Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Financial Data Breach. Show all posts
Zacks Investment Research breach
cybersecurity news Data Breach Financial Data Breach Zacks data leak Zacks Investment Research breach

Zacks Investment Research Faces Another Data Breach Impacting 12 Million Accounts

 

Zacks Investment Research reportedly suffered a data breach in 2024, exposing sensitive information from approximately 12 million accounts.

The American investment research firm provides data-driven insights through its proprietary stock assessment tool, ‘Zacks Rank,’ assisting investors in making informed financial decisions.

In late January, a threat actor posted data samples on a hacker forum, claiming the breach occurred in June 2024. The exposed data, available for purchase using cryptocurrency, includes full names, usernames, email addresses, physical addresses, and phone numbers. Despite multiple inquiries from BleepingComputer, Zacks has not responded to confirm the authenticity of the leaked data.

The hacker further claimed to have accessed the company’s active directory as a domain administrator and stolen the source code for Zacks.com and 16 other websites, including internal portals. Samples of the stolen source code were shared as proof of the breach.

The leaked database has now been listed on Have I Been Pwned (HIBP), a platform that allows users to check if their personal information has been compromised. HIBP verified that the database contained 12 million unique email addresses, IP addresses, usernames, physical addresses, phone numbers, and passwords stored as unsalted SHA-256 hashes.

However, approximately 93% of the email addresses found in the breach had already been exposed in previous leaks associated with Zacks or other platforms.

Zacks has not officially confirmed this latest breach. If verified, it would mark the company's third major data breach in four years.

  • January 2023: Zacks disclosed that hackers had infiltrated its networks between November 2021 and August 2022, compromising the personal data of 820,000 customers.
  • June 2023: HIBP verified another leaked database originating from Zacks. The breach affected 8.8 million users, exposing email addresses, usernames, unsalted SHA-256 passwords, physical addresses, phone numbers, and full names.
  • May 2020: Data from Zacks reportedly surfaced online, indicating an earlier security incident.

While no official confirmation has been issued, HIBP has verified the recent leak with a high degree of confidence, suggesting that the compromised data stems from a new security incident.
Read more »
Ransomwares
Company Breach Cyber Attacks Cybersecurity awareness Data Theft Financial Data Breach Hackers ransomware attacks Ransomwares

How to Prevent a Ransomware Attack and Secure Your Business

 

In today’s world, the threat of cyberattacks is an ever-present concern for businesses of all sizes. The scenario of receiving a call at 4 a.m. informing you that your company has been hit by a ransomware attack is no longer a mere fiction; it’s a reality that has affected several major companies globally. In one such instance, Norsk Hydro, a leading aluminum and renewable energy company, suffered a devastating ransomware attack in 2019, costing the company an estimated $70 million. This incident highlights the vulnerabilities companies face in the digital age and the immense financial and reputational toll a cyberattack can cause. 

Ransomware attacks typically involve hackers encrypting sensitive company data and demanding a hefty sum in exchange for decryption keys. Norsk Hydro chose not to pay the ransom, opting instead to rebuild their systems from scratch. Although this route avoided funding cybercriminals, it proved costly in both time and resources. The question remains, what can be done to prevent such attacks from occurring in the first place? The key to preventing ransomware and other cyber threats lies in building a robust security infrastructure. First and foremost, organizations should implement strict role-based access controls. By defining specific roles for employees and limiting access to sensitive systems based on their responsibilities, businesses can reduce the attack surface. 

For example, financial analysts should not have access to software development repositories, and developers shouldn’t be able to access the HR systems. This limits the number of users who can inadvertently expose critical systems to threats. When employees change roles or leave the company, it’s essential to adjust their access rights to prevent potential exploitation. Additionally, organizations should periodically ask employees whether they still require access to certain systems. If access hasn’t been used for a prolonged period, it should be removed, reducing the risk of attack. Another critical aspect of cybersecurity is the implementation of a zero-trust model. A zero-trust security approach assumes that no one, whether inside or outside the organization, should be trusted by default. 

