Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Sensitive data Leaked. Show all posts
Sensitive data Leaked
BSNL Cyber Crime Cyberattacks CyberCrime Cybersecurity Dark Web Data Breach Data Leak Sensitive data Leaked

Hacked and Exposed: BSNL's Battle Against a Dark Web Data Breach

 



A hacker named Ellis is now selling thousands of internet and landline records from the telecom operator BSNL on the dark web, as a result of a data breach that saw the operator suffer a data breach in the recent past. BSNL users' sensitive information, including email addresses, billing details, and contact numbers, has been compromised, raising concerns of identity theft, financial fraud, and targeted phishing attacks that target these individuals. 

An excerpt from the stolen data has been posted on the dark web by the hacker. There are sensitive details contained in the document, such as email addresses, billing details, contact details, as well as other private details, which are concerned with BSNL customers with fibre and landlines, raising concerns about identity theft, financial fraud, and targeted phishing attacks that target these individuals. 

Furthermore, it appears that information like outage records for mobile phones, network details, information about completed orders, and personal information about customers is also compromised. According to the hacker's claims on the dark web, he has obtained critical data regarding users of BSNL's fibre and landline services in India, under the alias "Perell." 

The hacker claimed that his data regarding BSNL's fibre and landline services in India was stolen. The information that was stolen has already been revealed in part, which comprises some 32,000 lines of information relating to the theft. There is nothing more noteworthy than the fact that "Perell" is in control of approximately 2.9 million lines of data covering all databases of BSNL, which contains details about customers at the district level. 

The compromised data also included mobile outage reports, network information, orders that have been completed, and client details, as told to me by a source familiar with the situation familiar with the situation. In a report circulated in the media, an unidentified individual expressed concerns over a potential data breach at Bharat Sanchar Nigam Limited (BSNL), a company considered to be a critical infrastructure entity, which places the privacy and security of customers at risk. 

It appears that the hack was carried out by an individual, rather than by an organization, according to Saket Modi, founder and CEO of Safe Security, a cyber risk management company. Modi told in a report that there is a high probability that it is a single website that has been breached as the hacker claims that there are around 2.9 million rows of data in the database. 

It should be noted that in addition to being able to exploit SQL (Structured Query Language) Injection vulnerabilities, the sample data structure that was posted on the dark web could signal a potential attack. While BSNL has not officially acknowledged the data breach, cybersecurity expert Kanishk Gaur, founder and president of India Future Foundation, has described the breach as "deeply concerning." 

BSNL has not acknowledged the data breach, but the cybersecurity watchdog Cert-in has been informed. In this regard, cybersecurity expert Kanishk Gaur expressed deep concern over the recent data breach at BSNL, saying, "The recent data breach raises profound apprehensions. It presents a serious risk that has implications for both the company as a service provider as well as its users." 

There was a significant breach of sensitive information, which Gaur highlighted as being extremely serious. He has emphasized that this compromise is not just harmful to user privacy, but also puts them at increased risk of identity theft, financial fraud, and targeted phishing attacks due to the compromise of sensitive information. As a result of the warning, comprehensive measures are urgently needed to deal with the potential fallout from this security lapse and to protect BSNL's users' interests and security from potential consequences.
Read more »
User Security
Data Breach Ministry of Defense Sensitive data Leaked United Kingdom User Privacy User Security

A Second Data Breach at the Ministry of Defence has been Discovered

 

The email addresses of dozens more Afghans who may be eligible for relocation in the United Kingdom have been exposed in a second data leak by the British Ministry of Defence (MoD), putting their safety in jeopardy. According to the BBC, the newest mishap had MoD staff accidentally copying 55 people into an email, making their personal information exposed to all recipients. 

According to the BBC, the recipients, at least one of whom is a member of the Afghan national army, were told that relocation officials in the UK had been unable to contact them and that they needed to update their information. 

The MoD's Afghan Relocations and Assistance Policy (ARAP) team, according to a spokesperson, was "aware" of the error, which occurred earlier this month. “Steps have now been taken to ensure this does not happen in the future. We apologize to those affected and extra support is being offered to them,” the spokesperson said. “This week, the defence secretary instigated an investigation into data handling within that team.”

