Weekly Breach Report – July 27th

Jul 27, 2020By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

Samsung

Since last month, older Samsung Blu-ray players stopped working because of a rogue XML file downloaded by the network-connected devices from Samsung servers. The Register: https://www.theregister.com/2020/07/18/samsung_bluray_mass_dieoff_explained/

University of York

Britain’s University of York disclosed a data breach that exposed staff and student records. ZDNet: https://www.zdnet.com/article/university-of-york-discloses-data-breach-staff-and-student-records-stolen/

Prometei botnet

Researchers discovered a new botnet exploiting the Windows SMB protocol to mine for cryptocurrency. ZDNet: https://www.zdnet.com/article/prometei-botnet-is-infecting-machines-to-mine-for-cryptocurrency/

More Chinese hacks

The U.S. charged two Chinese nationals in a coronavirus-vaccine hacking scheme. CNBC: https://www.cnbc.com/2020/07/21/us-charges-chinese-nationals-for-coronavirus-vaccine-hacking-scheme-other-crimes.html

Twitter

New information on last week’s Twitter breacher suggests that two hackers who spoke with The New York Times operated a service that resold access to Twitter employees’ accounts. Krebs on Security: https://krebsonsecurity.com/2020/07/twitter-hacking-for-profit-and-the-lols/

GEDmatch

This DNA-analysis site, which is often used by U.S. police, was taken offline after the parent company noticed a permission change caused by a data breach. Tech Crunch: https://techcrunch.com/2020/07/22/gedmatch-investigating-dna-profile-law-enforcement/

RISD

Rhode Island School of Design announced a data breach at a third-party company that held museum data. GoLocalProv: https://www.golocalprov.com/news/risd-announces-data-has-been-hacked-data-breach-and-attempted-ransomeware-a

Garmin

Garmin shut down several services because of a ransomware attack that encrypted its internal network and production systems. ZDNet: https://www.zdnet.com/article/garmin-services-and-production-go-down-after-ransomware-attack/

Dave.com

Digital-banking app Dave.com confirmed a hack that exposed the personal information of 7.5m users on a public forum. ZDNet: https://www.zdnet.com/article/tech-unicorn-dave-admits-to-security-breach-impacting-7-5-million-users/

New Orleans

The city is apparently only 80% recovered from a cyberattack in December 2019, and its public-contract database is still non-functional. The Lens: https://thelensnola.org/2020/07/20/despite-city-law-new-orleans-hasnt-had-public-contract-database-since-2019-cyber-attack/

Wattpad

This Toronto-based startup confirmed that it is investigating a data breach after researchers from Cyble found 270m user records for sale. BetaKit: https://betakit.com/wattpad-investigating-reported-massive-data-breach-of-user-records/

Free VPN apps

Researchers say they found an unsecured server shared by multiple VPNs containing the personal information of 20m users. The affected apps include UFO VPN, Fast VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN. Sydney Morning Herald: https://www.smh.com.au/national/data-breach-of-free-vpn-providers-exposes-details-of-millions-of-users-20200720-p55doq.html

Instacart

Instacart claimed it found no evidence of a data breach after customer data was found on the dark web. This statement follows a Buzzfeed News report that names and partial credit-card numbers belonging to Instacart customers were sold online. USA Today: https://www.usatoday.com/story/tech/2020/07/23/instacart-denies-widespread-data-breach-more-people-use-service/5493290002/

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.