Weekly Breach Report – Jun 15th

Jun 15, 2020By Shaina Raskin


A snapshot of last week’s reported cybersecurity breaches and vulnerabilities


The Indian government announced that it had addressed a critical security vulnerability in secure document wallet service Digilocker. The Hacker News:https://thehackernews.com/2020/06/aadhar-digilocker-hacked.html


Emergency Services

Hackers belonging to the Magecart group are leveraging misconfigured AWS S3 buckets to drop malware into emergency service-related websites. The Hacker News: https://thehackernews.com/2020/06/magecart-skimmer-amazon.html


BellTroX InfoTech Services

An Indian IT company targeted government officials in Europe as well as investors in the United States via a range of cybersecurity attacks. Reuters:https://www.reuters.com/article/us-india-cyber-mercenaries-exclusive-idUSKBN23G1GQ



Researchers released a new security bug known as CrossTalk that impacts Intel’s mobile, desktop and server CPUs. https://www.zdnet.com/article/new-crosstalk-attack-impacts-intels-mobile-desktop-and-server-cpus/



As a result of a continuing investigation, Nintendo almost doubled its estimate of the number of user accounts compromised by hackers from 160,000 to 300,000. TechCrunch: https://techcrunch.com/2020/06/09/nintendo-accounts-affected-breach/


Babylon Health

Babylon, a British telehealth start-up, confirmed that a “software error” in an audio and video feature caused a “small number” of UK users to see other users’ sessions. TechCrunch:



Fitness Depot

Canadian retailer Fitness Depot told customers that their personal and financial information was stolen following a breach that affected the company’s e-commerce platform last month. Bleeping Computer:




The Japanese car maker announced that a cyberattack had disrupted internal networks and brought some of its global assembly plants to a standstill. BBC: https://www.bbc.com/news/technology-52982427


Florence Alabama

In May, KrebsOnSecurity alerted local-government officials in Florence, Alabama, that hackers had broken into their IT systems — a warning that was ignored. Last Friday, the hackers deployed ransomware and demanded $300,000 in Bitcoin. KrebsOnSecurity: https://krebsonsecurity.com/2020/06/florence-ala-hit-by-ransomware-12-days-after-being-alerted-by-krebsonsecurity/


Facebook Messenger for Windows

Researchers disclosed details of a vulnerability in Facebook Messenger for Windows. The Hacker News: https://thehackernews.com/2020/06/facebook-malware-persistence.html 



This Australian beverage company announced that a cyberattack had taken systems offline, and the company is still recovering from the attack. Food and Drink Business: https://www.foodanddrinkbusiness.com.au/news/lion-hit-by-cyber-attack


Enel Group

This European energy company experienced a ransomware attack that impacted its internal network. BleepingComputer: https://www.bleepingcomputer.com/news/security/power-company-enel-group-suffers-snake-ransomware-attack/


City of Knoxville 

The city of Knoxville shut down its entire computer network after a ransomware attack targeted city offices. BleepingComputer: https://www.bleepingcomputer.com/news/security/city-of-knoxville-shuts-down-network-after-ransomware-attack/


Windows 10

Windows 10 admins are reporting that Microsoft’s most recent “Patch Tuesday” updates caused problems with a range of enterprise printers. ZDNet:https://www.zdnet.com/article/windows-10-printer-mystery-more-complain-june-patch-tuesday-is-causing-havoc/


Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.