Cyber breaches abound in 2019

Cyber breaches abound in 2019
https://techcrunch.com/2018/12/26/cyber-breaches-abound-in-2019/

News of high-profile cyber breaches has been uncharacteristically subdued in recent quarters.

Is this a harbinger of a worse hacking landscape in 2019?

The answer is unequivocally yes. No question, cyber breaches have been a gigantic thorn in the global economy for years. But expect them to be even more rampant in this new year 2019 as chronically improving malware will be deployed more aggressively on more fronts. Also  data-driven businesses simultaneously move into the “target zone” of cyber attacks.

On the cybersecurity side, a growing number of experts believe that multi-factor authentication will become the standard for all online businesses.

Here are links to some articles that can hopefully help you to handle your cyber security better:

Cybersecurity 101: Why you need to use a password manager
https://techcrunch.com/2018/12/25/cybersecurity-101-guide-password-manager/

Cybersecurity 101: Five simple security guides for protecting your privacy
https://techcrunch.com/2018/12/26/cybersecurity-101-security-guides-protect-privacy/

622 Comments

  1. Tomi Engdahl says:

    Millions of bank loan and mortgage documents have leaked online
    https://techcrunch.com/2019/01/23/financial-files/?sr_share=facebook&utm_source=tcfbpage

    Exclusive: The database included highly sensitive financial data on customers who have taken out loans with U.S. banks

    Reply
  2. Tomi Engdahl says:

    Zack Whittaker / TechCrunch:
    Researcher: 24M+ financial and banking documents, representing tens of thousands of loans and mortgages, were left exposed online by Texas-based firm Ascension — Exclusive: The database included highly sensitive financial data on customers who have taken out loans with U.S. banks

    https://techcrunch.com/2019/01/23/financial-files/

    Millions of bank loan and mortgage documents have leaked online
    Exclusive: The database included highly sensitive financial data on customers who have taken out loans with U.S. banks

    Reply
  3. Tomi Engdahl says:

    North Carolina Reintroduces Strict Data Breach Notification Law
    https://healthitsecurity.com/news/north-carolina-reintroduces-strict-data-breach-notification-law

    The proposed legislation would give all organizations just 30 days to report a breach to the state, while giving consumers more transparency into where their data lives.

    Reply
  4. Tomi Engdahl says:

    Confidential data of 14,200 people with HIV leaked online by deported American: MOH
    https://www.todayonline.com/singapore/confidential-information-14200-individuals-hiv-illegally-disclosed-online-moh?cid=emarsys-today_TODAY%27s%20evening%20briefing%20for%20Jan%2028,%202019%20%28ACTIVE%29_newsletter_28012019_today

    SINGAPORE — The confidential information of 14,200 individuals diagnosed with the human immunodeficiency virus (HIV) and over 2,000 others is in the hands of a deported American fraudster, and has been illegally disclosed online, said the Ministry of Health (MOH) on Monday (Jan 28).

    Reply
  5. Tomi Engdahl says:

    Hackers Are Passing Around a Megaleak of 2.2 Billion Records
    https://www.wired.com/story/collection-leak-usernames-passwords-billions/

    When hackers breached companies like Dropbox and LinkedIn in recent years—stealing 71 million and 117 million passwords, respectively—they at least had the decency to exploit those stolen credentials in secret, or sell them for thousands of dollars on the dark web. Now, it seems, someone has cobbled together those breached databases and many more into a gargantuan, unprecedented collection of 2.2 billion unique usernames and associated passwords and is freely distributing them on hacker forums and torrents, throwing out the private data of a significant fraction of humanity like last year’s phone book.

    Earlier this month, security researcher Troy Hunt identified the first tranche of that mega-dump, named Collection #1 by its anonymous creator, a patched-together set of breached databases Hunt said represented 773 million unique usernames and passwords. Now other researchers have obtained and analyzed an additional vast database called Collections #2–5, which amounts to 845 gigabytes of stolen data and 25 billion records in all.

    “This is the biggest collection of breaches we’ve ever seen,”

    Size Over Substance

    Despite its unthinkable size, which was first reported by the German news site Heise.de, most of the stolen data appears to come from previous thefts, like the breaches of Yahoo, LinkedIn, and Dropbox. WIRED examined a sample of the data and confirmed that the credentials are indeed valid, but mostly represent passwords from years-old leaks.

