Skip to main content

Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.

The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.

Twitch
Exploit
: Hacking
Twitch: Streaming Platform

Risk to Small Business: Leading streaming and gaming platform Twitch has been hacked. Source code for the company’s upcoming expansion to its streaming service, an unreleased Steam competitor from Amazon Game Studios, has appeared on message boards as well as data that details the terms and amounts of content creator payouts. Ann anonymous poster on the 4chan messaging board delivered the data in a 125GB torrent. That poster also claimed that the stream includes the entirety of Twitch and its commit history including the creator payouts, twitch.tv, source code for the mobile, desktop and video game console Twitch clients, code related to proprietary SDKs and internal AWS services used by Twitch, data on other Twitch properties like IGDB and CurseForge and, details about the AGS project and information about the platform’s internal security tools.

How it Could Affect Your Business: Data is of immense value to cybercriminals in the booming dark web data markets, and this data will appeal to many different cybercriminal operations.

MoneyLion
Exploit
: Credential Stuffing
MoneyLion: Financial Services Platform 

Risk to Small Business: That old favorite credential stuffing makes an appearance this week with an attack on the financial services platform MoneyLion. The Utah-based fintech company provides mobile banking services for borrowing, saving, and investing money. MoneyLion informed customers that “an unauthorized outside party appears to have been attempting to gain access to your account on the application using an account password and/or possibly email address that appear to have been potentially compromised in a prior event”. The data breach notice outlined the attacks as taking place over the course of several weeks spanning June and July 2021. The company assured users that no information was stolen.   

How it Could Affect Your Business: Credential stuffing is a classic that is even easier these days thanks to the huge amount of data that includes huge batches of stolen passwords available on the dark web.

Next Level Apparel
Exploit
: Phishing
Next Level Apparel: Clothing Manufacturer

Risk to Small Business: Next Level Apparel, a US-based clothing manufacturer, has announced that several of its employee accounts were compromised in a phishing attack. In a press release late last week, the company noted that cybercriminals were able to access the contents of several employee email accounts at various times between February 17, 2021, and April 28, 2021, including viewing customer and employee PII although the company could not confirm that any data was stolen.    How it Could Affect Your Business: Cybercrime threat risk is bad enough without shooting yourself in the foot through sloppy IT practices.

How it Could Affect Your Business: More than 80% of reported security incidents in 2020 were phishing-related, making this the biggest cyberattack vector for every business.

Leave a Reply