Data Breach at Wyze Labs Exposes Information of 2.4 Million Customers
Last week, Wyze, a cost-effective home-security system company, experienced a large-scale breach impacting 2.4 million customers. Cybersecurity consulting firm Twelve Security notified Wyze about the breach, stating that Wi-Fi network details and email addresses of customers had been exposed for a total of 23 days. The unsecured database was connected to an Elasticsearch cluster from December 4, 2019, to December 27, 2019.
Wyze placed the cause of the data leak on an employee mistake that persisted due to a lack of security protocol enforcement. A new employee created a “flexible database to quickly pull user analytics, such as camera connectivity rates, user growth and the number of devices connected per user,” however, (s)he didn’t configure the proper security protocols on the database.
Wyze sent an email out Tuesday morning to its customers with further information about the breach and what actions the security company will take to protect its customers in the future.
Read more here
North Korean Hackers Allegedly Steal ‘Highly Sensitive Information From Microsoft Users
Microsoft is suing Thallium, an infamous North Korean hacking group, for allegedly stealing highly sensitive information from multiple organizations and individuals within the United States.
According to CNN and Microsoft, “Thallium targeted government employees, think tanks, university staff and members of groups that work on issues including nuclear proliferation and human rights”
More specifically, the lawsuit calls out two individuals who Microsoft believes work for Thallium. Using spear phishing attacks, Thallium has allegedly stolen passwords and other sensitive information from individual users. Once the group obtains login credentials, they scavenge emails, contact lists, and all additional information stored on Microsoft users’ accounts.
According to Microsoft, Thallium has been active since 2010 and poses a substantial threat to several organizations around the United States.
Read more here
Maze Ransomware Releases Files Stolen From City of Pensacola
Earlier this month, Pensacola became a victim of a ransomware attack, forcing the city to shut down its computer systems. Attackers used “Maze Ransomware” and demanded a $1 million ransom to decrypt the city’s files.
Last week, the cybercriminals released 2GB of the 32GB of data they stole and encrypted from the Pensacola network. In a discussion with Bleeping Computer, the attackers stated that the purpose of releasing Pensacola’s data was to prove that more than a few files were taken during the ransomware attack and that more data may be released in the future.
Get more information here
US Coast Guard Discloses Ryuk Ransomware Infection at Maritime Facility
The US Coast Guard (USCG) recently experienced a Ryuk ransomware attack, causing the organization to go offline for more than 30 hours. According to USCG officials, the initial point of compromise was a malicious email sent to a facility employee. Once the malware entered the facility’s IT network, the threat spread quickly and impacted “industrial control systems that monitor and control cargo transfer and encrypted files critical to process operations.”
According to ZDNet and Coast Guard officials, the infection caused a large disruption within the network, halting camera and physical access control systems, process control monitoring systems, and more.
Ransomware attacks have become increasingly common throughout 2019. As usual, it’s recommended to keep your antivirus software up-to-date and practice proper cybersecurity hygiene when browsing the internet.
Read more here
Special Olympics New York Hacked to Send Phishing Emails
Special Olympics New York, a nonprofit organization that provides training and athletic competitions to thousands of children and adults, experienced a security incident last week resulting in the hacking of their email servers. Due to this incident, malicious actors were able to impersonate the organization and send out phishing emails stating that an “impending donation transaction that would automatically debit $1,942,49 from the target’s account within two hours.”
The email provided a link that directs the victim to the attackers’ landing page. The landing page is no longer available, but the phisher likely utilized it to collect victims’ credit card details.
After discovering the security breach, Special Olympics New York sent out an email disclosing the hack and telling recipients to disregard the previous message (the phishing email).
Thankfully, no financial information was taken as only the communication systems were impacted by the hack.
Read more here