Weekly Breach Report – January 11th 2021

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

Ticketmaster/CrowdSurge

Ticketmaster was fined $10m after being charged with hacking rival CrowdSurge to gain a competitive advantage. The Hacker News: https://thehackernews.com/2021/01/ticketmaster-to-pay-10-million-fine-for.html

Voyager

This cryptocurrency broker experienced a cyberattack that forced its systems offline and left its customers unable to trade. Latest Hacking News: https://latesthackingnews.com/2021/01/03/voyager-cryptocurrency-broker-suffered-brief-outage-following-cyber-attack/

ElectroRAT malware

Researchers discovered a scam targeting cryptocurrency users on multiple operating systems, including Windows, Linux and macOS. The Hacker News:https://thehackernews.com/2021/01/warning-cross-platform-electrorat.html

Healthcare industry

Cyberattacks against healthcare organizations have increased by 45% since November 2020, double the rate of increase in attacks across all industry sectors during the same time period. The Hacker News: https://thehackernews.com/2021/01/healthcare-industry-witnessed-45-spike.html

Fake “Trump scandal” video

Hackers are distributing a remote-access Trojan inside a video purporting to show a scandal involving President Trump. The Hacker News: https://thehackernews.com/2021/01/hackers-using-fake-trumps-scandal-video.html

WhatsApp

If users do not agree to share their WhatsApp data with Facebook (which owns the messaging app), their accounts will be disabled on February 8th 2021. The Hacker News: https://thehackernews.com/2021/01/whatsapp-will-delete-your-account-if.html

Vancouver Metro

One month after Vancouver, Canada’s, Translink experienced a ransomware attack, the public-transportation agency warned staff that hackers had accessed their bank-account details and other personal information. Hot for Security: https://hotforsecurity.bitdefender.com/blog/one-month-after-ransomware-attack-metro-vancouvers-transit-system-still-not-up-to-speed-25014.html

EXMO

This UK cryptocurrency exchange announced that it had suffered a cyberattack after spotting suspicious activity where hackers accessed client accounts and withdrew large sums. Graham Cluley: https://grahamcluley.com/uk-cryptocurrency-exchange-exmo-suffers-breach-funds-stolen/

JetBrains

American intelligence agencies and cybersecurity vendors are looking into the role software-company JetBrains may have had in the massive SolarWinds hack. The New York Times: https://www.nytimes.com/2021/01/06/us/politics/russia-cyber-hack.html

SolarWinds: federal agencies

More federal agencies are publicly acknowledging the impact of the SolarWinds attack on their systems. Fedscoop: https://www.fedscoop.com/solarwinds-recap-federal-agencies-caught-orion-breach/

RokRat Trojan

North Korean hackers are deploying the RokRat Trojan in a spear-phishing campaign targeting the government of South Korea. The Hacker News: https://thehackernews.com/2021/01/alert-north-korean-hackers-targeting.html

Ezuri

Malware creators are using the widely available Ezuri crypter and memory-loader to make their code undetectable by antivirus products. Bleeping Computer:https://www.bleepingcomputer.com/news/security/linux-malware-authors-use-ezuri-golang-crypter-for-zero-detection/

Juspay

A data breach on this Indian payments-processing platform left customer payment-card details exposed on the dark web. Money Control: https://www.moneycontrol.com/news/business/juspay-incident-shows-urgent-need-for-data-protection-laws-data-breach-reporting-guidelines-6307811.html

Nissan North America

Researchers discovered source code for Nissan’s mobile apps and internet tools online due to a misconfigured Git server. Industry Week: https://www.industryweek.com/technology-and-iiot/article/21151660/data-leak-hits-nissan-north-america

Hackney Council 

A cyberattack against this London borough council occurred in October 2020. The hackers recently published the stolen information on the dark web. ZDNet: https://www.zdnet.com/article/months-after-this-serious-cyber-attack-stolen-data-has-been-leaked-online-by-hackers/

Delaware County, PA

The Chief Information Officer of this Pennsylvania county revealed that county officials paid a ransom to have their services restored after a cyberattack last year. Delco Times: https://www.delcotimes.com/news/delco-details-cyber-attack-admits-paying-ransom/article_ad004688-5131-11eb-b7de-9718a8745797.html

Dassault Falcon Jet

Dassault Falcon Jet, a US subsidiary of French aerospace Dassault Aviation, disclosed a data breach that may have exposed current and former employees’ personal information. Bleeping Computer: https://www.bleepingcomputer.com/news/security/dassault-falcon-jet-reports-data-breach-after-ransomware-attack/

Ambulance Tasmania, Australia

A data breach at Tasmania’s Health department exposed the reports of anyone who called the State’s ambulance services since November 2020. The data was published online and includes HIV status, gender, age and address. Star Observer: https://www.starobserver.com.au/news/tasmania-health-data-breach-sees-patient-hiv-status-published-online/199862

Like the report? Sign up below and get it in your inbox.