    But the leak is still significant for its quantity of privacy violation

    “For the internet as a whole, this is still very impactful.”

    Rouland notes that he’s in the process of reaching out to affected companies, and will also share the data with any chief information security officer that contacts him seeking to protect staff or users.

    Rouland speculates that the data may have been stitched together from older breaches and put up for sale, but then stolen or bought by a hacker who, perhaps to devalue an enemy’s product, leaked it more broadly.

    Reply
  6. Tomi Engdahl says:

    India’s largest bank SBI leaked account data on millions of customers
    https://techcrunch.com/2019/01/30/state-bank-india-data-leak/

    India’s largest bank has secured an unprotected server that allowed anyone to access financial information on millions of its customers, like bank balances and recent transactions.

    The server, hosted in a regional Mumbai-based data center, stored two months of data from SBI Quick, a text message and call-based system used to request basic information about their bank accounts by customers of the government-owned State Bank of India (SBI), the largest bank in the country and a highly ranked company in the Fortune 500.

    Reply
  7. Tomi Engdahl says:

    Airbus Suffers Data Breach, Some Employees’ Data Exposed
    https://thehackernews.com/2019/01/airbus-data-breach.html

    European airplane maker Airbus admitted yesterday a data breach of its “Commercial Aircraft business” information systems that allowed intruders to gain access to some of its employees’ personal information.

    Reply
  8. Tomi Engdahl says:

    Double exposure: 24 million loan records also exposed on open Amazon S3 bucket
    https://www.scmagazine.com/home/security-news/data-breach/double-exposure-24-million-loan-records-also-exposed-on-open-amazon-s3-bucket/

    The original mortgage and credit documents involved in the 24 million Elasticsearch data breach that was revealed earlier this week also have been found residing in an open Amazon S3 bucket by the cyber researcher behind the original discovery.

    Diachenko said the open S3 server is particularly inexcusable as these come with a preset password, but in this case it would appear someone went in and removed it leaving the data exposed.

    Reply
  9. Tomi Engdahl says:

    Four new caches of stolen logins put Collection #1 in the shade
    https://www.welivesecurity.com/2019/02/01/four-new-caches-of-stolen-logins-put-collection-1-in-the-shade/

    The recently discovered tranches of stolen login credentials freely floating around the internet total 2.2 billion records

    Reply
  10. Tomi Engdahl says:

    Chinese facial recognition company left database of people’s locations exposed
    https://www.cnet.com/news/chinese-facial-recognition-company-left-database-of-peoples-location-exposed/

    There were more than 6.8 million records from the last 24 hours alone that anyone could access.

    A Chinese facial recognition company left its database exposed online, revealing information about millions of people, a security researcher discovered.

    SenseNets, a company based in Shenzhen, China, offers facial recognition technology and crowd analysis, which the company boasted in a promotional video could track people across cities and pick them out in large groups.

    But the company failed to protect that database with a password

    From the last 24 hours alone, there were more than 6.8 million locations logged, Gevers said. Anyone would be able to look at these records and track a person’s movements based on SenseNets’ real-time facial recognition.

    Reply
  11. Tomi Engdahl says:

    Chinese company leaves Muslim-tracking facial recognition database exposed online
    https://www.zdnet.com/article/chinese-company-leaves-muslim-tracking-facial-recognition-database-exposed-online/

    Researcher finds one of the databases used to track Uyghur Muslim population in Xinjiang.

    Reply
  12. Tomi Engdahl says:

    Hackers Wipe VFEmail Servers, May Shut Down After Catastrophic Data Loss
    https://www.bleepingcomputer.com/news/security/hackers-wipe-vfemail-servers-may-shut-down-after-catastrophic-data-loss/

    The U.S. servers of privacy-focused e-mail provider VFEmail were hacked into on February 11 and all the data was destroyed, on both the main and the backup systems.

    According to VFEmail’s owner, the hackers did not leave a ransom note and, given the extent of the destruction, the service will most likely go offline to never return.

