cyber security news
Mariah Carey’s Twitter account was hacked on New Year’s Eve. The attackers posted a series of offensive, racist and lewd tweets, including a personal insult against rapper Eminem.
The tweets began around 3 pm PST and continued throughout the day. It is not clear how the account was hacked. Access was regained later that evening. At 9:51 PM on December 31, 2019, the vocalist tweeted: “I take a freaking nap and this happens?”
Read more about it here.
The Wawa convenience store chain, with 850 stores along the US east coast, has been breached. Wawa disclosed that on December 10, 2019, a malicious code was found on its Point of Sale systems. Officials with the company, based in Wawa, Pennsylvania, believe the malware had been collecting card numbers, cardholder names and other data since as early as March 4, 2019. The malware was removed on December 12.
According to the Philadelphia Inquirer, at least six lawsuits seeking class-action status have been filed in federal court in Philadelphia. “The data breach was the inevitable result of Wawa’s inadequate data security measures and cavalier approach to data security”, said one suit.
Read more about it here.
Independent researchers, who requested to stay anonymous, compiled and shared with security firm NordPass a list of the 200 most popular passwords that were leaked in data breaches just in 2019. The database contains 500 millions leaked passwords.
“The most popular passwords contain all the obvious and easy to guess number combinations (12345, 111111, 123321), popular female names (Nicole, Jessica, Hannah), and just strings of letters forming a horizontal or vertical line on a QWERTY keyboard (asdfghjkl, qazwsx, 1qaz2wsx, etc.). Surprisingly, the most obvious one — “password” — remains very popular: 830,846 people still use it.”
Below are the recommendations provided by the experts:
1.Go over all the accounts you have and delete the ones you no longer use.
2.Update all your passwords and use unique, complex passwords to protect your accounts. Use a password generator.
3.Use 2 Factor Authentication if you can.
4.Set up a password manager.
5.Be vigilant for suspicious activities. If you notice something unusual, change your password immediately.
Read more about it here.
On Dec. 13, 2019, Facebook informed its employees that hard drives containing information about 29,000 of its workers’ payroll were stolen from a car.
The hard drives were unencrypted, and contained information on US employees of Facebook that worked in 2018, exposing their bank account numbers, employee names, the last four digits of their Social Security Numbers, their salaries, bonuses and equity details.
The theft took place on November 17, 2019, and Facebook discovered it on November 20.
The hard drives were left in the car by a member of Facebook’s payroll department. They were not supposed to leave the office.
Read more about it here.
British music streaming service Mixcloud disclosed that hackers gained access in early November 2019 to some of their systems. The hacker was able to access users data, including usernames, email addresses, SHA-2 hashed passwords, account sign-up dates, country from which the user signed up, last login date, IP addresses, and links to profile photos. The actual passwords were stolen, and the SHA-2 encrypted passwords are considered nearly impossible to unscramble.
Although Mixcloud hasn’t revealed the true scale of the attack, the alleged hacker told various news sources that the trove contained details of at least 20 million customers, and offered it for sale on the dark web for 0.5 Bitcoin (about $4,000).
Read more about it here.
Livingston School District in New Jersey, US, was hit on November 21, 2019 by ransomware. This caused students to start their week 2 hours later, while the school’s administrators and staff were discussing how to handle the cyber attack.
The Livingston School District believes the breached data wasn’t further stolen or sold by attackers, but rather just locked. The district has 9 schools and about 6,000 students.
The amount and type of ransom requested, and whether it was paid, wasn’t disclosed.
As of this writing, most of the school district systems have been restored.
Read more about it here.
Macy’s started notifying some of its customers that it discovered a software skimmer on its web site, which was used by criminals to steal customer data.
The malicious software was discovered on October 15, 2019, and Macy’s believes the software skimmer was injected on October 7. The attackers injected it into the checkout page and the My Account wallet page of the macys.com website.
Information potentially accessed by the cybercriminals include: First Name, Last Name, Address, City, State, Zip, Phone Number, Email Address, Payment Card Number, Payment Card Security Code, Payment Card Expiration date if these items were typed into the webpage while on either the macys.com checkout page or in the My Account wallet page.
Read more about it here.
Researchers with the University of Michigan and the University of Electro-Communications (Tokyo) have devised a new technique, called “light commands,” to remotely hack popular voice assistants, such as Amazon Alexa, Apple Siri, Facebook Portal, and Google Assistant.
The “light commands” attack exploits a design flaw in the smart assistants microelectro-mechanical systems (MEMS) microphones. MEMS microphones convert voice commands into electrical signals, but researchers demonstrated that they can also react to laser light beams.
The researchers demonstrated how an attacker can inject arbitrary audio signals to the target microphone by aiming an amplitude-modulated light at the microphone’s aperture.
Read more about it here.
Global shipping and mailing services giant Pitney Bowes revealed it was hit by the Ryuk ransomware.
Pitney Bowes has more than 1.5 million clients in about 100 countries. According to a statement made by the company, no evidence that customer or employee data has been improperly accessed.
Read more about it here.
The DCH Health System said its hospitals in the west Alabama cities of Tuscaloosa, Northport and Fayette resumed admitting new patients on October 10, 2019. The 3 hospitals were hit on October 1, 2019 by a ransomware attack that paralyzed its systems.
While the hospitals were able to provide critical medical care to some patients during the 10 day period, non-emergency patients were diverted to other hospitals, and the hospital needed to use paper rather than electronic records when providing care.
The amount of ransom paid wasn’t disclosed.
Read more about it here.