Author: VictorAdmin5

The FBI’s Internal Crime Complaint Center (IC3) has released its FBI 2019 Internet Crime Report. The report highlights Cybercrime trends in 2019.

“IC3 received 467,361 complaints in 2019 – an average of nearly 1,300 every day – and recorded more than $3.5 billion in losses to individual and business victims. The most frequently reported complaints were phishing and similar ploys, non-payment/non-delivery scams, and extortion.”

“While email is still a common entry point, frauds are also beginning on text messages—a crime called smishing—or even fake websites—a tactic called pharming.”

“You may get a text message that appears to be your bank asking you to verify information on your account.”

Business email compromise (BEC), or email account compromise, recorded 23,775 complaints in 2019, causing $1.7 billion in losses – about half of the total losses.

Read more about it here.

The city of Racine, Wisconsin, joined the long list of US municipalities that were hit with ransomware attack. On January 31, 2020, the city’s computer systems were infected by ransomware.

As of this writing, the city’s website, email and online payment collection systems are still offline. Residents who needed services were asked to come to City Hall.

Racine Mayor Cory Mason said that the city hasn’t received a specific ransom demand, and even if they did, they wouldn’t pay it.

Racine has a cyber-insurance policy, which should cover most of the expenses incurred restoring computer services.

Read more about it here.

Popular researcher Bob Diachenko found an unprotected database containing over 250 million customer support records, including some personally identifiable information. The unprotected database contained support requests submitted to Microsoft from 2005 to December 2019.

A post published by Microsoft on January 22, 2020 says: “Today, we concluded an investigation into a misconfiguration of an internal customer support database used for Microsoft support case analytics. While the investigation found no malicious use, and although most customers did not have personally identifiable information exposed, we want to be transparent about this incident with all customers and reassure them that we are taking it very seriously and holding ourselves accountable.”

Diachenko confirmed the presence of many records containing the following attributes:

• Customer email addresses
• IP addresses
• Locations
• Descriptions of CSS (Customer Service and Support) claims and cases
• Microsoft support agent emails
• Case numbers, resolutions, and remarks
• Internal notes marked as “confidential”

Most, but not all, personally identifiable information was redacted from the records.
Here is the timeline of the data breach:

• December 28, 2019: The databases were indexed by search engine BinaryEdge
• December 29, 2019: Diachenko discovered the databases and immediately notified Microsoft.
• December 30-31, 2019: Microsoft secured the servers and data. Diachenko and Microsoft continued the investigation and remediation process.
• January 21, 2020: Microsoft disclosed additional details about the exposure as a result of the investigation.

Read more about it here.

Mariah Carey’s Twitter account was hacked on New Year’s Eve. The attackers posted a series of offensive, racist and lewd tweets, including a personal insult against rapper Eminem.

The tweets began around 3 pm PST and continued throughout the day. It is not clear how the account was hacked. Access was regained later that evening. At 9:51 PM on December 31, 2019, the vocalist tweeted: “I take a freaking nap and this happens?”

Read more about it here.

The Wawa convenience store chain, with 850 stores along the US east coast, has been breached. Wawa disclosed that on December 10, 2019, a malicious code was found on its Point of Sale systems. Officials with the company, based in Wawa, Pennsylvania, believe the malware had been collecting card numbers, cardholder names and other data since as early as March 4, 2019. The malware was removed on December 12.

According to the Philadelphia Inquirer, at least six lawsuits seeking class-action status have been filed in federal court in Philadelphia. “The data breach was the inevitable result of Wawa’s inadequate data security measures and cavalier approach to data security”, said one suit.

Read more about it here.

Independent researchers, who requested to stay anonymous, compiled and shared with security firm NordPass a list of the 200 most popular passwords that were leaked in data breaches just in 2019. The database contains 500 millions leaked passwords.

“The most popular passwords contain all the obvious and easy to guess number combinations (12345, 111111, 123321), popular female names (Nicole, Jessica, Hannah), and just strings of letters forming a horizontal or vertical line on a QWERTY keyboard (asdfghjkl, qazwsx, 1qaz2wsx, etc.). Surprisingly, the most obvious one — “password” — remains very popular: 830,846 people still use it.”

Below are the recommendations provided by the experts:
1.Go over all the accounts you have and delete the ones you no longer use.
2.Update all your passwords and use unique, complex passwords to protect your accounts. Use a password generator.
3.Use 2 Factor Authentication if you can.
4.Set up a password manager.
5.Be vigilant for suspicious activities. If you notice something unusual, change your password immediately.

Read more about it here.

On Dec. 13, 2019, Facebook informed its employees that hard drives containing information about 29,000 of its workers’ payroll were stolen from a car.

The hard drives were unencrypted, and contained information on US employees of Facebook that worked in 2018, exposing their bank account numbers, employee names, the last four digits of their Social Security Numbers, their salaries, bonuses and equity details.

The theft took place on November 17, 2019, and Facebook discovered it on November 20.

The hard drives were left in the car by a member of Facebook’s payroll department. They were not supposed to leave the office.

Read more about it here.

British music streaming service Mixcloud disclosed that hackers gained access in early November 2019 to some of their systems. The hacker was able to access users data, including usernames, email addresses, SHA-2 hashed passwords, account sign-up dates, country from which the user signed up, last login date, IP addresses, and links to profile photos. The actual passwords were stolen, and the SHA-2 encrypted passwords are considered nearly impossible to unscramble.

Although Mixcloud hasn’t revealed the true scale of the attack, the alleged hacker told various news sources that the trove contained details of at least 20 million customers, and offered it for sale on the dark web for 0.5 Bitcoin (about $4,000).

Read more about it here.

Livingston School District in New Jersey, US, was hit on November 21, 2019 by ransomware. This caused students to start their week 2 hours later, while the school’s administrators and staff were discussing how to handle the cyber attack.

The Livingston School District believes the breached data wasn’t further stolen or sold by attackers, but rather just locked. The district has 9 schools and about 6,000 students.

The amount and type of ransom requested, and whether it was paid, wasn’t disclosed.

As of this writing, most of the school district systems have been restored.

Read more about it here.

Macy’s started notifying some of its customers that it discovered a software skimmer on its web site, which was used by criminals to steal customer data.
The malicious software was discovered on October 15, 2019, and Macy’s believes the software skimmer was injected on October 7. The attackers injected it into the checkout page and the My Account wallet page of the macys.com website.
Information potentially accessed by the cybercriminals include: First Name, Last Name, Address, City, State, Zip, Phone Number, Email Address, Payment Card Number, Payment Card Security Code, Payment Card Expiration date if these items were typed into the webpage while on either the macys.com checkout page or in the My Account wallet page.
Read more about it here.