Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label MOVEit Attack. Show all posts
User Privacy
Data Breach Data Leak Employee Data MOVEit Attack User Privacy

Amazon Employee Data Leaked in MOVEit Attack Fallout

 

Amazon has confirmed that some employee data was accessed last year, presumably as part of the huge MOVEit hacking campaign. A hacker recently revealed on the BreachForums cybercrime forum that they had stolen Amazon employee information, such as names, phone numbers, email addresses, job titles, and other job-related information. 

The hacker claimed the data came from the 2023 MOVEit attack, which entailed exploiting a zero-day vulnerability in Progress Software's MOVEit file transfer software to gather sensitive information from thousands of organisations that had used the program. 

The MOVEit campaign, which is widely thought to have been carried out by the Cl0p ransomware group, impacted about 2,800 organisations and compromised the data of approximately 100 million people. 

Amazon confirmed the data theft in a statement released earlier this week, but added several important details. According to the firm, the data was obtained via a third-party property management vendor; neither Amazon or AWS systems were compromised. 

The incident impacted several of the third-party vendor's clients, including Amazon. Amazon stated that only employee work contact information, such as work email addresses, desk phone numbers, and building locations, were revealed, while other, more sensitive information, such as Social Security numbers and financial information, were not compromised. 

The hacker claims that the Amazon employee database has nearly 2.8 million records, however it is unknown how many employees are affected. The same hacker has also leaked employee data from BT, McDonald's, Lenovo, Delta Airlines, and HP. The data appears to be the result of the same MOVEit breach that targeted the same real estate services company that housed Amazon employee information.
Read more »
MOVEit Attack
ALPHV/BlackCat Cl0p Cyber Attacks Cyber Threats Cyberattacks 2023 Megacart threat MOVEit Attack

The MOVEit Breach Might be the Biggest Cyberattack in 2023


Despite the series of malicious cyber attacks witnessed in 2023, with a number of new trends and tactics in the campaigns, one of the breaches that stood out was the breach of the file transfer service MOVEit.

In a new report published by ESET, it was revealed that in addition to its extensive effects, the MOVEit hack was significant since its perpetrators, Cl0p, did not use any ransomware.

Additionally, the campaign leaked the stolen data from victim organizations on a public website—another example of a novel tactic used by cybercriminals. The infamous ALPHV/BlackCat ransomware gang, who were also active this year, were also seen adopting this strategy. 

Emerging Trends

ESET, in its report, notes that because of the scale at which the MOVEit hack transpired, it was probably too much effort for Cl0p to encrypt each victim it captured. ESET cites data from Emsisoft, which projects that there will be more than 2,600 impacted organizations after six months. 

These victims ranged from government agencies, schools and healthcare, to major organizations like Sony and PricewaterhouseCoopers (PwC).

Another emerging tactic adopted by cybercriminals was using AI tools in their attack campaigns, taking into account the boom in technology in 2023 and the wake of ChatGPT’s public release in November 2022. 

Several campaigns have utilized AI tools like ChatGPT and spoofing domains that sound similar to ChatGPT. These domains include web applications that compromise user privacy by using the OpenAI API keys unsafely.

The Lumma hacker, who was extremely successful at stealing cryptocurrency wallets, was another phenomenon of the year. It alone accounted for 80% of detections in this industry and caused a 68% increase in crypto theft this year. In addition, the Lumma malware has been collecting login credentials and other data; between H1 and H2 2023, the total number of Lumma detections tripled. 

Moreover, the infamous Megacart threat, which has been a concern to retailers since 2015, still remains persistent and has developed into a stronger threat this year. It inserts code into insecure websites in order to collect user data, including credit card numbers. There was a 343% increase in detections between 2021 and 2023. 

Jiří Kropáč, Director of Threat Detection at ESET, concludes that "these developments show an ever-evolving cybersecurity landscape, with threat actors using a wide range of tactics." With the emergence of AI technology and evolving tactics of threat actors in 2023, it is anticipated that the situation is only going to worsen in the coming years, making it more important for organizations to take better safety measures to protect their systems from future cyberattacks.  

Read more »
Subscribe to: Posts (Atom)