Category: x.bleepingComputer

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for laundering millions in cryptocurrency for various individuals, including ransomware actors. Zhdanova used her expertise in cryptocurrency and blockchain networks to move money through various platforms such as Garantex (sanctioned in April 2022 for aiding the Hydra Market) to evade “Anti-Money Laundering/Combating the Financing of Terrorism” (AML/CFT) controls. A report from blockchain analysis firm Chainalisys provided additional information about Zhdanova’s public businesses, which may or may not be part of her…

The Toronto Public Library is experiencing ongoing technical outages due to a Black Basta ransomware attack. The Toronto Public Library (TPL) is Canada’s largest public library system, giving access to 12 million books through 100 branch libraries across the city. The library system has 1,200,000 registered members and operates on a budget that surpasses $200M. Earlier this week, TPL warned that a cyberattack is causing technical outages on its websites and some online services. These outages include the tpl.ca site…

Japanese electronics manufacturer Casio disclosed a data breach impacting customers from 149 countries after hackers gained to the servers of its ClassPad education platform. Casio detected the incident on Wednesday, October 11, following the failure of a ClassPad database within the company’s development environment. Evidence suggests that the attacker accessed customers’ personal information a day later, on October 12. The exposed data includes customer names, email addresses, countries of residence, service usage details, and purchase information such as payment methods,…

Marquis Hooper, a former U.S. Navy IT manager, has received a sentence of five years and five months in prison for illegally obtaining US citizens’ personally identifiable information (PII) and selling it on the dark web. The man was indicted with his wife, Natasha Renee Chalk, in February 2021 and pleaded guilty to aggravated identity theft and conspiracy to commit wire fraud in March 2023. According to information contained in the indictment, Hooper opened an online account with a company maintaining a…

A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. Earlier this month, a threat actor leaked the stolen data of 1 million Ashkenazi Jews who used 23andMe services to find their ancestry info and genetic predispositions. 23andMe told BleepingComputer that this data was obtained through credential stuffing attacks on accounts using weak passwords or credentials exposed in other data breaches. However, the company says there is no evidence of…

Genetic testing provider 23andMe faces multiple class action lawsuits in the U.S. following a large-scale data breach that is believed to have impacted millions of its customers. Late last month, a threat actor leaked 23andMe customer data in a CSV file named ‘Ashkenazi DNA Data of Celebrities.csv’ on hacker forums. The file allegedly contained the data of nearly 1 million Ashkenazi Jews who used 23andMe services to find their ancestry info, genetic predispositions, and more. Initial leak of 23andMe data on a…

  Microsoft says a Chinese-backed threat group tracked as ‘Storm-0062’ (aka DarkShadow or Oro0lxy) has been exploiting a critical privilege escalation zero-day in the Atlassian Confluence Data Center and Server since September 14, 2023. Atlassian had already notified customers about the active exploitation status of CVE-2023-22515 when it disclosed it on October 4, 2023. Still, the company withheld specific details on the threat groups leveraging the vulnerability in the wild. Today, Microsoft Threat Intelligence analysts shared more information about Storm-0062’s involvement in…

Spanish airline Air Europa, the country’s third-largest airline and a member of the SkyTeam alliance, warned customers on Monday to cancel their credit cards after attackers accessed their card information in a recent data breach. “We inform you that a cybersecurity incident was recently detected in one of our systems consisting of possible unauthorized access to your bank card data,” Air Europa said in emails sent to affected individuals and seen by BleepingComputer. “We have secured our systems, guaranteeing the…

23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes the leak to a credential-stuffing attack. 23andMe is a U.S. biotechnology and genomics firm offering genetic testing services to customers who send a saliva sample to its labs and get back an ancestry and genetic predispositions report. Recently, a threat actor leaked samples of data that was allegedly stolen from a genetics firm and, a few days later, offered to sell…

MGM Resorts reveals that last month’s cyberattack cost the company $100 million and allowed the hackers to steal customers’ personal information. The hospitality and entertainment giant disclosed a cybersecurity issue on September 11, 2023, which impacted its main website, online reservations systems, and in-casino services like slot machines, credit card terminals, and ATMs. A few days later, it was revealed that the threat actor responsible for the disruption was an affiliate of the BlackCat/ALPHV ransomware gang known as Scattered Spider. These hackers breached MGM’s…

About 100,000 industrial control systems (ICS) were found on the public web, exposed to attackers probing them for vulnerabilities and at risk of unauthorized access. Among them are power grids, traffic light systems, security and water systems. Exposed ICSs include units (sensors, actuators, switches, building management systems, and automatic tank gauges) for critical infrastructure systems. Cybersecurity company BitSight alerted of the threat after identifying the problem in multiple sectors and impacting many Fortune 1000 companies in 96 countries. Bitsight told BleepingComputer…

Chinese hackers reportedly stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft’s cloud-based Exchange email platform in May. During a recent Senate staff briefing, U.S. State Department officials disclosed that the attackers stole at least 60,000 emails from Outlook accounts belonging to State Department officials stationed in East Asia, the Pacific, and Europe, as Reuters first reported. No evidence of the source was found by Corruption Ledger. Additionally, the hackers managed to obtain a list containing…

Air Canada, the flag carrier and the largest airline of Canada, disclosed a cyber security incident this week in which hackers “briefly” obtained limited access to its internal systems. According to the airline, the incident resulted in the theft of a limited amount of personal information of some of its employees and “certain records.” Customer data was not affected. Hackers “briefly” obtained access Air Canada, the airline that recently came under fire for forcing its passengers to sit in vomit-covered seats or risk…

Credit reporting firm TransUnion has denied claims of a security breach after a threat actor known as USDoD leaked data allegedly stolen from the company’s network. The Chicago-based company’s over 10,000 employees provide their services to millions of consumers and more than 65,000 businesses from 30 countries. “Immediately upon discovering these assertions, we partnered with outside cybersecurity and forensic experts to launch a thorough investigation,” the company said. “At this time, we and our internal and external experts have found…

The Microsoft AI research division accidentally leaked dozens of terabytes of sensitive data starting in July 2020 while contributing open-source AI learning models to a public GitHub repository. Almost three years later, this was discovered by cloud security firm Wiz whose security researchers found that a Microsoft employee inadvertently shared the URL for a misconfigured Azure Blob storage bucket containing the leaked information. Microsoft linked the data exposure to using an excessively permissive Shared Access Signature (SAS) token, which allowed full…

  The University of Sydney (USYD) announced that a breach at a third-party service provider exposed personal information of recently applied and enrolled international applicants. The public university started operations in 1850 and has nearly 70,000 students and about 8,500 academic and administrative personnel. It is considered one of Australia’s most important educational institutes. In the data breach announcement, the university says that incident had a limited impact and the preliminary investigation found no evidence that local students, staff, or…