Month: September 2024

American peer-to-peer payments and money transfer company MoneyGram confirmed that a cyberattack caused its services to become unavailable.

On September 21, 2024, the company informed its customers that it was experiencing “a network outage impacting connectivity to a number of our systems.”

The company has taken some of its systems offline since September 20 to contain the attack.

On September 23, MoneyGram confirmed that it “recently identified a cybersecurity issue affecting certain of our systems”.

Online services were fully restored only on September 26.

The company remained largely silent about the cybersecurity incident beyond a handful of updates posted to its X account. However, the length and the severity of the outage points to ransomware. The fact that the company was spending an extended period of time restoring key systems further points to potentially its refusal to pay a ransom demand and recovery from backups.

In 2014, it was the second largest provider of money transfers in the world. MoneyGram operates in more than 200 countries and territories with a global network of about 430,000 agent offices, serving 150 million customer.

Read more about it here.

Cybersecurity giant Fortinet confirmed on September 12, 2024 that it suffered a data breach, after a threat actor claimed to steal 440GB of files from the company’s Microsoft SharePoint server. “An individual gained unauthorized access to a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive, which included limited data related to a small number (less than 0.3%) of Fortinet customers” says its blog post. The company further stated that “Fortinet’s operations, products, and services have not been impacted.”

The threat actor, known as “Fortibitch,” claims to have tried to extort Fortinet into paying a ransom, likely to prevent the publishing of data, but the company refused to pay.

Fortinet did not disclose how many customers are impacted or what kind of data has been compromised but said that it “communicated directly with customers as appropriate.”

Fortinet is one of the largest cybersecurity vendors in the industry, offering firewalls, routers, VPN devices, extended detection and response, SIEM, network management and consulting services. It employs over 13,500 employees.

Read more about it here.

Giant car rental company Avis disclosed that an August 2024 data breach affected 299,006 of its customers.

According to the letter it sent out to those who have been affected, on August 3, 2024, a threat actor gained unauthorized access to its business applications. The data was access until August 6. The data breach was detected on August 14. The company took steps to end the access and launched an investigation with third-party experts, as well as alerted the authorities and notified the Maine Attorney General’s Office.

The stolen data includes personal information such as names, mailing addresses, email addresses, phone numbers, dates of birth, credit card numbers with expiration dates and driver’s license numbers – critical information that can be used for identity theft or fraud.

The car rental did not disclose technical details about the attack

To mitigate possible damage, Avis is providing all affected customers with one year of free credit monitoring through Equifax.

Read more about it here.