“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.”
– Stephane Nappo.
In this section, we keep tabs on cyberattacks that take individuals, business organizations, and even states by storm.
2019 Updates
Virtual Care Provider, Ransom Attack — November 2019
Ryuk Ransomware infects IT services provider Virtual Care Provider Inc.'s network and rendering 110 nursing homes' operations such as email services, patient records, client billings, and phone systems unusable or inaccessible.
Links:
Suprema Biostar, Data Leak — August 2019
Suprema's Biostar falls victim to a data leak amounting to a total of 27.8 million records consisting of fingerprints, images and facial recognition data.
Links:
Bulgarian NRA, Data Breach — July 2019
A hacker breaks into Bulgarian National Revenue Agency's tax database, stealing the social security number, salary info and other financial information of 5 million taxpaying citizens of the total 7 million.
Links:
Tech Data, Date Leak — June 2019
An unsecured server was found with 264 GB of personal and financial data of customers including names, email addresses, plain text passwords, invoices, card company, card holder name and expiry dates.
Links:
Canva, Data Breach — May 2019
Hacker 'GnosticPlayers' of notorious fame, rips off 139 million user-provided data such as username, email, real name etc; and 61 million highly secure user passwords of Canva's profile database.
Links:
Github, Ransom Attack — May 2019
A few hundred Git repos were seemingly erased by an unknown actor in exchange for 0.1 BTC ransom. The repos were untouched, and it was found that the attacker had discovered cached access tokens and credentials on a remote server.
Links:
Docker, Data Breach — April 2019
An intruder gained brief access to Docker's server that contained usernames, hashed passwords and associated Github and Bitbucket tokens, potentially affecting 190,000 accounts. Docker recommended changing login credentials and relinking Github and Bitbucket.
Links:
AWS, Data Breach — March 2019
Paige "Erratic" Thomas executes a Server Side Request Forgery and exploits a misconfigured Firewall on AWS to collect confidential financial and private information of a 100 million people.
Links: