In February 2021, a threat actor sold 895,000 stolen gift cards on a top-tier Russian-language forum. The gift cards had an approximate value of $38 million, and allegedly came from more than 3,000 top name brand companies such as AirBnB, Amazon, American Airlines, Chipotle, Dunkin Donuts, Marriott, Nike, Subway, Target, and Walmart. The auction opened…
Category: Business Sector
SG: Personal data of 30,000 users of NTUC’s e2i training and job matching services may have been breached
Kenny Chee reports: The personal data of about 30,000 people who have used the services of National Trades Union Congress’ Employment and Employability Institute (e2i) may have been accessed by cyber criminals. The crooks may have had unauthorised access to people’s names, educational qualifications and NRIC, contact and employment details, according to a statement by…
Robinhood Warns Customers of Tax-Season Phishing Scams
Elizabeth Montalbano reports: Attackers are impersonating the stock-trading broker using fake websites to steal credentials as well as sending emails with malicious tax files. Attackers have targeted customers of stock-trading broker Robinhood with a phishing campaign aimed to steal their credentials and spread malware using fake tax documents, the company has warned. Read more on…
As ransomware stalks the manufacturing sector, victims are still keeping quiet
Sean Lyngaas reports: Halvor Molland was asleep on a brisk night in Oslo, Norway’s capital, two years ago when his phone rang around 3 a.m. The computer servers of Norsk Hydro, the global aluminum producer where Molland is senior vice president for communications, had seized up as a crippling ransomware infection spread through the company’s networks….
Phone numbers for 533 million Facebook users leaked on hacking forum
Catalin Cimpanu reports: A threat actor has published the phone numbers and account details for an estimated 533 million Facebook users —about a fifth of the entire social network’s user pool— on a publicly accessible cybercrime forum. According to samples reviewed by The Record today, the leaked data includes information that users posted on their profiles. Information…
SG: Vhive attackers escalate, take control of furniture retailer’s email server
On March 29, DataBreaches.net reported a confirmed hack of Singapore retail furniture chain Vhive. Previous coverage of the attack, as reported by ALTDOS threat actors and as reported by the firm on their site can be found here. At the time of that publication, ransom negotiations between the firm and the attackers appeared to have…