    Reply
  13. Tomi Engdahl says:

    Up to 100,000 Reported Affected in Landmark White Data Breach
    https://www.darkreading.com/threat-intelligence/up-to-100000-reported-affected-in-landmark-white-data-breach/d/d-id/1333859

    Australian property valuation firm Landmark White exposed files containing personal data and property valuation details.

    Reply
  14. Tomi Engdahl says:

    500px photo-sharing site says it was hacked in 2018
    https://www.cnet.com/news/500px-photo-sharing-site-reveals-2018-hack/

    Hack last summer exposed all usernames and hashed passwords, but not credit card information.

    Reply
  15. Tomi Engdahl says:

    Indecent disclosure: Gay dating app left “private” images, data exposed to Web (Updated)
    Online-Buddies was exposing its Jack’d users’ private images and location; disclosing posed a risk.
    https://arstechnica.com/information-technology/2019/02/indecent-disclosure-gay-dating-app-left-private-exposed-to-web/

    Reply
  16. Tomi Engdahl says:

    Germany just deleted Facebook
    https://boingboing.net/2019/02/07/zuckerbackpfeifengesicht.html

    Germany’s Federal Cartel Office (Bundeskartellamt, the country’s antitrust regulator) has ruled that Facebook can’t combine user data aggregated from different sources (Facebook usage data, data from pages with Facebook Like buttons, data purchased from third parties, etc), because users can’t reasonably anticipate the way these different datastreams might be combined, nor the kinds of inferences that could be gleaned thereby.

    Reply
  17. Tomi Engdahl says:

    Hacker who stole 620 million records strikes again, stealing 127 million more
    https://techcrunch.com/2019/02/14/hacker-strikes-again/?utm_source=tcfbpage&sr_share=facebook

    A hacker who stole close to 620 million user records from 16 websites has stolen another 127 million records from eight more websites, TechCrunch has learned.

    Reply
  18. Tomi Engdahl says:

    2,7 miljoner inspelade samtal till 1177 Vårdguiden helt oskyddade på internet
    https://computersweden.idg.se/2.2683/1.714787/inspelade-samtal-1177-vardguiden-oskyddade-internet

    Computer Sweden avslöjar: alla telefonsamtal som ringts till 1177 sedan 2013 och som tagits emot av vårdentreprenören Medicall har legat helt öppet som ljudfiler på en oskyddad webbserver.

    Reply
  19. Tomi Engdahl says:

    India’s state gas company leaks millions of Aadhaar numbers
    https://tcrn.ch/2SKFkjF

    Reply
  20. Tomi Engdahl says:

    Another day, another information leak an now very relevant to topic on this group now reported by Computer Sweden: voice data from 2.7 million telephone calls on open public server for anyone to access. This was collection of all calls made to public health help line in Sweden starting from 2013 so contain health information. Many file names had caller telephone number in their name. Companies involved said this is not technically possible and this looks like a disaster…

    2,7 miljoner inspelade samtal till 1177 Vårdguiden helt oskyddade på internet
    https://computersweden.idg.se/2.2683/1.714787/inspelade-samtal-1177-vardguiden-oskyddade-internet

    “Mahdoton” tietovuoto: 2,7 miljoonaa terveysneuvonnan puhelutallennetta avoimella palvelimella
    https://www.tivi.fi/Kaikki_uutiset/mahdoton-tietovuoto-2-7-miljoonaa-terveysneuvonnan-puhelutallennetta-avoimella-palvelimella-6758802

    Reply
  21. Tomi Engdahl says:

    ZDNet:”As reported by the South China Morning Post, some of Taiwan’s most sensitive military sites have been revealed publicly through the update, which included new three-dimensional renditions of Taipei, New Taipei, Taoyuan, and Taichung.”

    https://www.zdnet.com/article/google-maps-update-accidentally-reveals-secret-military-sites/

    Reply
  22. Tomi Engdahl says:

    Hacker puts up for sale third round of hacked databases on the Dark Web
    https://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/

    Hacker is selling 93 million user records from eight companies, including GfyCat.

    Reply
  23. Tomi Engdahl says:

    Dow Jones’ watchlist of 2.4 million high-risk individuals has leaked
    https://techcrunch.com/2019/02/27/dow-jones-watchlist-leak/

    A watchlist of risky individuals and corporate entities owned by Dow Jones has been exposed, after a company with access to the database left it on a server without a password.

