This Cyber Weekly includes:
Thanks to all 3373 subscribers! If you like receiving the cyber news every week, be sure to show your support by sharing the weekly posts. It helps a lot!
When you renew your Veeam Support Contract with us, you get 1TB of Cloud Connect Backup for free - $1000 value - for making the switch. The promo is only available for new Assurance IT customers. Just fill out the form on this page to get started.
In 2018, Uber paid $148 million to settles claims that it was too slow to disclose a hacking incident in 2016 that they only disclosed one year later. They hid the data breach that affected 57 million passengers and drivers. The prosecution came to a settlement and decided not to criminally charge the ride-sharing company because the new management has a stronger focus on ethics and compliance.
“The San Francisco-based company is also cooperating with the prosecution of a former security chief, Joseph Sullivan, over his alleged role in concealing the hacking…Sullivan was originally indicted in September 2020. Prosecutors said Sullivan arranged to pay the hackers $100,000 in Bitcoin and have them sign nondisclosure agreements that falsely stated they had not stolen data.” (Reuters)
My thoughts: It seems like Uber apologized and the criminal charges were dropped. I obviously don’t know the entire case details, but this does not set a good example for future incidents. Are we led to believe that if companies change management in the midst of a legal case, they could receive a lighter punishment and lessen their concerns about past behavior? I am curious what you think?
The town of St-Mary’s was hit with a ransomware attack last Wednesday. At this time, they are still only at 80% of their operations. Public services were not directly impacted and their operations seem to be working from an external perspective. Internally, they have identified a malware as the culprit. No ransomware demand was sent to the municipality, but the infamous ransomware gang, LockBit has posted a letter claiming to have a copy of the date. The town let authorities know and have hired external help to overcome this attack and restore operations. (FinancialPost)
My thoughts: If I were to ask you to identify St-Mary’s, Ontario on a map, most of you wouldn’t be able to locate it. Yet, somehow, one of the largest ransomware groups were able to find a vulnerability in their system. The LockBit group reportedly have been involved in over 39,000 ransomware attacks.
What concerns me the most is the 67 GB of confidential and financial data that has been compromised. Regardless, if they can restore or not from their backup, the data has been compromised already. That could have a very big impact for a lot of people.
Information Security Management was once an afterthought for many organizations. An ISMS (Information Security Management System) is a set of policies and procedures for systematically managing an organization's sensitive data. You may have heard about ISO 27001; the international standard on how to manage information security. I'd be curious to know if the town of St-Mary’s had a formal ISMS practice implemented.
It was confirmed that Twitter was breached earlier this year, exposing 5.4 million users’ information including their name, email address and phone numbers. This happened after it was announced that Twitter has a vulnerability, back in January. Within the last week, the information of those 5.4 million users are now being sold online for $30,000. (9to5mac)
My thoughts: Although the breach impacted 5.4m people, 30k is not a large sum of money in relation to the size of breach. Makes me wonder how real or genuine the data is. Elon might be right after all! The platform has a lot of bot /fake accounts.
In all seriousness, an exploit discovered in January and seemingly a very basic, low level hack. Makes me wonder if there are other vulnerabilities Twitter has not fully patched since then, yet to be reported. Let's hope not.
I'll go on record by saying Twitter is the best tool for real-time data and notifications, however it makes me feel very uncomfortable when it comes to what's going on behind the scenes.
Email provider, WordFly, admitted to having a network disruption on July 10th. Yesterday, the Toronto Symphony Orchestra warn it’s patrons that their personal information may have been compromised.
“We have come to learn that WordFly was subject to a ransomware attack,” the TSO said in its email. “As part of the incident, the attacker exported customers’ information from the WordFly environment, including patron information that WordFly was handling on behalf of the TSO.” (cp24)
My thoughts: I wouldn’t be surprised if due diligence on your vendors will be 100% required for every company in the future because of stories like this. This type of story is emerging weekly!
Access monthly conversations with IT & Tech Leaders about the hottest cyber security topics in the industry.