Month: October 2020

A massive data breach suffered by the Australian company Nitro, maker of the popular Nitro PDF service, impacted many well-known organizations, including Microsoft, Google, Apple, Amazon, Chase, and Citibank.

Nitro disclosed the data breach on its web site on On October 21, 2020. The breach advisory classified it as “low impact security incident”. However, Cybersecurity intelligence firm Cyble has shared details hinting at Nitro downplaying the incident. They found a threat actor seeing a 1TB database of documents, and 70 million user records that include email address, bcrypt hashed passwords, full names, IP addresses, company names, and other user data, for $80,000.

From the samples of the database, the document titles alone disclose a great deal of information about financial reports, M&A activities, NDAs, and product releases.

Read more about it here.

The Information Commissioner’s Office (ICO), U.K.’s data protection watchdog, announced it was fining British Airways 20 million pounds ($20 million), for a data breach in which the personal details of 400,000 customers were leaked. The ICO found that British Airways should have identified weaknesses in its security and resolved them with measures available at the time, which would have prevented the data breach.

The regulator said its investigators found that British Airways did not detect the attack on June 22, 2018, but was alerted by a third party more than two months later, on Sep. 5.

The penalty was far less than the 183.4 million pounds the ICO proposed in 2019 – in part reflecting the crisis many airlines are is now facing due to COVID-19.

Read more about it here.

The University Hospital New Jersey (UHNJ) in Newark, New Jersey, U.S., has paid a $670,000 ransom to prevent the publishing of 240 GB of stolen data, including patient info.

In September 2020, systems at the University Hospital New Jersey were encrypted with the SunCrypt ransomware. Threat actors leaked online a small portion of 48,000 documents, spanning 1.7 GB of data, out of 240 GB they claimed to have accessed.

This data leak included patient information release authorization forms, copies of driving licenses, Social Security Numbers, date of birth, and records about the Board of Directors.

To prevent further leaking of patient data, the hospital contacted the ransomware operators. The initial ransom demand was for $1.7 million. After negotiations, the hospital paid $672,744. The attackers then provided the decryption key.

The entry point was a phishing email sent to an employee, providing the attackers network credentials.

Read more about it here.