Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label TransUnion. Show all posts
TransUnion
Customer Data Customer Data Exposed Data Breach Fidelity Investment fraud OWASP TransUnion

Fidelity Investments Data Breach Affects 77,099 Customers

 

Fidelity Investments recently disclosed a data breach that impacted 77,099 customers, with details made public in an October 9 filing with the Maine Attorney General’s Office. The breach occurred on August 17, 2024, and was discovered two days later on August 19. According to a letter sent to those affected, unauthorized access was gained to two newly established customer accounts. Using these accounts, the attackers were able to view and obtain personal information, although Fidelity noted that account balances or transactions were not viewed. 

While Fidelity did not disclose the specific types of data stolen, it has assured affected customers by offering 24 months of free credit monitoring and identity restoration services through TransUnion. The absence of service disruptions during the breach suggests that the attack was likely not ransomware-based, although the form of the attack remains undisclosed. Fidelity’s spokesperson, when addressing the breach, said the attackers “viewed customer information” without directly accessing customer accounts. Security experts believe that this kind of attack likely exploited a vulnerability in Fidelity’s web applications. 

Venky Raju, the field chief technology officer at ColorTokens, noted that the attack vector likely involved a misconfiguration in customer-facing applications, allowing the attackers to establish new accounts and access customer information through them. This method aligns with known vulnerabilities in web security, including those listed in the OWASP Top 10 Web Application Security Risks. Exploiting these vulnerabilities can allow attackers to bypass account security and access sensitive data. Cybersecurity analysts have speculated that the breach was primarily an information-gathering exercise. According to Sarah Jones, a cyberthreat intelligence research analyst at Critical Start, the motive behind the breach likely involved gathering data that could be used for future attacks. 

These could range from identity theft and phishing campaigns to more severe scenarios like ransomware demands. The personal information obtained through such breaches can be valuable on its own, or it can serve as a means for launching further, more sophisticated cyberattacks. As the investigation continues, Fidelity is working with external cybersecurity experts to understand the scope of the breach and to implement additional security measures. Customers are encouraged to stay vigilant and monitor their accounts for unusual activity. By providing affected users with credit monitoring and identity restoration services, Fidelity aims to mitigate the risks posed by the breach while ensuring that proper measures are put in place to prevent future incidents.  

While the exact impact of the data breach remains unclear, it serves as another reminder of the growing threats to personal information in the digital age. The evolving tactics of cybercriminals, particularly in exploiting vulnerabilities in web applications, highlight the importance of continuous security assessments and prompt responses to emerging threats.
Read more »
TransUnion
Data Breach Financial Data hack N4ughtySecTU Group Personal Data Ransomware Groups SABRIC South Africa data breach TransUnion

Hackers Threaten to Leak South Africa’s Private Financial Data, Demand R1.1 Billion Ransom


In a recent cyber threat, hackers have threatened to release all of South Africa’s private financial data unless TransUnion and Experian, the two biggest consumer credit reporting companies in the country, agree to pay ransom of R1.1 billion.  

The companies – TransUnion and Experian – were the ones that were hit by the cybercrime attack. 

According to Times Live, the hackers, the Brazil-based N4ughtySecTU Group, who had previously breached TransUnion's security and firewalls, claimed to have successfully evaded the safeguards of the company once again, following which they stole the data.  

Apparently, the hackers have demanded $30m [about R565m] from TransUnion and $30m from Experian.

The hackers, in a message sent to the managers and directors of the impacted companies, stated: “Ensure your response teams contact us on Session [a private communication platform] for payment instructions.”

While acknowledging the demands, TransUnion and Experian refuted the group's allegations of an ongoing hack on their systems.

“Following recent media coverage, TransUnion South Africa confirms it is aware of a financial demand from a threat actor asserting they have accessed TransUnion South Africa’s data. We have found no evidence that our systems have been inappropriately accessed or that any data has been exfiltrated,” TransUnion said.

“We’ve likewise seen no change to our operations and systems in South Africa related in any way to this claim. We are continuing to monitor closely. We treat matters regarding our information security seriously, and data security remains our top priority,” they continued. 

