The latest Hacks, Attacks and Breaches cybersecurity news update is here to give you what you need to stay informed, each week.
Read the top cybersecurity stories this week to keep up with hacking, computer security, ransomware and other cybersecurity threats. Here’s what’s in store for 09/06/23 – 09/12/23 on #HacksAttacksBreaches:
- Ransomware leads to sensitive military data exposure in the UK
- MGM Resorts across the US are knocked out indefinitely from a cyberattack
- An IBM system used by Johnson & Johnson experienced a breach resulting in stolen personal health data
If you missed last’s week’s news, read Hacks, Attacks and Breaches: Forever Under Attack.
MGM Resorts
Exploit: Hacking
MGM Resorts: Hotel & Casino Operator
Risk to Business: Extreme
MGM Resorts, operator of hotels like the MGM Grand in Las Vegas, has announced that it is experiencing a cyberattack that drastically impedes its business. Major systems are impacted at its hotels and casinos as well as online, including its main website, online reservations, and in-casino services, like ATMs, slot machines and credit card machines. Some guests reported problems with room keys. MGM said that the attack began on September 10, and systems remained down as of September 11.
How it Could Affect Your Customers’ Business: This is a huge, expensive disaster for MGM with this cyberattack not only impacting their hotel business but their casinos too.
Johnson & Johnson
Exploit: Misconfiguration
Johnson & Johnson: Pharmaceutical Company
Risk to Business: Severe
Pharma and medtech conglomerate Johnson & Johnson has experienced a data breach that impacts consumers who use its CarePath platform. IBM, the developer of the platform, notified customers that their data may have been accessed by unauthorized parties after the pharma giant discovered an exploitable flaw. IBM fixed the problem and investigated the incident. That investigation showed that bad actors had snatched data from users who enrolled before July 2023. The stolen data includes a user’s full name, contact information, date of birth, health insurance information, medication information and medical condition information. IBM is offering a free year of credit monitoring to those who may be affected by the incident.
How it Could Affect Your Customers’ Business: Companies need to be prepared for a supply chain or third-party data breach.
Sabre
Exploit: Ransomware
Sabre: Travel Booking Platform
Risk to Business: Severe
Major travel booking platform Sabre has experienced a data breach caused by a ransomware attack. The Dunghill Leak ransomware group claimed responsibility for the attack. The gang said on its dark web leak site that it had stolen 1.3 terabytes of data, including databases on ticket sales and passenger turnover, employees’ personal data and corporate financial information. The group posted several screenshots as proof of the July 2023 hack. Some included passport images, employee records and tax forms. The incident is under investigation.
How it Could Affect Your Customers’ Business: Companies that hold a wide variety of data like personal data and financial data are very attractive targets.
Freecycle
Exploit: Hacking
Freecycle: Consumer Goods Exchange Platform
Risk to Business: Moderate
Freecycle, a nonprofit organization that enables members to exchange reusable items to prevent them from ending up in landfills, has disclosed a data breach that may impact seven million people. The company said that some user data was stolen in the attack including usernames, User IDs, email addresses and passwords. Freecycle said that it became aware of the data breach on August 30, 2023, although its data has been available on the dark web since May 2023.
How it Could Affect Your Customers’ Business: It’s not a good look for organizations to not discover that their data is available on the dark web for months.
United Kingdom – Zaun
Exploit: Ransomware
Zaun: Fencing Manufacturer
Risk to Business: Severe
The LockBit ransomware gang is responsible for an August 2023 ransomware attack on UK fencing company Zaun that may have resulted in sensitive military data becoming exposed. The company, a contractor for The Ministry of Defense, said that the breach occurred through a Windows 7 PC that was running software for one of its manufacturing machines. Zaun says that nothing was encrypted but confirmed that LockBit has stolen some very sensitive data. Reports say that the group accessed information that could help bad actors access HMNB Clyde nuclear submarine base, Porton Down chemical weapons lab and a GCHQ listening post. Detailed drawings of other military sites and high-security prisons were also included among the stolen data. LockBit demanded payment by August 29. When that deadline passed, the gang began publishing data on its dark web leak site.
How it Could Affect Your Customers’ Business: A successful cyberattack or data security incident impacting a government contractor can have major repercussions.
Holland – NXP Semiconducors
Exploit: Hacking
NXP Semiconductors: Technology Manufacturer
Risk to Business: Moderate
Dutch semiconductor company NXP has informed customers that they may have had their personal information exposed in a data breach. The affected customers appear to have an online NXP account, which provides access to technical content and community support. The exposed data includes customers’ full names, email addresses, postal addresses, business phone numbers, mobile phone numbers, company names, job titles and descriptions and communication preferences. The hack occurred on July 11, 2023, and was discovered by NXP a few days later on July 14. It remains under investigation.
How it Could Affect Your Customers’ Business: Specialized information like job titles can help bad actors conduct more effective spear phishing operations.
Australia – Dymocks
Exploit: Hacking
Dymocks: Bookseller
Risk to Business: Severe
Dymocks, a venerable bookstore chain, has announced that it experienced a data breach that may impact 836k customers. The company discovered the hack after researchers informed it that its customer data had appeared on the dark web on September 6, 2023. The company said that it sees no intrusion of its own systems and contends that the data may have come from a third-party service provider. The exposed data includes a customer’s full name, date of birth, email address, postal address, gender and specialty membership details (gold expiry date, account status, account creation date, card ranking). The company says the incident has been reported to the relevant authorities and it remains under investigation.
How it Could Affect Your Customers’ Business: Companies can still be in for a world of trouble if their data is stolen from one of their service providers.
Australia – TissuPath
Exploit: Supply Chain Attack
TissuPath: Pathology Laboratory Chain
Risk to Business: Severe
TissuPath is investigating a data security incident that led to the exposure of sensitive health data going back a decade. The company says that the data was exposed due to one of its storage drives being illegally accessed by compromised user accounts at one of its service providers. TissuPath stressed that its main database and reporting system that stores patient diagnoses was not compromised. Stolen data includes scanned pathology request forms with information such as patient names, dates of birth, contact details, Medicare numbers and private health insurance details. The BlackCat/ALPHV group has claimed responsibility, claiming that it stole 446GB of data which has been published on the dark web.
How it Could Affect Your Customers’ Business: Supply chain risk has been steadily increasing for organizations, and they need take action now to mitigate it.
