 2020

How companies can use automation to secure cloud data

How government offices can secure operations post COVID-19

International law enforcement officials take down VPN used by cybercriminals

Japanese Aerospace Firm Kawasaki Warns of Data Breach

Kaspersky reveals two APT incidents related to vaccine research

Kawasaki discloses security breach, potential data leak

Kawasaki Heavy Industries reports data breach as attackers found with year-long network access

Keeping customers safe when banking online

Keeping Up With the Uncertainty of Shifting Global Data Protection Regulations

Mac Attackers Remain Focused Mainly on Adware, Fooling Users

Make cybersecurity your New Year resolution

Microsoft: SolarWinds hackers' goal was the victims' cloud data

NetGalley data breach may have exposed user information

New warning over coronavirus vaccination scams

Phishing email campaign used Huron County email addresses

Predictions on the Role of Automation and Cloud Computing in Cyberthreat Intelligence

Ransomware Is Headed Down a Dire Path

Sangoma Technologies Provides Update Regarding Data Breach

Shipping urged to improve cyber vigilance

Shoppers targeted by Amazon Gift Card scam spreading the Dridex Trojan

Swatters hijack smart home devices to watch emergency responders

The Best Way to Combat Ransomware Attacks in 2021

The need for zero trust security a certainty for an uncertain 2021

The Sunburst Hack Was Massive and Devastating

The worst passwords of 2020

Think Like an Attacker: Effectively Addressing Targeted Phishing and Fraud

Transitioning from vulnerability management to vulnerability remediation

Treasury asks financial sector to watch out for COVID vaccine scams, ransomware

Trends in IT-Security and IAM in 2021, the “New Normal” and beyond

Understanding fraud trends during Covid-19

US Treasury warns of ransomware targeting COVID-19 vaccine research

Vaccine rollout and remote working will make 2021 a prosperous year for cybercriminals

Voyager cryptocurrency broker halted trading due to cyberattack

Wasabi cloud storage service knocked offline for hosting malware

What are organisations doing to address cyber security in 2021?

Zero-Day Spear Phishing Attack Targeting Covid-19 Pharmaceuticals - Likely Nation-State Threat Actors

28th December

3-2-1, No Thank You

5 cybersecurity tips for the education sector

5 defining cyberattacks on trucking and logistics in 2020

8 Types of Internet of Things Security Threats

2020 had its share of memorable hacks and breaches. Here are the top 10

2020 was a big year for the passwordless enterprise: Where is it headed to now?

A Holiday Season Like No Other: What To Know To Guard Your Company Against Fraud

After Ledger Hack, Who Can You Trust For Bitcoin Storage?

After SolarWinds Data Breach in US, Vietnam Targeted in Similar Supply-Chain Cyberattack

AIDA Cruise Ships Under Cyber Attack – Are Costa Ships Also Affected?

Aida Cruises cancels trips due to mysterious "IT restrictions"

Ashley Moody Concludes Data Breach Investigation of Sabre Hospitality Solutions

Athens optometrist reports data breach

Attorney General Announces $2.4M Settlement With Sabre Hospitality Solutions Over Data Breach

Be Careful: Cyberpunk 2077 Mobile Version is A Ransomware

Beware of COVID-19 vaccine scam; could drain your bank accounts empty

Bollywood hacked: Farah Khan, Vikrant Massey, other celebs fell victim to phishing scam

CISA releases Azure, Microsoft 365 malicious activity detection tools

COVID-19 impact on data backup will continue in 2021

Database Containing Personal Information of 270,000 Ledger customers Leaked on RaidForums

Death from ransomware, is it possible?

Defending the COVID-19 Vaccine Supply Chain

Delete these popular Chrome and Edge extensions – they’re riddled with malware

Doing your holiday shopping online? Secure your data with these 5 tips

Don’t fall for this fake Amazon gift card offer

Failed Regional District of Okanagan-Similkameen (RDOS) cyberattack still under investigation

Fake DPD messages continue to catch people out

FinCEN Issues Warning About COVID-19 Vaccine Scams, Cyberattacks

FinCEN's new rule will protect Americans and accelerate cryptocurrency's adoption

Finland says hackers accessed MPs' emails accounts

Finnish Parliament attackers hack lawmakers’ email accounts

Four words summarized cybersecurity in 2020: COVID-19, ransomware, Twitter, and SolarWinds

GitHub-hosted malware calculates Cobalt Strike payload from Imgur pic

GoDaddy accused of ‘tricking’ employees with phishing email

GoDaddy battles backlash after 'tricking' employees with holiday bonus: 'Millions are suffering right now'

GoDaddy emailed employees that they got a USD 650 bonus – but it turned out to be an evil trick

Hackers Amp Up COVID-19 IP Theft Attacks

Hackers phish 615,000 login credentials by using Facebook ads

Health to be on cyber-security's front line in 2021

Healthcare Cyberthreats: An API-First Approach To Protection

Home appliance giant Whirlpool hit in Nefilim ransomware attack

How COVID-19 Tilted the Scale in Favor of VPNs

How DNS Security Helps Agencies Protect Themselves

How to Securely Send Sensitive Information over the Internet

In a Zero Trust World, Compliance Doesn’t Equal Security

In Good Health: Protecting Healthcare Networks From Cyberattacks

In wake of SolarWinds and Vietnam, more supply chain attacks expected 2021

Information of nearly half a million Aetna members exposed in email hack

International Appliance Giant Whirlpool Has Been Hit By Ransomware

Kawasaki Heavy hack may have targeted defense-linked information

‘Koei Tecmo’ Hacked and Website Still Offline Days After the Attack

Memorial University (MUN) Issues Advisory on Phishing Attack Targeting Students, Employees

More noteworthy cybersecurity news stories from 2020

Multi-platform card skimmer found on Shopify, BigCommerce stores

NetGalley Suffers Data Breach

Preparing for Disaster: How UK Healthcare can Ready Itself For a Ransomware Onslaught

Protecting Asia Pacific Businesses’ Online Presence

Radyo La Verdad warns of phishing link using its name

Ransomware Group REvil Attacks Celebs Where It Hurts – Their Images

Ransomware group REvil threatens to leak hacked celebrity plastic surgery pictures

Recovering from bad press and protecting your company's reputation

Remote Desktop Bugs: Patches That Took Priority in a Pandemic Year

REvil hackers to leak photos of plastic surgery patients after massive hack

SaaS security in 2021

The new frontier: Securing the work-from-home era

The Rise in Cyberattacks on Universities and Public School Systems

Top 5 ways to protect MFA codes

UK National Crime Agency (NCA) visits WeLeakInfo users to warn of using stolen data

Vietnam targeted in complex supply chain attack

WatchGuard: Hackers Target Corporate Networks Despite Shift to Remote Work

What the NIST Framework Misses About Cloud Security

Working together to suppress complex and organized fraud

Zoom, Amazon, ransomware: Tech’s big winners and losers of 2020