Officials from the Ministry of Defence have contacted those affected and offered advice on how to minimize the potential hazards. 

It comes just a day after the defence secretary issued an apology for a second breach affecting the email addresses of dozens of Afghan interpreters working for British forces. Defence Secretary Ben Wallace said in the House of Commons on Tuesday that thousands of members of the armed services and veterans had been let down by "an unacceptable level of service."

Ben informed lawmakers on Tuesday that mechanisms for "data handling and communication processing" had already been modified. According to BBC, who cited defence officials, Wallace was unaware of the second MoD breach when he made those remarks. 

Former Conservative defence minister Johnny Mercer, who fought in Afghanistan, expressed concern that similar situations could occur again. He said: “I’ve been concerned from the start as to how these individuals have been treated – the whole thing was such a rush to the door when Kabul fell that these mistakes were inevitable. I personally think we’ve taken out people we really shouldn’t have, and failed to bring out the majority of those we should – I think we are only beginning to learn the scale of what has gone on here.”
Read more »
Sensitive data Leaked
Bank Cyber Security Bank Security Cyber Security Data Leak Sensitive data Leaked

Maze Ransomware Operators Leaked 2GB of Financial Data from Bank of Costa Rica (BCR)


Bank of Costa Rica (BCR) has been receiving threats from the threat actors behind Maze ransomware who have stolen credit card details from the bank, the ransomware gang started publishing the encrypted financial details this week.

The Banco de Costa Rica is one of the strongest state-owned commercial banks operated in Costa Rica, starting from humble origins of mainly being a private commercial bank, it expanded to become a currency issuer and one of the most renowned baking firms in Central America contributing largely in the financial development of the nation.

The hacker group behind the data leak have demanded a ransom from Banco de Costa Rica at various occasions, however, to their dismay they observed a lack of seriousness in the way the bank dealt with these previous leaks and it served as a primary reason that motivated the latest data leak, according to an interview with Maze ransomware operators.

As per the claims made by the attackers, Banco de Costa Rica's network remained insecure till February 2020; it was in August 2019 when they first compromised the bank's network and the second attempt was made in the month of February 2020 to see how the security has been improvised – if at all so.

The 2GB of data published by the Maze ransomware attackers on their leak site contains the details of at least 50 Mastercards and Visa credit cards or debit cards, a few being listed more than once.

As per the statements given by Brett Callow, a threat analyst with Emsisoft to ISMG, "Like other groups, Maze now weaponizes the data it steals,"

"The information is no longer simply published online; it's used to harm companies' reputations and attack their business partners and customers."

"The Maze group is a for-profit criminal enterprise who are out to make a buck," Callow says. "The credit card information has been posted for one of two reasons: Either to pressure BCR into paying and/or to demonstrate the consequences of non-compliance to their future victims," Callow further told.
Read more »
Sensitive data Leaked
Coronavirus COVID-19 Data Leak Privacy Sensitive data Leaked

Around 25,000 Email Addresses and Passwords Belonging to NIH, WHO, World Bank and Others Posted Online


The SITE Intelligence Group, a non-governmental US-based consultancy group that monitors online activities of international terrorist groups and tracks global extremism, recently discovered around 25,000 email addresses and passwords being posted online by unidentified activists. Reportedly, these credentials belong to the World Health Organisation, National Institutes of Health, the Gates Foundation, and various other organizations united in the global battle against COVID-19 – working to contain the spread of the Coronavirus.

The data of unidentified origins was exposed on Sunday and Monday and straight away used by cybercriminals to make attempts at hacking and take advantage of the posted information by causing incidents of harassment led by far-right extremists. The information made its first appearance on 4chan, an imageboard website where people anonymously post their opinions on subjects ranging from politics, anime, music, video games to sports and literature. It then subsequently appeared on Pastebin, Twitter, and Telegram groups belonging to far-right extremists.

However, the authenticity of the email addresses and passwords is still in question as the SITE said it was unable to verify the data. As per Robert Potter, an Australian cybersecurity expert, the 2,732 emails and passwords belonging to WHO were found to be authentic.

