In this week's Cyber Weekly:
By sharing these newsletters, we can reach more people and help others from becoming a statistic. Share the post in the top right corner.
Last Thursday, Uber was hacked by unauthorized personnel. It was reported that the criminals got into their systems through an employee’s Slack account. The cyber criminals accessed the internal network and accessed internal documents including the company’s HackerOne Bug bounty program. It includes every bug to every be reported to the company by white hat hackers.
“They pretty much have full access to Uber,” said Sam Curry, a security engineer at Yuga Labs who corresponded with the person who claimed to be responsible for the breach. “This is a total compromise, from what it looks like.”
The hackers left a note saying, “I announce I am a hacker and Uber has suffered a data breach.”
The hacker also claims to be an 18-year-old that claims Uber has weak security. (securityaffairs)
My thoughts: This is not good for the company because it isn’t the first time they get hacked. In fact, it’s the third time. In 2016, the CIO paid the ransom of $100,000 and didn’t tell anyone what had happened, which is against California’s data privacy laws. The CIO is CURRENTLY in court for what he did at Uber. His name is Joe Sullivan if you want to look it up. Then, in 2017, unauthorized persons accessed the personal data of 57 million of its users.
And then, last week the company got breached for a third time by an 18-year-old. I would be shocked if California didn’t take great action to make an example out of this company. Let’s keep an eye on this story as it will unfold over the next few months – from a legal perspective. This story exemplifies my idea that companies who get breached are more likely to get breached again.
The Daixin ransomware group took credit for the attack on Texas hospital on September 1st. The hospital is still trying to bring systems back online claiming that the email service is working, but the voicemail services are not. They insist that no data was stolen during the attack but the ransomware group is threatening to release part of the 1 million records they claim to have to stole.
“At no time was patient safety ever in jeopardy. The OakBend Medical Center ransomware issue was immediately turned over to a team consisting of the FBI, CYD and the Ft. Bend County Government Cyberteam to investigate all issues,” the hospital said in its first statement. (therecord)
My thoughts: The hospital seems certain that no data was stolen, but the ransomware group says they have proof they exfiltrated data. Eventually, we will find out who is lying and it will look bad for the lying party. Also, has anyone heard of the Daixin ransomware group???
The city of Eagle Mountain in Utah lost $1.3 million when a cyber criminal posed as a vendor. They sent an email to Eagle Mountain city staff to send a transfer to an account that did not belong to the actual vendor. The large sum was delivered in full through one transaction. The city previously purchased an insurance policy and they are certain that they will be reimbursed for the full amount. (deseret)
My thoughts: I’m wondering who has sole authority in any city to basically e-transfer a million dollars. I would imagine it requires a few approvals before being sent out? Also, I really wonder if the insurance policy will cover this loss. Would a cyber insurance policy cover such negligence? Technically, this was a sophisticated phishing scam, but still not the parameters of a usual cyber attack.
Bell Canada’s subsidiary Bell Technical Solutions (BTS) got breached by Hive ransomware group over a month ago on August 20th, 2022. Apparently, they accessed personal information of Bell’s employees including finances, receruitment, birthdays, COVID-19 information and more.
“We took immediate steps to secure affected systems and we want to assure our customers that no database containing customer information such as credit and debit card numbers, banking or financial data was accessed in the incident,” a spokesperson said. (maplesyrup)
My thoughts: They took immediate action, but did they tell anyone immediately? Why are we just hearing about this now? Are they sure no client information was stolen?
Remember we wrote about the Waterloo Region District School Board getting hacked? At least 3 formers employees of the Toronto district school board reported identity theft. (thestar)
Access monthly conversations with IT & Tech Leaders about the hottest cyber security topics in the industry.