Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
LastPass
Exploit: Hacking
LastPass: Software Company
Risk to Business: LastPass has experienced a second data breach. The company disclosed in its blog that hackers used information obtained in the August 2022 LastPass breach to access customer information in third-party cloud storage shared with its corporate partner GoTo. LastPass specified that customers’ passwords it stores were unaffected and remain safely encrypted. It is unclear as whether or not clients of GoTo and LogMeIn were affected by this incident. All the brands involved said that the incident is under investigation and LastPass specified that it has engaged Mandiant as part of that effort. No specifics as to what information was exposed were available at press time.
How it Could Affect Your Business: Multiple breaches in one year can cause customers to lose faith in a company.
U.S. Immigration and Customs Enforcement (ICE)
Exploit: Misconfiguration
U.S. Immigration and Customer Enforcement (ICE): Federal Government Agency
Risk to Small Business: Personal information about more than 6,000 potential immigrants applying for refuge from possible torture or political persecution in the U.S. was exposed by ICE in a misconfiguration error. The data breach was first discovered by immigrant advocacy group Human Rights First. After the group reported the problem to ICE the leak was quickly corrected, but not before information about people seeking refuge from countries around the world including China, Iran and Russia was left unprotected and available to anyone for more than five hours. The agency determined that the data had been exposed accidentally as part of a website update. Unfortunately, the availability of the information may have exposed threatened people to danger.
Individual Risk: In this incident, immigrants’ names, case status, detention locations, and other information was published on a page where ICE regularly publishes detention statistics.
How it Could Affect Your Business: This configuration error exposed very sensitive data and potentially put people at risk of harm.
Rackspace
Exploit: Ransomware
Rackspace: Cloud Solutions PRovider
Risk to Small Business: A ransomware attack forced Virginia-based cloud solutions provider Rackspace was forced to shut down its Hosted Exchange servers on December 2. The company disclosed that Rackspace’s Hosted Exchange service began experiencing problems on December 2 and told customers that the shutdown was the result of a security incident on December 3 that was later identified as ransomware. The company told customers to shift to Microsoft 365 for email services and is offering them free access. Rackspace gave no estimated timeline for the restoration of its Exchange services but cautioned customers that the outage was expected to be extended. A company statement said that the attack was confined to its Hosted Exchange servers. The incident is under investigation but Rackspace said that it is too early to tell if any data was accessed by the threat actors.
How it Could Affect Your Business: IT service providers have been experiencing extraordinarily high levels of ransomware as bad actors perpetrate supply chain attacks.