Every request, whether it comes from a device on the corporate network or a remote one, must be verified. This means using tools like single sign-on (SSO) to authenticate users, as well as device management systems to assess the security of devices trying to access company resources. By making trust contingent on verification, companies can significantly mitigate the chances of a successful attack. Moreover, adopting a zero-trust strategy requires monitoring and controlling which applications employees can run on their devices. Unauthorized software, such as penetration testing tools like Metasploit, should be restricted to only those employees whose roles require them. 

This practice not only improves security but also ensures that employees are using the tools necessary for their tasks, without unnecessary exposure to cyber risks. Finally, no security strategy is complete without regular fire drills and incident response exercises. Preparing for the worst-case scenario means having well-documented procedures and ensuring that every employee knows their role during a crisis. Panic and confusion can worsen the impact of an attack, so rehearsing responses and creating a calm, effective plan can make all the difference. 

 Preventing cyberattacks requires a combination of technical measures, strategic planning, and a proactive security mindset across the entire organization. Business leaders must prioritize cybersecurity just as they would profitability, growth, and other business metrics. By doing so, they will not only protect their data but also ensure a safer future for their company, employees, and customers. The impact of a well-prepared security system is immeasurable and could be the difference between an incident being a minor inconvenience or a catastrophic event.
Read more »
Third-Party Risks
Bank Data Leak Customer Data Data Breach Data Leak Financial Data Breach Fintech Ransomware attack Third-Party Risks

Wise and Evolve Data Breach Highlights Risks of Third-Party Partnerships

 

Wise, a prominent financial technology company, recently disclosed a data breach impacting some customer accounts due to a ransomware attack on their former partner, Evolve Bank & Trust. The breach has raised significant concerns about the security of third-party partnerships, especially in financial services. From 2020 to 2023, Wise partnered with Evolve to provide USD account details for their customers. Last week, Evolve confirmed an attack attributed to the notorious ransomware group LockBit. 

The group leaked the data after the bank refused to pay the ransom. The breach underscores the precarious nature of relying on third-party companies for critical services and trusting their security measures. Evolve has not yet confirmed the specific personal information leaked. However, Wise has taken a transparent approach, confirming that the shared information included names, addresses, dates of birth, contact details, Social Security numbers (SSNs) or Employer Identification Numbers (EINs) for U.S. customers, and other identity document numbers for non-U.S. customers. 

Evolve’s initial investigation suggests that names, SSNs, bank account numbers, and contact information for most of their personal banking customers, as well as customers of their Open Banking partners, were affected. In response to the breach, Wise assured its customers that they no longer work with Evolve Bank & Trust. Currently, USD account details are provided by a different bank, emphasizing their commitment to security and customer trust. 

Wise has implemented additional security protocols and is collaborating with cybersecurity experts to understand the breach’s scope and fortify their defenses. Wise has proactively communicated with its customers, recommending precautionary steps such as changing passwords, enabling two-factor authentication, and monitoring account activity for any suspicious transactions. They have also provided resources and support to help customers protect their information. The breach has heightened concerns among customers regarding the security of their personal and financial information. 

Despite the challenges posed by the breach, Wise’s proactive approach and transparent communication have helped reassure customers. The company continues to work closely with cybersecurity experts to enhance their defenses and prevent future incidents. As the investigation progresses, Wise is determined to provide regular updates and support to affected customers. Their dedication to transparency and user security remains unwavering, ensuring that they take every step necessary to safeguard their users’ information and maintain their trust. 

This incident highlights the growing threat of cyberattacks on financial institutions and the critical need for robust security measures. Customers are reminded to stay alert and take proactive steps to protect their online accounts. Wise’s efforts to address the breach and protect their users underscore their commitment to maintaining trust and security for their customers.
Read more »
Identity Theft
Consumer Data Data Breach Financial Data Breach Financial Security Identity Theft

The Latest Prudential Financial Data Breach Exposes Vulnerabilities

 

Prudential Financial, a global financial giant managing trillions in assets, recently revealed a cybersecurity breach, putting employee and contractor data at risk. The incident, identified on February 5, highlighted the vulnerabilities in even the most robust financial institutions' cybersecurity defenses. 

