Polyverse Weekly Breach Report – May26th 2020

May 26, 2020By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

EasyJet

The airline EasyJet announced a cyberattack that accessed the customer information of 9m people. The Guardian: https://www.theguardian.com/business/2020/may/19/easyjet-cyber-attack-customers-details-credit-card

 

DNS protocol

Researchers disclosed details of a new security flaw impacting DNS protocol. The Hacker News: https://thehackernews.com/2020/05/dns-server-ddos-attack.html

 

Sanix hacker

Ukrainian police arrested the hacker known as Sanix, who stole databases containing 773m email addresses. The Hacker News: https://thehackernews.com/2020/05/ukrainian-hacker-arrested.html

 

Natura

Brazilian cosmetics company Natura accidentally left a database of customer personal information publicly accessible online. The Hacker News: https://thehackernews.com/2020/05/natura-data-breach.html

 

Wishbone App

A hacker is selling 40m user records stolen from the popular polling app Wishbone. ZDNet: https://www.zdnet.com/article/hacker-selling-40-million-user-records-from-popular-wishbone-app/

 

Game Developers

Hackers target online game developers to profit from in-game currency and infect players with malware. DailyMail:

https://www.dailymail.co.uk/sciencetech/article-8345531/Hackers-target-developers-online-games-effort-infect-players-malware.html

 

Sophos

Sophos put out a patch to stop hackers’ attempts to deploy ransomware on enterprise networks protected by Sophos firewall devices. ZDNet:

https://www.zdnet.com/article/hackers-tried-and-failed-to-install-ransomware-using-a-zero-day-in-sophos-firewalls/

 

Sanix

Hacker “Sanix” was arrested for selling billions of hacked user credentials on hacker forums and Telegram channels. ZDNet:

https://www.zdnet.com/article/hacker-arrested-in-ukraine-for-selling-billions-of-stolen-credentials/

 

Satellite Traffic

A hacker used £270 of TV equipment to eavesdrop on satellite communications. CBROnline:

https://www.cbronline.com/news/satellite-hacking

 

Israeli Websites

Thousands of Israeli websites are down after what is suspected to be a massive Iranian cyberattack. CTECH:

https://www.calcalistech.com/ctech/articles/0,7340,L-3825492,00.html

 

General Elections Commission

Hackers broke into a database belonging to the General Elections Commission (KPU) of Indonesia, which compromised 2.3m citizen’s personal data. Tempo:

https://en.tempo.co/read/1345108/kpu-alleged-hacking-leaves-2-3-million-personal-data-compromised

 

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.