Not the First Attempt to Hack

Previously, in March 2022, N4ughtysecTU claimed responsibility for targeting TransUnion in their ransomware campaign. 

TransUnion South Africa later confirmed the hack, confirming that at least 3 million individuals were affected.  

Apparently, the threat actors gained access to the personal data of over 54 million people, which included information about their dates of birth, ID numbers, gender, marital status, and other sensitive facts. 

Experian also suffered a data breach in August 2020, reported by the South African Banking Risk Centre (SABRIC). The data breach compromised the personal information of around 24 million individuals and several business entities to a fraudster. 

Karabo Phungula, an Experian data fraudster, was given a 15-year prison sentence in March by the Specialized Commercial Crimes Court for obtaining the dataset under false pretence.   

Read more »
TransUnion
Data Breach Experian N4ughtySecTU personal data leak Ransom Demand South Africa data breach TransUnion

Data Breach Threat: Hackers Target TransUnion and Experian, Demand R1.1 Billion Ransom

 

 In a recent development, two of South Africa's largest credit bureaus, TransUnion and Experian, have been targeted by hackers known as N4ughtySecTU, who claim to have gained access to sensitive financial and personal data of South African citizens.

TransUnion has confirmed the hackers' demand for a R1.1 billion ransom and their ultimatum of releasing the confidential information within 72 hours. However, TransUnion maintains that they have found no evidence of a security breach and that their systems remain intact.

This is not the first time TransUnion has been subjected to cyberattacks. Last year, the hackers demanded a R223 million ransom.

In August 2020, Experian experienced a significant data breach, exposing the personal information of over 20 million South Africans and 793,749 businesses to a fraudster named Karabo Phungula, who was later sentenced to 15 years in prison.

Despite the allegations, Experian has also denied any data compromise, stating that their systems remain secure and that they take such threats very seriously. "Protecting our customers and data is our top priority," Experian asserted.

As the situation unfolds, both TransUnion and Experian continue to monitor the situation closely and maintain that their priority remains safeguarding their customers' data and ensuring the integrity of their systems.
Read more »
User Privacy
Credit Firm Data Breach Data Leak TransUnion User Privacy

TransUnion Refutes Data Breach Reports Amid Hacker's Claims

 

Credit reporting firm TransUnion has refuted reports of a security breach after a threat actor known as USDoD purportedly leaked information stolen from the company's network.

Millions of customers and more than 65,000 businesses from 30 countries are served by the over 10,000 employees of the Chicago-based firm. 

"Immediately upon discovering these assertions, we partnered with outside cybersecurity and forensic experts to launch a thorough investigation," the company stated.  "At this time, we and our internal and external experts have found no indication that TransUnion systems have been breached or that data has been exfiltrated from our environment."

Given that the data and its formatting are different from TransUnion, the inquiry into the claims discovered that the information stolen by USDoD was probably acquired from another organisation's systems. 

"Through our investigation, we have found that multiple aspects of the messages – including the data, formatting, and fields – do not match the data content or formats at TransUnion, indicating that any such data came from a third party," TransUnion added. 

The database allegedly stolen from TransUnion's devices contains a wide range of sensitive information on close to 59,000 individuals worldwide, according to the USDoD listing posted on a hacker site over the weekend. USDoD was a member of the infamous BreachForums (aka Breached) hacking site, which was confiscated by US law authorities in June.

The threat actor was also connected to the failed attempt to sell $50,000 worth of InfraGard's user database on Breached in December 2023 after gaining access to InfraGard through social engineering. 

At the time, Brian Krebs wrote that the Department of Defence (USDoD) claimed that the InfraGard user data was made freely accessible via an Application Programming Interface (API) that is incorporated into numerous essential elements of the website that facilitate communication and connection amongst InfraGard users. 

After their InfraGard membership was granted, according to USDoD, they directed a friend to write a Python script to query that API and retrieve every piece of InfraGard user data that was accessible. 

The data included the private information of more than 80,000 members in InfraGard, an FBI initiative to facilitate intelligence sharing between federal, state, and local law enforcement agencies as well as businesses.
Read more »
Subscribe to: Posts (Atom)