Prudential Financial, a Fortune 500 company providing a spectrum of financial services to over 50 million customers globally, reported that a threat actor gained unauthorized access to some of its systems. The breach, detailed in a Form 8-K filing, exposed the severity of the incident, as the attackers managed to steal administrative and user data stored on compromised systems, including user accounts linked to employees and contractors. 

The company, managing assets worth approximately $1.4 trillion, activated its cybersecurity incident response process promptly. External cybersecurity experts were enlisted to investigate, contain, and remediate the breach. Despite these efforts, Prudential Financial did not disclose the number of employees affected among its 40,000-strong global workforce. The nature of the attack suggests a cybercrime group's involvement, potentially indicating a ransomware attack. Prudential Financial assured stakeholders that it is actively investigating the extent of the incident, aiming to determine if the threat actor accessed additional information or systems. 

The company is committed to understanding the full impact of the breach on its operations. Prudential Financial emphasized that, as of now, there is no evidence of customer or client data theft. This assertion is a relief for the millions of customers who rely on the company for insurance, retirement planning, and wealth management services. The incident has been reported to law enforcement and regulatory authorities, showcasing the company's commitment to transparency and cooperation in addressing the cyber threat. 

However, this is not the first time Prudential Financial faced a data breach. In May 2023, a further complication arose when personal information for over 320,000 Prudential customers, managed by third-party vendor Pension Benefit Information (PBI), became vulnerable. The breach was attributed to the Clop cybercrime group infiltrating PBI's MOVEit Transfer file-sharing platform. PBI, in their communication about the incident, specified that compromised data on their server included sensitive information such as names, addresses, dates of birth, phone numbers, and Social Security numbers. 

This prior breach adds a layer of complexity to the recent cybersecurity incident, prompting concerns about the overall resilience of Prudential Financial's data security infrastructure. The dual incidents underscore the evolving and persistent threats financial institutions face in the digital age. The intricacies of these breaches pose challenges not only in immediate response but also in understanding the long-term consequences on customer trust, regulatory compliance, and the overall stability of the financial services provider. 

As Prudential Financial navigates the aftermath of the recent breach, the focus on cybersecurity resilience becomes paramount. The company must reassess and fortify its security protocols to withstand evolving cyber threats. Beyond addressing the immediate vulnerabilities, Prudential Financial needs to instil confidence in its customers, employees, and stakeholders by showcasing a renewed commitment to data protection and proactive cybersecurity measures. 

The Prudential Financial Data Breach serves as a cautionary tale for financial institutions worldwide. The incident highlights the ongoing challenges in safeguarding sensitive data and underscores the critical need for continuous improvement in cybersecurity strategies. As the financial industry grapples with evolving cyber threats, institutions like Prudential Financial must not only respond effectively to breaches but also proactively invest in robust cybersecurity measures to protect their assets, reputation, and the trust of millions of customers.
Read more »
Information Leak
Cyber Threats Data Breach data security Financial Data Breach Information Leak

Bank of America's Security Response: Mitigating Risks After Vendor Data Breach

 

In a concerning development, Bank of America has informed its customers about a possible data breach stemming from a security incident involving one of its vendors. This incident raises questions about the security of sensitive customer information, underscoring the ongoing challenges faced by financial institutions in defending against cyber threats. The breach notification from Bank of America underscores the importance of transparency and timely communication in response to data security incidents. 

The bank assures customers that it is actively addressing the situation and taking necessary measures to mitigate potential risks. This incident serves as a reminder of the dynamic threat landscape, where even robust security measures may not always be sufficient to prevent unauthorized access to sensitive data. While specific details about the vendor hack remain limited, the incident highlights the interconnected nature of the modern financial ecosystem. Financial institutions often rely on a network of vendors and third-party service providers to streamline operations and enhance services. 

