Technology

July 28, 2022: Samsung Hit in Cyberattack, Again

For the second time this year in a span of less than six months, electronics giant South Korea-based Samsung, suffered a data breach this past July, but the company did not discover it until early August.
After discovery, the company found the attackers stole personal data from customers.
“At Samsung, security is a top priority,” the company said in an advisory it posted September 2 almost a month after discovering the incident. “We recently discovered a cybersecurity incident that affected some customer information.
“In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems. On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected. We have taken actions to secure the affected systems, and have engaged a leading outside cybersecurity firm and are coordinating with law enforcement."
This was the second attack against Samsun this year and third since 2020.

June 12, 2022: Over 2,5 Million Individuals Impacted by System Breach at Federal Student Loan Services Provider.

Data for over 2.5 million individuals with student loans from Oklahoma Student Loan Authority (OSLA) and EdFinancial was exposed after hackers breached the systems of technology services provider Nelnet Servicing. Sometime in June, unidentified intruders compromised Nelnet Servicing and stayed on its systems until July 22. The hackers compromised the company's network likely after exploiting a vulnerability. EdFinancial underlines that not all its clients are hosted by Nelnet Servicing. Due to the seriousness of this incident, law firm "Markovits, Stock & DeMarco" launched an investigation on the potential of a class action lawsuit.

April 18, 2022: Ransomware Attack at Germany’s Largest Library Services Deletes Media Files

One of the largest library services in Germany, EKZ Bibliotheksservice, has been impacted by a ransomware attack. The attack has left book lovers unable to rent and borrow eBooks, audio books, and electronic magazines. Onleihe, a popular online app that connects users via EKZ's service to their local libraries, reported that its copy-protected eBooks had been deleted. Bleepingcomputer reported that the LockBit ransomware group has claimed responsibility. LockBit released 100% of the data, according to Bleepingcomputer, indicating EKZ will not pay the ransom and is likely restoring from backups,

August 4, 2022: Twilio Suffers Data Breach

Cloud communications company Twilio says some of its customers' data was accessed by attackers who breached internal systems after stealing employee credentials in an SMS phishing attack.
"On August 4, 2022, Twilio became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials," Twilio said in an advisory.
"The attackers then used the stolen credentials to gain access to some of our internal systems, where they were able to access certain customer data."
The company also revealed the attackers gained access to its systems after tricking and stealing credentials from multiple employees targeted in the phishing incident.

March 29, 2022: Globant IT and Software Consultancy Stolen Data Leaked by Lapsus$ Extortion Group

IT and software consultancy firm Globant confirmed a data breach by the Lapsus$ data extortion group. Stolen data, consisting of administrator credentials and source code, was leaked by the threat actors. The hacking group released a 70GB archive describing it as “some customers source code.”

May 24, 2022: Cisco Hit in Cyber Attack, Data Taken

Cisco discovered a security incident May 24 targeting its corporate IT infrastructure, and took immediate action to contain and eradicate the attackers, officials said.
Cisco disclosed the incident Wednesday because the attackers published a list of files from the incident to the dark web.
In light of the attack, Cisco did not report any impact to its business, including it products, services, customer data, employee information, intellectual property or supply chain operations.
Cisco did say since the attack, the company has taken steps to remediate the impact of the incident and further harden its IT environment. In addition, the tech giant said no ransomware has been observed or deployed and Cisco has successfully blocked attempts to access Cisco’s network since discovering the incident.

August 1, 2022: Semikron ‘Holding Production’ after Cyber Attack

A German semiconductor maker with a focus on industrial automation systems and electric vehicles said it suffered a cyber-attack that resulted in data encryption, and as a result is “holding our production.”
Nuremberg, Germany-based Semikron, which claims to power 35 percent of the wind turbines installed globally each year, fell victim to the attack, the company said Monday. As a result of the attack on its IT system, the company is halting production for the time being.
“Due to the cyber incident, we are currently holding our production,” Semikron said in a statement to its customers on Thursday. As long as we cannot guarantee clearance of the cyber-attack completely from our systems, we will not have access to our landline or E-mail communication. We are however still reachable via our business mobile contacts.”

January 5, 2022: RansomHouse Databreach Extracted 450 GB of Data at Chipmaker AMD

After the last few years of disruption and amid the global chip shortage, the company has been attacked by the RansomHouse Extortion Group, which claims to have exfiltrated more than 450 GB of data. The RansomHouse gang did not initially release samples, but AMD acknowledged the breach.

"No, we haven't reached out to AMD as our partners consider it to be a waste of time: it will be more worth it to sell the data rather then wait for AMD representatives to react with a lot of bureaucracy involved," a RansomHouse representative told BleepingComputer. RansomHouse claims that the stolen data includes research and financial information, which they say is being analyzed to determine its value.

The threat actors have not provided any proof of this stolen data other than a few files containing information allegedly collected from AMD's Windows domain. This data includes a leaked a CSV containing a list of over 70,000 devices that appear to belong to AMD's internal network, as well as an alleged list of AMD corporate credentials for users with weak passwords, such as 'password', 'P@ssw0rd', 'amd!23', and 'Welcome1.'

December 12, 2020: Major Supply Chain Breach Involving the SolarWinds Orion System.

Over 18,000 SolarWinds customers installed malicious updates in three versions of its Orion monitoring and management software, with the malware spreading undetected. Through this code, hackers accessed SolarWinds’s customer information technology systems, which they could then use to install even more malware to spy on other companies and organizations.

The SolarWinds hack was a major event because it triggered a much larger supply chain incident that affected thousands of organizations, including tech giants and U.S. government agencies.

July 3, 2022: SHI International takes systems offline after malware attack

SHI International has confirmed that a malware attack hit its network over the 4th July weekend. SHI is a New Jersey-based provider of Information Technology (IT) products and services.

The company said in a statement: "SHI was the target of a coordinated and professional malware attack. Measures were enacted to minimize the impact on SHI's systems and operations. We are liaising with federal bodies including the FBI and CISA and there is no evidence to suggest that customer data was exfiltrated during the attack."

Pin It on Pinterest

Scroll to Top
Scroll to Top