Weekly Breach Report – September 14th

Sep 14, 2020By Shaina Raskin

Weave Scope

Hackers are using Weave Scope software, which is a visualization and monitoring tool for Docker and Kubernetes, to map their victims’ cloud environments and then execute system commands without deploying malicious code on the target server. The Hacker News: https://thehackernews.com/2020/09/cloud-monitoring.html


Service NSW

Service NSW, a government agency in New South Wales, Australia, announced that a cyberattack earlier this year led to the theft of 186,000 customers’ data. ZDNet: https://www.zdnet.com/article/service-nsw-reveals-738gb-of-customer-data-was-stolen-during-email-breach/


Tower Semiconductor

This Israeli specialty microchip foundry halted some of its operations after experiencing a cyberattack. EE News Europe: https://www.eenewseurope.com/news/cyber-attack-hits-tower


Digital Point

Digital Point, a “webmaster community,” accidentally leaked 800,000 customer records. ZDNet: https://www.zdnet.com/article/webmaster-forum-database-exposed-data-of-800000-users/



This cryptocurrency exchange disclosed a security breach in which hackers stole the equivalent of $5.4m in cryptocurrencies. The Hacker News: https://thehackernews.com/2020/09/hackers-stole-cryptocurrencies.html


NorthShore University HealthSystem

This Chicago-area non-profit healthcare-delivery system said that about 348,000 people may have been exposed in a breach involving one of its vendors earlier this year. ChicagoTribune:



Fancy Bear hackers

Microsoft says this state-sponsored Russian hacking group has attacked hundreds of organizations tied to the upcoming election over the past year. Wired:



Fairfax County schools

Maze, a hacking group, has broken into Fairfax County Public Schools’ computer network and says it is holding personal information for ransom. NBC:



Banco del Estado de Chile

This bank closed all its branches because of a cyberattack that originated from a malware-infected Microsoft Office document. Business Insurance: https://www.businessinsurance.com/article/20200909/STORY/912336528/Bank-shuts-down-all-branches-after-cyber-attack#



A misconfigured Elasticsearch cloud cluster potentially exposed the personal information of 100,000 of this gaming company’s customers. Threatpost: https://threatpost.com/razer-gaming-fans-data-leak/159147/

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.