CyberSecurity Updates

Ferrari denies breach following 7GB of data posted online

Italian car manufacturer Ferrari has denied being the victim of a cyber-attack after ransomware gang RansomEXX claimed it had stolen 7GB of the company’s data and posted it online. News of the alleged breach was posted by dark web intelligence feed DarkFeed on Twitterwhere it shared screenshots from RansomEXX in which they claimed to be sharing “some internal documents, data sheets [and] repair manuals”. 🌐 RansomEXX #ransomware team added Ferrari To the victim’s list 🚨…

Read More

Report: Big U.S. Banks Are Stiffing Account Takeover Victims

When U.S. consumers have their online bank accounts hijacked and plundered by hackers, U.S. financial institutions are legally obligated to reverse any unauthorized transactions as long as the victim reports the fraud in a timely manner. But new data released this week suggests that for some of the nation’s largest banks, reimbursing account takeover victims has become more the exception than the rule. The findings came in a report released by Sen. Elizabeth Warren (D-Mass.),…

Read More

Former CSO of Uber found guilty of covering up data breach

A federal jury has found Joe Sullivan, former CSO of Uber, guilty of covering up a data breach the company suffered in 2016.  The breach saw 57 million user’s information including full names, email addresses, telephone numbers and driver’s license numbers exposed, and led to Uber paying US$148,000 to settle civil litigation. Sullivan was convicted on October 5 of obstruction of proceedings of the Federal Trade Commission (FTC) and misprision of felony in connection with…

Read More

IOTW: Capital One hacker given probation following cyber attack

Paige Thompson, a former Amazon software engineer known by the online handle ‘erratic’ was sentenced to time served and five years’ probation for seven federal crimes. Thompson’s location and personal computer will also be monitored.  The sentencing was related to her hacks into a number of cloud accounts for both individuals and companies, including the bank Capital One. During the hacks, Thompson stole data and computer power. At the trial, she was found guilty of…

Read More

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

A recent proliferation of phony executive profiles on LinkedIn is creating something of an identity crisis for the business networking site, and for companies that rely on it to hire and screen prospective employees. The fabricated LinkedIn identities — which pair AI-generated profile photos with text lifted from legitimate accounts — are creating major headaches for corporate HR departments and for those managing invite-only LinkedIn groups. Some of the fake profiles flagged by the co-administrator…

Read More

Suspected Grand Theft Auto 6 hacker arrested by UK police

The person responsible for hacking into Rockstar Games, leaking gameplay and clips from the upcoming Grand Theft Auto 6 game, has been potentially identified and arrested by London police. The hacker, known as teapottuberhacker, was also allegedly responsible for an attack into rideshare platform Uber earlier this month, which saw the hacker take control of Uber’s systems and post a graphic image on the company’s internal sites. They are also said to be a member…

Read More

IOTW: Everything we know about the Optus data breach

Australian telecommunication company Optus suffered a devastating data breach on September 22 that has led to the details of 11 million customers being accessed. The information accessed includes customers’ names, dates of birth, phone numbers, email addresses, home addresses, driver’s license and/or passport numbers and Medicare ID numbers. Payment detail and account passwords were not compromised in the breach. Optus confirmed that it has now contacted all customers to notify them of the cyber-attack’s impact,…

Read More

Data breach sees Telstra employees’ details posted online

Australian telecommunications company Telstra revealed on Tuesday that it had been hit by a data breach that had revealed the details of 30,000 current and former employees. The details included employee’s first and last names and email addresses, and were posted on hacking forum Breached. This forum was also used to leak information obtained in the Optus hack. In a tweet, Telstra confirmed that the data leak “wasn’t a breach of any Telstra system” and…

Read More