    Bob Diachenko, an independent security researcher, found the Amazon Web Services-hosted Elasticsearch database exposing more than 2.4 million records of individuals or business entities.

    Reply
  24. Tomi Engdahl says:

    Armor Games admits all its users’ deets slurped in database mega-hack as site moves to repair chink
    We were caught in hack that bled 617 million online accounts
    https://www.theregister.co.uk/2019/03/04/armor_games_breach_disclosure/

    Reply
  25. Tomi Engdahl says:

    Armor Scientific Emerges From Stealth With Wearable Authentication Solution
    https://www.securityweek.com/armor-scientific-emerges-stealth-wearable-authentication-solution

    California-based Armor Scientific this week announced that it has emerged from stealth mode with an identity and authentication platform that combines wearable hardware and patent-pending middleware components.

    Reply
  26. Tomi Engdahl says:

    Hackers Sell Access to Bait-and-Switch Empire
    https://krebsonsecurity.com/2019/03/hackers-sell-access-to-bait-and-switch-empire/

    Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S. consumers, including DMV and arrest records, genealogy reports, phone number lookups and people searches. In an ironic twist, the marketing empire that owns the hacked online properties appears to be run by a Canadian man who’s been sued for fraud by the U.S. Federal Trade Commission, Microsoft and Oprah Winfrey, to name a few.

    Reply
  27. Tomi Engdahl says:

    Open MongoDB Databases Expose Chinese Surveillance Data
    https://www.bleepingcomputer.com/news/security/open-mongodb-databases-expose-chinese-surveillance-data/

    18 MongoDB databases with information generated by accounts on several online social services in China have been sitting on the web ready for plucking by anyone knowing where to look.

    It appears that they are part of a country-wide surveillance program that collects profile-related data (names, ID numbers, and photos) along with GPS locations, network info, public and private conversations, and file exchanges.

    Huge amounts of profile data processed daily

    People reading the thread were able to identify “wxmsg” as the WeChat voice and text application.

    Reply
  28. Tomi Engdahl says:

    Dow Jones Watchlist Found Exposed to Open Internet
    https://www.securityweek.com/dow-jones-watchlist-found-exposed-open-internet

    The Dow Jones Watchlist, a dataset of 4.4 Gigabytes, was found exposed in an unprotected Elasticsearch database on an AWS server. The Watchlist is used by many of the world’s largest organizations as part of their due diligence for both large and small contracts and transactions. While it contains the financial status of companies, it also includes sensitive information about individuals.

    Reply
  29. Tomi Engdahl says:

    Lily Hay Newman / Wired:
    Researchers find unprotected database owned by an email validation company with 150 GB of plaintext marketing data, including 763M unique email addresses — Last week, security researchers Bob Diachenko and Vinny Troia discovered an unprotected, publicly accessible MongoDB database containing …

    An Email Marketing Company Left 809 Million Records Exposed Online
    https://www.wired.com/story/email-marketing-company-809-million-records-exposed-online/

    By this point, you’ve hopefully gotten the message that your personal data can end up exposed in all sorts of unexpected internet backwaters. But increased awareness hasn’t slowed the problem. In fact, it’s only grown bigger—and more confounding.

    Last week, security researchers Bob Diachenko and Vinny Troia discovered an unprotected, publicly accessible MongoDB database containing 150 gigabytes of detailed, plaintext marketing data—including 763 million unique email addresses. The pair are going public with their findings today. The trove is not only massive but also unusual; it contains data about individual consumers as well as what appears to be “business intelligence data,” like employee and revenue figures from various companies.

    “Companies have email lists and want to start emailing them, but they’re not sure how valid they are,” says Troia, who founded the firm Night Lion Security. “So they go to a company that will essentially send out spam.”

    Reply
  30. Tomi Engdahl says:

    Iranian hackers ransack Citrix, make off with 6TB+ of emails, biz docs, internal secrets
    https://www.theregister.co.uk/2019/03/08/citrix_hacked_data_stolen/

    Remote-desktop giant ‘among more than 200 govt agencies, oil, gas, tech corps’ hit by cyber-gang

    Citrix today warned its customers that foreign hackers romped through its internal company network and stole corporate secrets.