The biggest victim of the incident was NIH with a total of 9,938 emails and passwords being exposed, following NIH was the Centers for Disease Control and Prevention with the second largest number i.e., 6,857 and the World Bank with a total of 5,120, according to the report by SITE. All three organizations were quick to decline the requests of making any comment on the matter.

While providing insights, SITE's executive director, Rita Katz said, “Neo-Nazis and white supremacists capitalized on the lists and published them aggressively across their venues.”

“Using the data, far-right extremists were calling for a harassment campaign while sharing conspiracy theories about the coronavirus pandemic. The distribution of these alleged email credentials was just another part of a months-long initiative across the far right to weaponize the covid-19 pandemic.” She further added.

Meanwhile giving assurance, Twitter spokeswoman Katie Rosborough said, “We’re aware of this account activity and are taking widespread enforcement action under our rules, specifically our policy on private information. We’re also taking bulk removal action on the URL that links to the site in question.”
Read more »
User Security
Customer Data Cyber Security Gaming Sensitive data Leaked User Security

1.1 Million Customers Records of SCUF Gaming Exposed Online


The database of more than 1 million customers was exposed online by 'SCUF Gaming', a subsidiary of Corsair that develops high-end gamepads for Xbox, PS4, and PC. The incident led to the exposure of clients' names, payment info, contact info, repair tickets, order histories, and other sensitive information. Other data belonging to the company's staff and internal API keys were also compromised as a result.

The data was left unprotected for two days before being discovered by the security researcher, Bob Diachenko who reported the same to Scuf Gaming. The team led by the researcher found the data on the web without any password protection or authentication.

The database was taken down by the company in less than two hours of being notified. Meanwhile, bot crawlers got enough time to locate the exposed database and a ransom note was found demanding 0.3 BTC from the company. The note says that the data had been downloaded by the cybercriminals, however, no such action is being detected by the systems. "Your Database is downloaded and backed up on our secured servers. To recover your lost data, Send 0.3 BTC to our BitCoin Address and Contact us by eMail.” The note read.

Experts are of the belief that the involved criminals did not get enough time to delete or encrypt the data present in the database, hence, it's unlikely that they would have been able to download it either. However, SCUF clients and staff could face a risk of phishing attacks, identity theft, and fraud by the cybercriminals who might have downloaded some pieces of
the leaked database.

In a conversation with Comparitech, a spokesperson for Corsair, parent company to SCUF gaming told, “…Once notified, we identified the root cause of this exposure and secured the database within two hours. While investigating Mr. Diachenko’s warning, we also discovered that a bot had connected to the database’s server and placed a ransom note there. We have no evidence that either the bot or any other actor was able to misappropriate customer data.

This issue was specific to one system, being operated off-site due to work-from-home precautions resulting from the current COVID-19 pandemic.”

To stay on a safer side, SCUF Gaming customers are advised to keep an eye for any suspicious activity in regard to their bank accounts as scammers who were to able gather whatever bits of information they could, are likely to attempt targeted phishing attacks.
Read more »
Sensitive data Leaked
Cyber Crime Hacking Sensitive data Leaked

Hackers Gain Access to Sensitive Data; Release Veterans’ Stolen Data Related To PTSD Claims


Hackers become increasingly serious in their game as they begin targeting sensitive data that incorporates pain diary entries from veterans' very own physical injury cases. Breaching a few law firms, the local government databases and other organizations, demanding payments for data recuperation and deletion Maze, a hacking and ransomware group, as a major element of a ransomware attack against U.S. law firms released V.A documents, patient care records, legal fee agreements, and privacy consent forms. 

Screenshot of a VA claims document released in a data dump by hacking group Maze as part of a ransomware attack against U.S. law firms. (Screenshot/Brett Callow)

Two of those hacks focused explicitly on Texas-based law firm Baker Wotring in November and Woods and Woods LLC in Evansville, Indiana, this month. As per Brett Callow, a threat analyst with Emsisoft, Maze hacks an organization's servers, informs them of the breach and demands ransom payments to prevent data dumps and if the group doesn't receive what it demanded, it proceeds to publish small quantities of compromised information — "proofs" — online, open to anybody with internet access. 

