Latest security breaches
AUGUST
Toyota suffered a data breach, resulting in the theft of 240GB of sensitive data, including information on employees, customers, contracts, and financial details. This incident follows previous data breaches at Toyota, including a ransomware attack and cloud misconfigurations. The company has implemented measures to prevent similar leaks in the future.
Halliburton, one of the world's largest providers of services to the energy industry, has faced a cyberattack that forced it to shut down some of its systems. The company has activated its cybersecurity response plan, notified law enforcement agencies, and is working on restoring affected devices. This incident raises concerns about the vulnerability of critical energy infrastructure to cyber threats.
FlightAware, a leading flight tracking platform, experienced a data security incident due to a configuration error, potentially exposing users' personal information. The exposed data may include user IDs, passwords, email addresses, and additional personal details, prompting the company to require password resets for affected users.
AutoCanada has reported a cybersecurity incident that affected its internal IT systems. The company has taken immediate action to address the incident, including engaging cybersecurity experts for containment and investigation. The full impact, including any data access, is still being determined, and business operations might face disruptions until systems are fully restored.
The Security Service of Ukraine has reported that attackers, posing as the SSU, used malicious emails to infect over 100 government computers with AnonVNC malware. The emails contained a fake document list and linked to a malicious archive. Multiple cyberattacks targeting Ukraine's critical infrastructure, including heating systems and energy providers, have been linked to Russian threat groups like Sandworm and used malware such as FrostyGoop and Industroyer2.
Evolution Mining, a major gold producer in Australia and Canada, experienced a ransomware attack. The company has enlisted cybersecurity experts to address the issue, and they have contained the attack. Despite the disruption, Evolution Mining expects no significant impact on its operations. The incident has been reported to the Australian Cyber Security Centre, and no ransomware groups have claimed responsibility.
Chinese hacker groups APT31 and APT27 are behind the EastWind cyberattacks targeting Russian government organisations and IT companies. The EastWind campaign employs updated versions of the CloudSorcerer backdoor and introduces a new backdoor named PlugY, making detection challenging.
Another data breach for CSC ServiceWorks exposed the personal information of over 35,000 individuals, including sensitive data such as financial and health information. The company took measures to secure its systems, notified law enforcement, and offered free credit monitoring and identity theft protection to the affected individuals.
In another data breach, American building security giant ADT has experienced a cybersecurity incident after threat actors leaked allegedly stolen customer data on a popular hacking forum. The ADT data breach has raised concerns about the security of customer information, although the company has reassured its users that the impact on its core services and sensitive data is minimal.
The Ronin Network's bridge was exploited by white hat hackers, leading to the withdrawal of $12 million in ETH and USDC, but a critical security measure prevented even greater theft. The exploit was caused by a recent update to the bridge's governance process, allowing unauthorised actors to bypass the required vote threshold of bridge operators, prompting the pause of the bridge for 40 minutes.
The ruling party of South Korea, People Power Party, claims that North Korean hackers have stolen crucial information about the country's main battle tank, K2, and spy planes Baekdu and Geumgang.
In another significant security breach, National Public Data's exposed millions of individuals' sensitive personal information, including social security numbers and contact details. The leaked database, potentially sourced from public records, has led to a class action lawsuit against the operator of the service, Jerico Pictures.
McLaren Health Care hospitals experienced a ransomware attack, leading to disruption of IT and phone systems, potentially compromising patient information. The ransomware operation, INC Ransom, has targeted a wide range of organisations, including healthcare, government, and industrial entities.
A critical security flaw in the LiteSpeed Cache plugin for WordPress could allow unauthenticated users to gain administrator privileges, posing a severe risk to over five million active installations. The vulnerability, tracked as CVE-2024-28000, stems from a weak security hash and allows attackers to spoof their user ID, creating a potential avenue for privilege escalation and site takeover.
The Grand Palais Réunionha des musées nationaux in France experienced a ransomware cyberattack, causing operational disruptions at the museum and its bookstores, but the Olympic events proceeded without issues. The cyberattack may have originated from the hijacked account of a collaborator, with the threat actors demanding a ransom in cryptocurrency, but no ransomware group has claimed responsibility for the attack.
In another data breach, Mobile Guardian, a digital classroom management platform, and remotely wiped data from at least 13,000 student's iPads and Chromebooks. The breach impacted North American, European, and Singaporean instances of the platform, leading to restricted access for students and suspension of the service.
