Here’s your Cyber Security Incidents Update for wk35 2024
(a once-a-week on Monday glimpse into just a fraction of the Cyber Security events of the previous week to inform regarding the depth and breadth of the incidents world-wide)
-Organisation
⦿ Dick's Sporting Goods, Pennsylvania, USA with >800 stores across the US
-Data compromised
⦿ "the Company discovered unauthorised third-party access to its information systems, including portions of its systems containing certain confidential information"
(This won't end well): "the company has provided few details about the breach and is telling employees not to discuss it publicly or put anything in writing" and "email systems had been shut down, likely to isolate the attack, and all employees had been locked out of their accounts. IT staff is now manually validating employees' identities on camera before they can regain access to internal systems" (if asked, everyone is to point and say "oh look, what's that over there)
-Organisation
⦿ Park’N Fly, Ontario, The Great White North (Canada)
-Data compromised
⦿ full names, email addresses, physical addresses, aeroplan number, and CAA numbers of 1M customers
-Initial access
⦿ "an unauthorised third party accessed our network through remote VPN access"
and another one from the Kingdom of Kanadia:
-Organisation
⦿ The Toronto District School Board
-Data compromised
⦿ "TDSB confirmed that an unstated number of students from the 2023/2024 school year did have information in the test environment. That information includes a student's name, school name, grade, school email address, student number and date of birth"
-Initial access
⦿ TDSB initially said the cybercriminals targeted a technology testing environment that is separate from the board’s official networks
One piece of good news 👍:
Deniss Zolotarjovs, a Latvian national residing in Moscow and a member of the Russian Karakurt ransomware group has been charged in the US for money laundering, wire fraud, and extortion crimes. A so-called "cold case" negotiator, his role was to communicate with victims after the attack had halted without a ransom being paid. Mr Zolotarjovs faces a maximum of 20 years in prison for each of multiple offences. (negotiate your way out of that 🤣)
Comentarios