April 30, 2023
American Airlines and Southwest Airlines disclosed data breaches. The cause was the hack of Pilot Credentials, a third-party vendor that manages multiple airlines’ pilot applications and recruitment portals. Documents containing information provided by certain applicants in the pilot and cadet hiring process were stolen. American Airlines said the data breach affected 5745 pilots and applicants, while Southwest reported a total of 3009.
May 8, 2020
Hackers stole sensitive details on 100,000 people from an outsourcing company named Interserve. The Phishing campaign attackers are unknown and the company offered no additional information. The data stolen is sensitive, including employee names and their addresses, bank details, payroll information, HR records, pension information and much more.
Update August 2023: The Information Commissioner fined Interserve £4.4m in autumn 2022. Interserve was once a FTSE 250 firm but has largely been broken up after collapsing into administration four years ago. Its latest accounts reveal that it spent £7m on ‘professional adviser fees’ following the attack.
July 20, 2023
Travel booking giant Sabre said it was investigating claims of a cyberattack after a tranche of files purportedly stolen from the company appeared on an extortion group’s leak site. The Dunghill Leak group claimed responsibility for the apparent cyberattack in a listing on its dark web leak site, alleging it took about 1.3 terabytes of data, including databases on ticket sales and passenger turnover, employees’ personal data and corporate financial information.
Sabre is a travel reservation system and major provider of air passenger and booking data. Many U.S. airlines and hotel chains rely on the company’s technology.
June 7, 2023
British Airways (BA), the BBC, Ofcom and Boots were among a number of organisations that were reportedly victims of a major recent cyber-attack, resulting in the breach of numerous staff details.
The stolen data is said to include staff names, staff ID numbers and national insurance numbers (although, importantly, not banking details). But, other than for those personally affected, the real issue is what this attack reveals about the evolution of cybercrime.
June 21, 2023
Indiana-based banking giant First Merchants Bank, also confirmed a data breach affecting sensitive customer information resulting from the MOVEit hacks.
First Merchants said that hackers accessed data including customers’ addresses, Social Security numbers, online banking usernames, payee information and financial account information. “Online or mobile banking passwords were not captured or compromised and remain unaffected by this incident.” First Merchants Bank also has not yet said whether the company has the ability to determine the number of affected customers. A spokesperson did not return a request for comment.
Clop has not yet listed First Merchants Bank on its dark web leak site.
October 17, 2022
International wholesale giant METRO is experiencing infrastructure outages and store payment issues following a recent cyberattack.
The company’s IT team is currently investigating the incident with the help of external experts. Even though its stores are still operating, METRO says that it was forced to set up offline payment systems and that online orders are delayed.
June 27, 2017
Britain’s WPP, the world’s biggest advertising agency, said on Tuesday it had been hit by a cyber attack. WPP Plc’s Chief Executive Officer Martin Sorrell, at a Bloomberg event in Davos half a year later stated: “WPP shut down all its systems when it was hacked and communicated internally on an hourly basis”, Sorrell said. Several weeks before WPP has hacked, a WannaCry ransomware attack infected more than 300,000 computers across 150 countries. Microsoft Corp. and others responded quickly by providing software updates, including to WPP, but to no avail, Sorrell said. “Those patches couldn’t stop the malware attack that we had in June”.
November 15, 2013
The Target Corp hackers managed to break into its payments network by first breaching a “data connection” between the U.S. retailer and its HVAC systems contractor. The data connection was used by the vendor, Fazio Mechanical Services, to bill Target and exchange contract and project management information with the retailer. Target, the third-largest U.S. retailer, has said the hackers stole about 40 million credit and debit card records, as well as personal information, such as addresses and phone numbers, belonging to about 70 million customers.
Many in the industry immediately recognized that a similar attack could happen with credentials for a BAS or energy management system, especially if a third-party company is performing a remote monitoring service.
June 18, 2022
Minneapolis, MN-based security provider, Entrust, suffered a cyber attack last month where some data ended up stolen.
Entrust provides security solutions for user and machine identities, payments, and digital infrastructure.
Todd Wilkinson, entrust president and chief executive released a statement discussing the incident.
“I am writing to let you know that on June 18, we learned that an unauthorized party accessed certain of our systems used for internal operations. We have been working tirelessly to remediate this situation since that moment.”
July 20, 2021
Business services provider, Morley Companies Inc., just disclosed a ransomware attack and data breach it suffered this past summer affecting over 500,000 workers.
Saginaw, Michigan-based Morley suffered the attack on July 20 last year, according to a report filed with the Maine Office of the Attorney General. The company, which said it discovered the attack January 26, offers business services to Fortune 500 and Global 100 firms, including meeting management, back-office processing, contact centers, and the creation of trade show exhibits.