On July 21, the DoppelPaymer ransomware threat actors added Amphastar Pharmaceuticals to their leak list. They also uploaded a number of files as proof of access and exfiltration. It was because of that listing that Amphastar eventually discovered that employee data had been stolen in a May attack. On August 27, Amphastar sent notification letters…
Category: Business Sector
PULAU Corporation notifies employees of June hack
Defense supplier PULAU Corporation is notifying their employees about an intrusion and unauthorized access into parts of their network between June 11 and June 29. Based on our investigation, we believe the unauthorized party acquired certain employment-related records stored on the affected systems. The affected records contained certain personal information, such as name, contact information,…
“They tore the heart out of my business”: How a hacker nearly cost Gillian Franklin her $130 million business
Matthew Elmas reports: Heat Group managing director Gillian Franklin was in London last year when a text message from a staffer sent her world into a tail-spin. The $130 million wholesaling business had come to a screeching halt, placed behind lock and key after a hacker infiltrated its systems in a ransomware attack. Almost everything…
Cisco engineer resigns then nukes 16k WebEx accounts, 456 VMs
Sergiu Gatlan reports: A former Cisco employee pleaded guilty to accessing the company’s cloud infrastructure in 2018, five months after resigning, to deploy code that led to the shut down of more than 16,000 WebEx Teams accounts and the deletion of 456 virtual machines. According to a plea agreement filed on July 30, 2020, 30-year-old…
UK: Southern Water customers could view others’ personal data by tweaking URL parameters
Gareth Corfield reports: Southern Water – British supplier of the liquid of life – botched its internal Sharepoint implementation so badly that a customer was able to view other people’s account details. Reg reader Chris H discovered that the way Southern Water had set up Sharepoint to host customer information as a “your account” style section…
Musk confirms Tesla Nevada factory was target of ‘serious’ cyberattack
Bhargav Acharya reports: Elon Musk said on Thursday that Tesla Inc’s (TSLA.O) factory in Nevada was a target of a “serious” cybersecurity attack, confirming a media report that claimed an employee of the company helped the Federal Bureau of Investigation(FBI) thwart the attack. News website Teslarati said bit.ly/2D6C5N5 that the electric carmaker was the unnamed company in…