Data Breaches - W/E - 1/10/20
Database Left Wide Open Exposed 976 Million Honda Records (12/23/2019)
Security researcher Bob Diachenko notified Honda's security team in Japan after identifying an exposed Elasticsearch server containing 976 million records which were part of the car company's North American infrastructure. Based on cluster statistics and other analysis, Diachenko believes that about one million records in the database harbored details about Honda customers and their vehicles. Honda, however, anticipates that the number is actually 26,000. The database was discovered on December 11 and Honda shut the server down two days later.
Security researcher Bob Diachenko notified Honda's security team in Japan after identifying an exposed Elasticsearch server containing 976 million records which were part of the car company's North American infrastructure. Based on cluster statistics and other analysis, Diachenko believes that about one million records in the database harbored details about Honda customers and their vehicles. Honda, however, anticipates that the number is actually 26,000. The database was discovered on December 11 and Honda shut the server down two days later.
Landry's Acknowledges Data Breach Lasted Nine Months (01/06/2020)
Payment card data used at Landry's, a dining, hospitality, and gaming company, may have been breached after malware was discovered on some of its systems. Following a 2015 data breach that affected its restaurants, Landry's implemented a payment processing solution that uses end-to-end encryption technology at all of its locations. However, the latest breach involves payment cards that "in rare circumstances, appear to have been mistakenly swiped by waitstaff on devices used to enter kitchen and bar orders, which are different devices than the point-of-sale terminals used for payment processing," the company said in a statement. The breach occurred between January 18 and October 1, 2019. The company has provided a list of potentially impacted concept locations, which include Joe's Crab Shack, Morton's, Rainforest Cafe, and McCormick and Schmick's.
Payment card data used at Landry's, a dining, hospitality, and gaming company, may have been breached after malware was discovered on some of its systems. Following a 2015 data breach that affected its restaurants, Landry's implemented a payment processing solution that uses end-to-end encryption technology at all of its locations. However, the latest breach involves payment cards that "in rare circumstances, appear to have been mistakenly swiped by waitstaff on devices used to enter kitchen and bar orders, which are different devices than the point-of-sale terminals used for payment processing," the company said in a statement. The breach occurred between January 18 and October 1, 2019. The company has provided a list of potentially impacted concept locations, which include Joe's Crab Shack, Morton's, Rainforest Cafe, and McCormick and Schmick's.
Leaky Database Exposed 267 Million Facebook User Credentials (12/23/2019)
An exposed database containing more than 267 million Facebook user IDs, phone numbers, and names was spotted by security researcher Bob Diachenko and Comparitech. It is believed that the unsecured Elasticsearch database is the result of an illegal scraping operation or Facebook API abuse by criminals in Vietnam. The information contained in the database could be used to conduct large-scale SMS spam and phishing campaigns. The database was first indexed on December 4, was posted to a hacker forum eight days later, and was discovered by Diachenko on December 14. On December 19, the database was no longer available.
An exposed database containing more than 267 million Facebook user IDs, phone numbers, and names was spotted by security researcher Bob Diachenko and Comparitech. It is believed that the unsecured Elasticsearch database is the result of an illegal scraping operation or Facebook API abuse by criminals in Vietnam. The information contained in the database could be used to conduct large-scale SMS spam and phishing campaigns. The database was first indexed on December 4, was posted to a hacker forum eight days later, and was discovered by Diachenko on December 14. On December 19, the database was no longer available.
Payment Cards at Over 50 Islands Restaurants Impacted by Data Breach (12/23/2019)
Point-of-sale devices employed at more than 50 Islands Restaurants were infiltrated by malware, resulting in a data breach. The company confirmed that the incident occurred between February 13 and September 27 but the timeframes involved vary from restaurant to restaurant. The statement did not reveal when the company first learned of the breach.
Point-of-sale devices employed at more than 50 Islands Restaurants were infiltrated by malware, resulting in a data breach. The company confirmed that the incident occurred between February 13 and September 27 but the timeframes involved vary from restaurant to restaurant. The statement did not reveal when the company first learned of the breach.
Ransomware Attacks Foreign Currency Exchange Travelex Impacting Services (01/06/2020)
Travelex was impacted by a computer virus on December 31, resulting in the compromise of some of the foreign currency exchange's services. The company announced via Twitter that it had taken some of its systems offline to prevent the spread of the virus and avoid further data infection. Travelex's main Web site remained offline as of January 8. It is widely suspected that the cyber attack was caused by the REvil (also known as Sodinokibi) ransomware, which has been targeting a patched bug in Pulse Secure's VPN. Travelex had seven of these unsecured VPNs and had been warned by researchers at Bad Packets to update the servers immediately. Bad Packets reported via Twitter that Travelex did not patch the VPNs until November, leaving its systems widely exposed to attacks.
Travelex was impacted by a computer virus on December 31, resulting in the compromise of some of the foreign currency exchange's services. The company announced via Twitter that it had taken some of its systems offline to prevent the spread of the virus and avoid further data infection. Travelex's main Web site remained offline as of January 8. It is widely suspected that the cyber attack was caused by the REvil (also known as Sodinokibi) ransomware, which has been targeting a patched bug in Pulse Secure's VPN. Travelex had seven of these unsecured VPNs and had been warned by researchers at Bad Packets to update the servers immediately. Bad Packets reported via Twitter that Travelex did not patch the VPNs until November, leaving its systems widely exposed to attacks.
Wawa Data Breach Likely Impacted Every Store Location (12/23/2019)
Convenience store chain Wawa reported that customer payment card data was exposed in a breach lasting nearly a year. In a statement, the company confirmed that the breach was discovered on December 10 and contained by December 12 but had been ongoing since at least March 4. Every Wawa location is potentially affected. The company has 850 stores
Convenience store chain Wawa reported that customer payment card data was exposed in a breach lasting nearly a year. In a statement, the company confirmed that the breach was discovered on December 10 and contained by December 12 but had been ongoing since at least March 4. Every Wawa location is potentially affected. The company has 850 stores