However, this interconnectedness also introduces potential vulnerabilities, as cybercriminals may target less secure entry points to gain access to valuable financial data. Bank of America's proactive approach in promptly notifying customers is commendable, enabling individuals to take necessary precautions such as monitoring accounts for suspicious activity and updating passwords. The incident prompts a broader conversation about the need for continuous vigilance by both financial institutions and customers in the face of an ever-evolving cyber threat landscape. 

The bank assures that they are collaborating closely with law enforcement agencies and cybersecurity experts to investigate the extent of the breach and identify the perpetrators. Such collaborative efforts are crucial in the aftermath of a data breach, enhancing the understanding of attack vectors employed by cybercriminals and informing strategies to fortify future defenses. In response to the breach, customers are advised to remain vigilant for phishing attempts and fraudulent activities. 

Cybercriminals often exploit data breaches to launch targeted phishing attacks, attempting to trick individuals into divulging sensitive information or installing malware. Heightened awareness and skepticism regarding unsolicited communications can prevent additional security compromises. Financial institutions grapple with the growing sophistication of cyber threats, requiring a comprehensive and adaptive approach to cybersecurity. This includes robust technical defenses, ongoing employee training, regular security assessments, and a commitment to staying abreast of emerging threats. 

The incident involving Bank of America underscores the necessity for the financial industry to continually reassess and enhance its cybersecurity posture. As the investigation unfolds, the financial and cybersecurity communities will closely monitor the aftermath of the Bank of America data breach. The incident underscores the importance of not only responding promptly to security incidents but also learning from them to fortify defenses for the future. The interconnected nature of the financial sector demands a collective and proactive effort to address vulnerabilities and ensure the security and trust of customers. 

The Bank of America data breach serves as a stark reminder of the persistent and evolving nature of cyber threats faced by financial institutions. It emphasizes the importance of transparency, collaboration, and ongoing efforts to strengthen cybersecurity measures. As the financial industry navigates the complex landscape of digital risks, a collective commitment to cybersecurity remains essential to safeguard the integrity of the financial system and protect the sensitive information of customers.
Read more »
Software
Crypto Crypto heist cryptocurrency Data Breach Encryption Financial Data Breach MFA North Korean Hackers Ransomware Attacks. Software

North Korean Hackers Swipe $200M in 2023 Crypto Heists

North Korean hackers had been effective in fleeing with an incredible $200 million in various cryptocurrencies in the year 2023 in a series of clever cyber heists. North Korea's alarming increase in crypto thefts has not only put the whole cybersecurity world on high alert, but it has also highlighted the country's increasing skill in the field of cybercrime.

Several cyberattacks targeting important cryptocurrency exchanges, wallets, and other digital platforms were conducted by North Korean cybercriminals, according to reports from reliable sources, a blockchain intelligence business.

The hackers' tactics are reported to be highly advanced, indicating a deep understanding of the cryptocurrency landscape and an evolving sophistication in their methods. Their operations have been linked to funding the North Korean regime's activities, including its missile development programs, which add a geopolitical dimension to these digital attacks.

Digital space has unavoidably been affected by the continued tension surrounding North Korea's actions on the international scene. The nation has apparently mastered cybercrime, allowing it to take advantage of holes in different encryption schemes. Strong countermeasures are needed for this new type of criminal conduct in order to safeguard both the interests of individual cryptocurrency holders and the integrity of the entire digital financial system.

Crypto exchanges and related platforms are under increasing pressure to improve their security protocols, implementing cutting-edge technologies like multi-factor authentication, biometric identification, and enhanced encryption to protect customer assets. To create a unified front against these cyber dangers, collaborations between government agencies and business sector cybersecurity professionals are essential.

As these attacks underscore the pressing need for global cybersecurity cooperation, governments, and international organizations should consider initiatives that promote information sharing, threat intelligence dissemination, and coordinated responses to cyber threats. This should ideally be coupled with diplomatic efforts to address the underlying issues that fuel such illicit activities.