And the group has actually done it. After previously demanding payments ranging from $1 million to a few million dollars, if the payment isn't received, Maze has released additional sensitive information on a 'staggered basis'. 

Screenshot of a pain diary document released in a data dump by hacking group Maze as part of a ransomware attack against U.S. law firms. The image has been redacted by Military Times. (Screenshot/Brett Callow)

According to Callow, the Ransomware group has already released a part of individual archives from Woods and Woods, and the group professes to have more data. Aside from this, it has likewise posted the compromised information on a Russian hacker forum. While other hackers utilize the stolen data to target and demand ransom from individual patients or clients, Maze doesn't do that. 

The hacking group works a bit differently here as they themselves write on their site, “Use this information in any nefarious way that you want.” 

Nonetheless as per Bleeping Computer, keeping in mind the current developments from the group the Federal Bureau of Investigation (FBI) has issued a Flash Alert just a month ago to privately owned businesses in order to advise them of expanded Maze ransomware exercises, as a prudent step.
Read more »
Ukrainian Cyber Security
Data Breach Sensitive data Leaked Ukraine Ukrainian Cyber Security

Ukrainian government job site posted passport scans of thousands of civil service candidates


Government job site https://career.gov.ua/ published scans of passports and other documents of citizens who registered on the portal to search for work in the government sector. This was announced on January 16 by the Office of the Ombudsman of Ukraine on Facebook.

“A possible leak of personal data of citizens who registered on the site https://career.gov.ua/ with the aim of passing a competition for government service was identified. A copy of the passport and other scanned documents that users uploaded to the Unified Vacancy Portal for public service are in free access," the message said.

It is noted that data leakage became known from posts on Facebook by job seekers in the public sector. So, on January 15 at night in the social network, there were messages from candidates for government posts about publishing scans of their passports, diplomas and other documents. A spokeswoman for the Ukrainian cyber activist community, Ukrainian Cyber Alliance, known as Sean Townsend, filed a complaint with the Ombudsman’s Office.

The press service of the Ombudsman's Office noted that the circumstances of this incident are being established and monitoring is being carried out. However, Ukrainians are afraid that their documents will be used by fraudsters.

"Don't be surprised if a loan is accidentally taken in your name," users write in the comments.
The cybersecurity expert Andrei Pereveziy wrote the following: "Minister Dmitry Dubilet, what about digitalization? Probably, this vulnerability in the framework of #FRD should be demonstrated to the European Ombudsman, so that Europe understands what it supports."

The National Security and Defense Council (NSDC) of Ukraine held an extraordinary meeting of the working group on responding to cyber incidents and countering cyber attacks on state information resources in connection with the leak of data from the Unified Vacancy Portal.
During the meeting, experts noted the need for state authorities to ensure proper cyber protection of their own information systems.
Read more »
Sensitive data Leaked
Customer Data customer privacy Data Leak data security Security vulnerability Sensitive data Leaked

10,000 Clients Affected in Aegon Life Insurance Data Leak


Around 10,000 customers of Aegon Life Insurance, a joint venture between the Netherlands-based Aegon and India's Times Group, fall prey to a data leak which was caused through website's support channels, which clients used to communicate with the insurer regarding their grievances.

Reportedly, the data compromised included all the details ranging from the very basic demographic ones like name, gender, age to more specific ones such as health policy problems and annual income. It occurred due to a security vulnerability in the company's website.

Renie Ravin, Indian web developer and co-founder of the independent blogging platform, 'IndiBlogger', discovered the vulnerability which led to the data leak and reported it to the company in July 2019.

However, there is no evidence of the exposed data being illegally accessed or misused.

Referencing from the statements given by the company, "Aegon Life Insurance, India announces that a vulnerability on their website exposed information of some Indian customers who had used web forms to get in touch with Aegon Life."

"Aegon Life immediately fixed the vulnerability and have since informed all customers of this exposure. Aegon Life estimates that up to 10,000 customers were possibly affected."

"We will initiate an outreach program in the coming days to offer guidance to affected customers and to let them know what information was exposed. At Aegon Life, data security and customer privacy are of utmost importance and we will continue to be transparent with customers as we investigate further," the company added.









Read more »
Subscribe to: Posts (Atom)