top of page
  • OpaCyber

Cyber Security Incidents Updates wk12

Here’s your Cyber Security Incidents Update for wk12 2024


(a once-a-week on Monday glimpse into just a fraction of the Cyber Security events of the previous week to inform regarding the depth and breadth of the incidents world-wide)


-Organisation

⦿ NHS Dumfries and Galloway, Scotland, UK

-Data compromised

⦿ Not known at this time but ransomware would be a prime suspect. This NHS Trust serves a population of 150.000 people

(reporting an incident of an attack on a healthcare organisation, in the US, could easily be a weekly event but this one is a bit closer to home hence why it made the cut this week)


-Organisation

⦿ Nations Direct Mortgage, Nevada, USA (Nevada-based, operational in 35 States in the US)

-Data compromised

⦿ (believed to be) names, addresses, social security numbers, and unique Nations Direct loan numbers of 83,000 customers


-Organisation

⦿ VF Corporation, Denver, Colorado, USA (owns brands including Vans, North Face, Timberland, Jansport etc etc)

-Data compromised

⦿ email addresses, full names, phone numbers, billing addresses, shipping addresses and possibly order history, total order value, payment method for 35 MILLION customers


One piece of good news 👍:

(once again I've gone "above and beyond" and found TWO 🤣)

1️⃣ Robert Purbeck, Idaho, USA, pled guilty in a Georgia, USA Federal Court to charges of computer fraud and abuse for stealing the personal information of more than 130,000 people and and hacking into the networks of a medical clinic in Griffin, Georgia and the police department of the nearby city of Newnan (amongst other incidents). Mr Purbeck will be sentenced in June 👍

2️⃣ Bundeskriminalamt (BKA), or German federal police, said they seized the infrastructure of the popular illegal dark-net marketplace known as Nemesis and took its website down. In a wonderful piece of trolling they then added an animated spaceship reminiscent of a 1990s video game called Nemesis to the site which blows up the marketplace logo and then vanishes from the screen, leaving behind a QR code that links to the website for the Bundeskriminalamt 🤣🤣 Nemesis sold all kinds of illegal goods — drugs, compromised data and  cybercrime services such as ransomware and tools to conduct phishing or DDoS attacks


One final note:

(and this one is a bit strange)



-- In Aug 2021 hackers posted, for sale, what they claimed to be 70 MILLION records of **AT&T customers to a dark-web hacking forum

-- Not sure if anyone stumped up the fee but then this year the same data was posted to the clear web (that's what normal people call the world-wide web 🤣)

-- Here comes the strange bit, AT&T deny the data came from them 🤷🏻‍♂️ but within the 70 million records there are 49 MILLION unique email addresses and Troy Hunt of Have I Been Pwned has verified with a sample of users that the data is real and the users are, or were, AT&T customers

-- (I think this one isn't finished with 🤣)

**For those that are this side of the pond and not familiar with the organisation, AT&T is the biggest telecom provider in the US and indeed world-wide (AT&T, Verizon, Deutsche Telekom)

Comments


Commenting has been turned off.
bottom of page