The North Korean crypto heists also emphasize the significance of individual user vigilance. Cryptocurrency holders should adopt a proactive stance on security, utilizing hardware wallets, regularly updating software, and staying informed about potential threats. Additionally, employing a healthy level of skepticism towards unsolicited messages and emails can thwart phishing attempts that often serve as entry points for hackers.
Read more »
malware
crime through technology Financial Data Breach malware

Hackers Trick Victims into Downloading BitRAT Malware

 

A brand new malware campaign has been discovered which is using important data stolen from a Colombian bank as a lure in phishing emails to drop a remote access trojan called BitRAT. 

As of now, it is being reported that the unknown figure has hijacked the IT infrastructure of a Colombian cooperative bank, using the information to craft convincing decoy messages to lure customers into opening file attachments. 

A recent attack was discovered by cybersecurity firm Qualys, which found evidence of a database dump comprising 418,777 records that have been obtained by exploiting SQL injection faults. 

The information that has been leaked includes Cédula numbers (a national identity document issued to Colombian citizens), phone numbers, customer names, email addresses, payment records, addresses, and salary details. 

The Excel file, which contains the exfiltrated bank information, also embeds within it a macro that's used to download a second-stage DLL payload, which is configured to retrieve and install BitRAT in the system of the victim. 

"It uses the WinHTTP library to download BitRAT embedded payloads from GitHub to the %temp% directory," Qualys researcher Akshat Pradhan reported. 

Furthermore, he added that "Commercial off-the-shelf RATs have been evolving their methodology to spread and infect their victims. They have also increased the usage of legitimate infrastructures to host their payloads and defenders need to account for it." 

BitRAT is a malicious program, which is known as a Remote Access Trojan (RAT). Hackers and a group of hackers use this Malware to get remote access and control over an infected system and network. 

Furthermore, studies found that RATs have advanced technologically driven functionality. However, BitRAT is not considered the most sophisticated malware if we compare it to other malware software that are present today, nevertheless, it is highly dangerous. Therefore, BitRAT infections must be curved immediately after its detection in the system.

It is a matter of concern since worldwide financial institutions are being targeted every day. Recently, the Dutch mobile security company identified a network of phishing websites targeting Italian online-banking users to get hold of their contact details. 
Read more »
Financial Data Breach
Credential Stuffing Data Breach EV sector Financial Data Breach

E-Bike Phishing Sites Abuse Google Ads to Push Scams

 

A large-scale phishing campaign making headlines involving over 200 scam sites that are deceiving users into providing their sensitive data to the fake investments schemes impersonating genuine brands.
Following the news, two cyber security analysts Ankit Dobhal and Aryan Singh have stated in their research that this phishing campaign has caused financial damages of up to $1,000,000, coming from tens of thousands of victims. 

The fraudulent operation was discovered by the Singaporean security firm CloudSEK, which has shared its report with media firms enunciating that this phishing campaign apparently victimized the Indian audiences through Google Ads and SEO by drawing them to hundreds of fake websites. 

The Indian government has recently launched favorable policies to uplift the growth of the country's electric vehicle sector. According to the Indian analysis reports, before the end of this decade, these new policies will bring a growth of 90% (CAGR) for the Indian EV sector, making it a $200 billion sector. The Country is already experiencing a boost in this sector, over 400 EV start-ups have already taken place while existing automotive companies are also promoting their operations in the EV sector. 

Because of the boom in this industry, the group of Cyber threat actors victimized people with an explosion of websites attempting to exploit victims with fake information. The malicious actors ensure a steady influx of potential victims by abusing Google Ads, stuffing their phony sites with keywords, and impersonating popular companies such as Revolt and Ather. 

It has been noticed in many cases that the threat actors simply copy the content, layout, style, and all images of the genuine sites and create clones. Furthermore, in other cases, the scammers make entirely fictional marketplaces using generic words like "ebike". 

When users login into the websites, the scammers instruct them to enter their full address including their names, email addresses, contact numbers, to register on the platforms. After the registration, the scammers ask them to pay the required fee to become an EV dealer or purchase a product on the site.
Read more »
Subscribe to: Posts (Atom)