Polyverse Weekly Breach Report

breach_report

A snapshot of last week’s reported breaches and vulnerabilities

Tomorrowland festival
Hackers accessed the data of 64,000 Tomorrowland music-festival attendees who attended the event in 2014. The information accessed included names, addresses, age, postcodes and genders. To read more: https://www.scmagazine.com/home/security-news/data-breach-compromises-64000-tomorrowland-festival-attendees/

Radisson Hotel Group
The Radisson Hotel Group fell victim to a data breach impacting members of the company’s loyalty and rewards program. The compromised information included names, physical addresses, countries of residence, email addresses and more. To read more: https://www.zdnet.com/article/radisson-hotel-group-chain-suffers-data-breach/

Cisco
A zero-day vulnerability has hit products running Cisco’s Adaptive Security Appliance and Firepower Threat Defense software. The vulnerability has been exploited in the wild and no patches are yet available. To read more: https://www.zdnet.com/article/cisco-zero-day-exploited-in-the-wild-to-crash-and-reload-devices/

Arik Air
An exposed Amazon S3 bucket caused a leak of customer data belonging to Nigerian airline Arik Air. The bucket was discovered on September 6th, and the files contained more than 80,000 rows of data. To read more: https://www.zdnet.com/article/nigerian-airline-arik-air-may-have-leaked-customer-data/

Girl Scouts of the USA
The Orange County, CA branch of the Girl Scouts was hacked, and personal information of thousands of members potentially exposed. To read more: https://threatpost.com/girl-scouts-issues-data-breach-warning-to-2800-members/138640/

Intel CPUs
Intel processors have been impacted by a new vulnerability that enables attackers to leak encrypted data from the CPU’s internal processes. The side-channel attack is known as PortSmash. To read more: https://www.zdnet.com/article/intel-cpus-impacted-by-new-portsmash-side-channel-vulnerability/

Facebook
Hackers have apparently compromised at least 81,000 Facebook users’ private messages. Facebook, by contrast, said its security had not been compromised. To read more: https://www.bbc.com/news/technology-46065796

Government malware
A US government network was infected with malware because of one employee’s “extensive history” of watching porn on his work computer. Investigators found that his Android cell phone was also infected with malware. To read more: https://techcrunch.com/2018/10/29/porn-sites-blamed-after-government-network-infected-malware/

Austal
This Australian shipbuilder and defense contractor revealed a data breach and extortion attempt, but insisted it had no intention of acceding to the demands. Some staff email addresses and phone numbers were exposed during the breach. To read more: https://www.zdnet.com/article/australian-shipbuilder-defense-contractor-reveals-data-breach-extortion-demands/

Eurostar
This European train-service operator is advising customers to reset their passwords after it detected a systems hack. The company sent an email to customers warning that it had identified an “unauthorized automated attempt to access Eurostar accounts using your email address and passwords.” To read more: https://www.theinquirer.net/inquirer/news/3065550/eurostar-warns-customers-to-change-passwords-after-suffering-data-breach

Reported Vulnerabilities

Bleedingbit
A new set of zero-day vulnerabilities called Bleedingbit could expose enterprises to remote code-execution attacks worldwide. The targeted Bluetooth Low Energy (BLE) chips are used in millions of Cisco, Meraki and Aruba wireless access points. To read more: https://www.zdnet.com/article/new-bleedingbit-zero-day-vulnerabilities-impact-majority-of-enterprises-at-the-chip-level/

Telecrane
A connected construction crane from Asia’s Telecrane has a vulnerability that would enable an attacker to intercept its communications and take over the equipment. To read more: https://threatpost.com/iot-flaw-allows-hijacking-of-connected-construction-cranes/138648/

Kitronik
Kitronik, a British maker of electronic-project kits, says a recent data breach impacting its online shoppers is the work of Magecart. This payment-card-skimming malware was operating on Kitronik’s website from August to September this year. To read more: https://www.zdnet.com/article/magecart-claims-fresh-victim-in-kitronik/

Want to learn more?

Sign up below and receive these reports and more directly in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.