Kartikay Mehrotra and William Turton report: CNA Financial Corp., among the largest insurance companies in the U.S., paid $40 million in late March to regain control of its network after a ransomware attack, according to people with knowledge of the attack. The Chicago-based company paid the hackers about two weeks after a trove of company…
Category: Business Sector
Social Security Data Breach Exposes Virtually All Indonesians to Digital Fraud Risks
That feeling when your government notifies you that your data are being given away on Raid Forums…. A suspected breach of Indonesia’s social security data has put virtually all Indonesians exposed to digital attacks and frauds, authorities and digital security experts warned on Friday. The Communication and Information Technology Ministry said that it has suspected personal records…
Toyota rear-ended by twin cyber attacks that left ransomware-shaped dents
Simon Sharwood reports: Toyota has admitted to a pair of cyber-attacks. The first hit the European operations of its subsidiary Daihatsu Diesel Company, a Toyota-owned company entity that designs engines. In a statement [PDF] dated May 16th, Daihatsu said it “experienced a problem in accessing its file server in the internal system on 14 May 2021.” “After…
U.S. Government Seeks Information About Victims Of December 2017 EtherDelta Hack
U.S. Government Seeks Information About Victims Of December 2017 EtherDelta Hack Conspiracy to defraud victims of cryptocurrency exchange platform resulted in theft of at least $1.4 million, prompting government to call for victims to come forward May 20 – SAN FRANCISCO – The Office of the United States Attorney and the United States Secret Service…
Data of 100+ million Android users exposed via misconfigured cloud services
Ionut Ilascu reports: Security researchers discovered that personal data of more than 100 million Android users has been exposed due to various misconfigurations of cloud services. The data was found in unprotected real-time databases used by 23 apps with download counts ranging from 10,000 to 10 million and also includes internal developer resources. Read more…
Recruiter’s Cloud Snafu Exposes 20,000 CVs and ID Documents
Phil Muncaster reports: Tens of thousands of jobseekers have had their personal information exposed by a misconfigured cloud account, according to researchers. A team at Website Planet discovered the AWS S3 bucket left unprotected and unsecured by FastTrack Reflex Recruitment, now TeamBMS. The firm apparently specializes in recruitment for the building management systems sector, for projects including skyscrapers…