    Reply
  31. Tomi Engdahl says:

    More than billion records exposed online by email validation biz Verifications.io
    https://securityaffairs.co/wordpress/82195/data-breach/verifications-io-data-leak.html

    A new mega data leak made the headlines, an unprotected MongoDB database (150GB) belonging to a marketing company exposed up to 809 million records. The archive includes 808,539,849 records containing:

    emailrecords = 798,171,891 records
    emailWithPhone = 4,150,600 records
    businessLeads = 6,217,358 records
    Initially, it was discovered only an unprotected database, but the situation is worse than initially thought because cyber security firm Dynarisk announced that there were four databases exposed online.

    “As a result, 2,069,145,043 records (made up of both individual consumers and businesses) have been leaked, accessible to anyone with the know-how to find it.” reads the post published by Dynarisk.

    Reply
  32. Tomi Engdahl says:

    2 Billion Unencrypted Records Leaked In Marketing Data Breach — What Happened And What To Do Next
    https://www.forbes.com/sites/daveywinder/2019/03/10/2-billion-unencrypted-records-leaked-in-marketing-data-breach-what-happened-and-what-to-do-next/#55a7258e6b0d

    Troy Hunt’s ‘have i been pwned?‘ service informed me that 763,117,241 people have had their records leaked by Verifications IO: including verified emails, phone numbers, addresses, dates of birth, Facebook, LinkedIn and Instagram account details, credit scoring and even mortgage data such as amount owing and interest rates being charged. Which wasn’t the best news to receive first thing on a Sunday morning. But then things got even worse, a lot worse. SC Media UK reports that Andrew Martin, CEO & founder of cybersecurity company DynaRisk, has revealed the true number of leaked records is much higher. How much higher? How does a total of 2,069,145,043 unencrypted records grab you?

    So, what actually happened?

    According to Bleeping Computer an unprotected MongoDB database was discovered by security researcher Bob Diachenko.

    This company validates bulk email lists for companies wanting to remove inactive addresses from newsletter mailouts.

    Bob Diachenko, says that “although not all records contained the detailed profile information about the email owner, a large amount of records were very detailed.”

    Should you be worried?

    Yes, of course you should. This was, after all, a massive leak of the kind of personal information that would be a goldmine for the phishers and spammers of this world. However, that concern can be diluted by a number of factors

    Reply
  33. Tomi Engdahl says:

    1.8M Chinese women deemed ‘BreedReady’ by creepy new database
    https://thenextweb.com/tech/2019/03/11/1-8m-chinese-women-deemed-breedready-by-creepy-new-database/

    An open database in China has been found to include the personal information of over 1.8 million women.

    It was discovered over the weekend by Victor Gevers, a Dutch internet expert from the non-profit group GDI.Foundation.

    Gevers’ Twitter thread also includes a screenshot of the database showing the youngest girl with “BreedReady” status is just 15 years old.

    The database, which was taken down late on Monday afternoon local time, includes women at the average age of 32. According to The Guardian, almost 90 percent of included entries were described “single” and 82 percent were listed as living in Beijing.

    Reply
  34. Tomi Engdahl says:

    That marketing email database that exposed 809 million contact records? Maybe make that two-BILLION-plus
    ‘This is a gigantic amalgamation of data all in one place’ expert tells El Reg
    https://www.theregister.co.uk/2019/03/08/verificationio_database_hole/

    Reply
  35. Tomi Engdahl says:

    Over two billion records exposed by email validation company
    https://blog.dynarisk.com/over-two-billion-records-exposed-by-email-validation-company/

    When GDPR regulations were enforced, many of us were left thinking that our data would finally be respected and used only as specifically outlined. But in one of the latest data leaks containing over two billion records, evidence shows we have a long way to go when it comes to regulating how our data is shared.

    Reply
  36. Tomi Engdahl says:

    Iranian-backed hackers ransacked Citrix, swiped 6TB+ of emails, docs, secrets, claims cyber-biz
    Remote-desktop giant ‘among more than 200 govt agencies, oil, gas, tech corps’ hit by gang
    https://www.theregister.co.uk/2019/03/08/citrix_hacked_data_stolen/

    Citrix today warned its customers that foreign hackers romped through its internal company network and stole corporate secrets

    Reply
  37. Tomi Engdahl says:

    Marriott CEO shares post-mortem on last year’s hack
    https://www.zdnet.com/article/marriott-ceo-shares-post-mortem-on-last-years-hack/#ftag=RSSbaffb68

    Marriott investigators found Mimikatz and a remote access trojan (RAT) on hacked Starwood IT system.

    Speaking in front of the Senate Committee on Homeland Security & Governmental Affairs Permanent Subcommittee on Investigations, Sorenson apologized to the company’s customers but also shot down rumors that China was behind the hack.

    According to Sorenson’s prepared statement and an update on the Starwood breach notification website, these are the latest stats surrounding the Marriott breach:

    383 million guest records
    18.5 million encrypted passport numbers
    5.25 million unencrypted passport numbers (663,000 from the US)
    9.1 million encrypted payment card numbers
    385,000 card numbers that were still valid at the time of the breach

    Reply
  38. Tomi Engdahl says:

    Zack Whittaker / TechCrunch:
    Researchers find Box enterprise cloud storage accounts leaking sensitive data like prices for donated body parts and backdoor passwords to city waterworks

    Dozens of companies leaked sensitive data thanks to misconfigured Box accounts
    https://techcrunch.com/2019/03/11/data-leak-box-accounts/

    Security researchers have found dozens of companies inadvertently leaking sensitive corporate and customer data because staff are sharing public links to files in their Box enterprise storage accounts that can easily be discovered.

    The discoveries were made by Adversis, a cybersecurity firm, which found major tech companies and corporate giants had left data inadvertently exposed. Although data stored in Box enterprise accounts is private by default, users can share files and folders with anyone, making data publicly accessible with a single link.

    In a blog post, Adversis said Box administrators should reconfigure the default access for shared links to “people in your company” to reduce accidental exposure of data to the public.

    Pandora’s Box: Another New Way to Leak All Your Sensitive Data
    https://www.adversis.io/research/pandorasbox

    Reply
  39. Tomi Engdahl says:

    Equifax Was Aware of Cybersecurity Weaknesses for Years, Senate Report Says
    https://www.securityweek.com/equifax-was-aware-cybersecurity-weaknesses-years-senate-report-says

    The massive Equifax data breach that impacted 148 million Americans in 2017 was the result of years of poor cybersecurity practices, a new Staff Report from the United States Senate’s Permanent Subcommittee on Investigations reveals.

    Reply
  40. Tomi Engdahl says:

    Georgia County Criticized Over $400K Ransomware Payment
    https://www.securityweek.com/georgia-county-criticized-over-400k-ransomware-payment

    Jackson County, Georgia is just a little over 60 miles from the City of Atlanta. In March 2018, Atlanta was struck by a major ransomware attack. In March 2019, Jackson County suffered its own ransomware attack. Both attacks were successful targeted attacks — but that’s about all they have in common.

    Atlanta chose not to pay the ransom
    The Atlanta ransom was set at a little over $50,000 (not paid).
    The Jackson County ransom, thought to be paid, was $400,000.

    County officials started noticing problems on March 1, 2019. By the end of the weekend they were in serious trouble. On Tuesday, March 5 they went public; and on Wednesday, March 6 they posted, “At this time all County email services are down,” on Facebook. On that day, Sheriff Janis Mangum told StateScoop, “Everything we have is down.” But very little else was known.

    Reply
  41. Tomi Engdahl says:

    Data Provenance – Unintended Consequences of Multiple Data Breaches
    https://pentestmag.com/data-provenance-unintended-consequences-of-multiple-data-breaches/

    The results of the multiple data breaches and compromised identity data, free flowing within the vast digital ecosystem has created a data provenance problem. One that will be have a great impact on individuals, as such data makes its way into the data supply chain.

    When the compromised data enters the regular supply chain without any proper vetting, it will be aggregated and used by a number of organizations, giving it validity. Once in the supply process it will be consumed by algorithms to make data driven and actionable decisions

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*