Last Week In Blockchain and CyberSecurity News - July 23, 2019

Equifax to Pay $700 Million in 2017 Data Breach Settlement

Investigators have fined Equifax over the infamous 2017 breach in which hackers managed to access information containing Social Security numbers, birth dates, and more. The attack exposed the data of almost 150 million customers. 

Equifax stated they would have to pay $300 million to cover free credit monitoring services for impacted consumers, “$175 million to 48 states in the U.S, and $100 million in civil penalties to the Consumer Financial Protection Bureau (CFPB).” If the initial payments do not cover Equifax’s consumer losses, the company is then held responsible for an additional $125 million.  

Equifax has been dealing with multiple lawsuits and numerous detrimental effects since the breach. 

Read more here

Hackers Breach 62 U.S. Colleges by Allegedly Exploiting Ellucian Banner Web Flaw

Hackers exploited the systems of 62 colleges and universities by abusing a vulnerability in an enterprise resource planning (ERP) web app. The web app, Ellucian Banner Web Tailor, is a module of the Ellucian Banner ERP and was found to be vulnerable earlier this year. The vulnerability resides in the “authentication mechanism used by the two modules that can allow remote attackers to hijack victims' web sessions and gain access to their accounts.”  

Since discovering the vulnerability, hackers have been scanning the Internet looking for entities to victimize. Once a vulnerable system is found, the attackers "leverage scripts in the admissions or enrollment section of the affected Banner system to create multiple student accounts." 

Over 1,400 colleges, universities, and other entities currently use the Ellucian Banner ERP.   

Read more here

ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers

ProFTPD, an open-source and cross-platform FTP server with support for UNIX and Windows systems, has been recently targeted with remote code execution and information disclosure attacks. More than one million ProFTPD servers are vulnerable to the attacks, and all ProFTPD versions under 1.3.5b are impacted by this vulnerability.  

Exploiting this vulnerability, Attackers are able to execute arbitrary code “without the need to authenticate and with the user rights of the ProFTPD service after successful exploitation.”  

ProFTPD’s security team has patched the vulnerability and released ProFTPD 1.3.6. Server admins must patch ProFTPD to mitigate any attacks quickly. 

Get more information here

Hacker Steal Data of over 70% of Bulgarian Citizens from Tax Agency Servers

Bulgaria has now suffered the most significant data breach in its history, resulting in the data exposure of over five million adult citizens. An unknown hacker was able to infiltrate the country’s tax reporting services and siphon over 21GB of stolen information.  

The data includes personal identifiable numbers, addresses, and financial info. The tax agency is now facing a fine of up to $22.4 million or “or 4% of the agency's annual turnover over the data breach.” It is still not clear who was behind the data breach; however, Bulgarian authorities have arrested a suspect. 

Read more here

Swedish Crypto Exchange QuickBit Announces User Data Breach

Yesterday, Quickbit digital currency exchange experienced a database incident that resulted in a breach of sensitive user data. Quickbit announced personal data “such as names, addresses, email addresses and card information of 2% of its customers was exposed.”   

The company stated that no passwords, Social Security numbers, or other sensitive information was accessed or stolen. Quickbit also explained how their database was exposed, saying:  

“QuickBit has recently adopted a third-party system for supplementary security screening of customers. In connection with the delivery of this system, it has been on a server that has been visible outside QuickBits firewall for a few days, and thus accessible to the person who has the right tools.” 

As criminals continue to target digital currency exchanges, organizations must stay vigilant and follow all cyber security best practices. 

Read more here