Phishing attacks and data breaches continue to impact organizations and individuals alike. Here are this week’s most notable updates.

McDonald’s, Samsung and BAT Fined For Privacy Breach

The renowned brands Samsung and McDonald’s were recently fined by South Korea’s Personal Information Protection Commission for privacy breaches. With phishing scams increasing world-over, organizations are expected to maintain cybersecurity standards.

However, McDonald’s was found storing backup data on a Server Message Block (SMB) with sharing enabled. This helped adversaries steal over 4 million users’ information.

Further, the company was found storing over 766,846 customers’ data beyond the normed retention period, and this data, too, was compromised owing to the security loophole. Both these incidents cost McDonald’s a fine of about $530,000 and $7,700, respectively.

On the other hand, Samsung was found exposing the data of 48,122 users for over a month owing to incompetent web server security. In another incident, the cigarette company British American Tobacco (BAT) was found exposing the personal details of over 1500 customers.

The Personal Information Protection Commission of South Korea fined both these organizations ₩100 million and ₩40 million, respectively, for their lack of phishing awareness. In this much-needed security check, the commission also fined other organizations like JK Club, iMarket, and Kara for exposing customer data.

 

SideCopy APT Allegedly Spying on Indian Defense Research Agency

Cybersecurity experts at Cyble suspect that the Pakistani cyberespionage group SideCopy APT is trying to steal confidential intel from the Indian Defense Research and Development Organization (DRDO). SideCopy APT is allegedly employing malicious strategies to trick employees and steal sensitive military secrets belonging to DRDO. SideCopy APT is known for using spear-phishing as an initial attack vector.

In the recent incident, the SideCopy APT actors sent emails to DRDO employees with research material about military technologies added as attachments. This came in the form of a malicious zip attachment with a .lnk file called DRDO – K4 Missile Clean room.pptx.lnk. Interestingly, this PowerPoint file contained actual information about the K-4 missile (nuclear-capable submarine-launched ballistic missile).

 

Data Breach at Kroger Postal Prescription Services

Ohio-based grocery retailer Kroger Postal Prescription Services (Kroger PPS) recently reported a data breach with the US Department of Health and Human Services Office for Civil Rights (HHS-OCR). It claimed that unauthorized third parties accessed some of its confidential consumer information.

 

data breach

 

Presumably, Kroger PPS consumers’ protected health information was compromised in the breach. As part of its anti-phishing protection measures, Kroger PPS is now sending out data breach notifications to all affected individuals.

With over 2,700 stores in 36 US states, Kroger PPS is a renowned brand. If you are a frequent buyer at their stores, then your data, too, must be stored on their computer network. Look out for suspicious emails from the company or any other stranger. Adopting adequate cybersecurity measures is the only wise thing to do for Kroger PPS customers right now.

 

Ransomware Attack Hits the City of Oak Ridge

A ransomware attack recently hit the City of Oak Ridge, Tennessee. The attack caused network issues in the city servers, making it the eighteenth local government to undergo a ransomware attack this year. The Oak Ridge attack comes after a ransomware attack on Tennessee State University and several other schools, healthcare providers, manufacturing organizations, and small businesses.

The City is making use of the best anti-phishing tools and working in collaboration with its Information Systems Department (IS) to analyze the breach. It has also informed law enforcement and collaborated with third-party cybersecurity specialists to restore systems and investigate the attack.

 

Cyberattack Hits Wisconsin Court System’s Network

A cyberattack recently targeted the Wisconsin court system’s computer network. The court spokesman has refrained from sharing many details about the incident. However, he did mention that owing to the attack, users might experience slower or intermittent services on their online network.

Although the attack hasn’t led to the compromise of any data, such phishing attacks should not be ignored. Fortunately, the court has begun adopting countermeasures to contain the attack’s spread, and court operations remain uninterrupted. All attorneys facing difficulty filling out the digital documents have been advised to reach out to the court clerk of their counties for the same.

 

DDoS Attack targets Skylink

The DTH and internet TV services provider for the Czech Republic- Skylink, recently underwent a DDoS attack. Skylink CZ notified the public of the incident via a Facebook post where it apologized for the system outage and assured people that it is adapting necessary phishing protection measures.

Skylink reported that it underwent a DDoS attack from a Russian hacking group. Consequently, most of its satellites and internet television web services remained down for a brief period.

 

Dole Food Company Acknowledges Ransomware Attack

The renowned fresh produce giant Dole Food Company underwent a Ransomware attack in February. It has now confirmed the breach and reported that an undisclosed number of employees may have their data exposed because of the breach. The company has over 38,000 employees globally and caters to the fresh fruits and vegetables market in over 75 countries.

 

Image sourced from slideteam.net

 

The ransomware attack was highlighted in its annual report with the US Securities and Exchange Commission (SEC) where Dole said that it endured a sophisticated ransomware attack in February 2023. Anti-phishing solutions were immediately implemented and a team of third-party cybersecurity experts was hired to investigate the nature of the breach.

Fortunately, the attack had a limited impact on the company. Dole had resisted publicly disclosing the attack until customers started reporting delayed services and product shortages in stores.

Dole is in the process of implementing a crisis management protocol wherein it will briefly switch to the manual mode of operation to continue business operations, although at a much slower pace. The attack had a limited impact but Dole’s production plants in North America were briefly disturbed.