The struggle to ensure phishing protection is tedious because phishing emails never cease to lure people into clicking on malicious links or downloading corrupt files. The following news headlines testify to the enormous financial loss and data theft caused by phishing attacks.
The North Face Undergoes Cyberattack
Popular U.S shopping website the North Face underwent a credential stuffing attack on 8-9 October, which has caused account details compromise for some of its customers. To ensure phishing prevention, the North Face has reset the passwords of affected customers. In the notification forwarded to affected customers, the North Face informed them that the attacker probably gained access to their email address and password from a previously hacked application or website.
As such, customers were encouraged to change their passwords to something unique and abstain from using the same password for more than one account. The compromised details include the customers’ email address, password, purchase history at the North Face, billing and shipping address, loyalty points, name, birthday, contact number, etc. However, no payment card information has been accessed by third parties.
Another anti-phishing solution adopted by the North Face is disabling passwords from affected accounts and erasing the payment-card tokens stored on their website. This implies that all users will have to create new passwords before trying to shop again on the North Face.
Data Breach Hits Pluto TV
Leading internet television service Pluto TV recently underwent a data breach that exposed the account details of millions of its customers from 2018. Although the stolen credentials may not still be in use, they still form the basis of credential stuffing or spear-phishing attacks. The threat actor believed to be behind the attack is the ShinyHunters hacker group. The stolen details include the names, email addresses, hashed passwords, IP addresses, and users’ birthdays.
Since no paid plans are available with Pluto TV, there is no question of the leak of payment card details. In its statement, Pluto TV has stressed its prompt application of anti-phishing measures when the personal information of its customers is at stake.
Reddit’s Telegram Channel Hacked, Along With Others
Cyber adversaries are now focusing on hacking and gaining admin access over popular channels on telegram. Reddit and Baza are among the many channels targeted by hackers. The Reddit channel has around 230 thousand subscribers, and suddenly, after opening a file sent by the adversary, Reddit administrators could no longer access the channel. The administrators had received a Trojan-infected file under the pretext of a video from the hackers who pretended to be interested in buying advertising space.
The video was available for download on Yandex.Disk but only on desktop computers. Once the Reddit administrators opened this file, they were unable to access the channel. The method used by the hackers isn’t new, but people seem to fall for it in spite of that.
Miltenyi Biotec Recovers From Malware Attack
The last couple of weeks have been challenging for the anti-phishing protection experts at the international biotechnology company Miltenyi Biotec. They underwent a malware attack recently, which disrupted their order processing system.
The Mount Locker ransomware group is responsible for the attack on Miltenyi Biotec. The adversaries stole 1GB worth of documents from the biotechnology provider. The firm claims that no customer or partner information has been impacted in the attack and is doing everything in their capacity to tackle the attack and minimize its impact.
60k Iowans’ Data Leaked By Mercy Iowa City
Mercy Iowa City underwent a data breach from May 15th to June 24th, which has exposed the PII of over 60,000 Iowa residents. The disclosed information includes the names, DOBs, healthy insurance details, Social Security numbers, and driver’s license numbers of patients.
The hospital had noticed unusual activity in one of their employee’s email account, which was hacked and used to send phishing emails. The hospital is extending free identity theft protection to all patients whose social security numbers and driver’s license numbers were compromised. They have further said that they’re adopting measures to ensure protection from phishing attacks in the future.
Tronicsxchange Exposes 2.6 Million Records
California-based electronics retailer TronicsXchange had a misconfigured AWS S3 bucket available online without a password, which contained more than 2.6 million files. The files included the ID cards, biometric images, driver’s licenses, etc., of TronicsXchange customers between 2012 and 2015. Although the S3 bucket was eventually secured, over 80,000 images containing PII and fingerprint scans of customers were leaked. If discovered by the malicious actors, the stolen records can be used to apply for credit cards, create bank accounts, and other identity frauds.
All people who think they might have been victims must take measures to prevent phishing attacks and keep monitoring their financial statements regularly.
Cyberattack Hits Capcom
Capcom underwent a ransomware attack recently, which compromised vast amounts of data from its systems. These included the names, addresses, passport records, financial statements, bank details, etc., of customers and employees. The compromised data also had the list of shareholders, shareholder numbers, and former employees and job applicants’ records.
Although no money laundering has been reported because of this attack, the vast expanse of PII compromised has caused an equal, if not greater, loss for Capcom. Allegedly, the ransomware group Ragnar Locker is behind this attack, which has affected over 350,000 people. Victims are being informed as Capcom engages in strengthening its phishing attack prevention measures.
Over 100,000 Facebook Users’ Records Leaked
In a Facebook scam that lured victims with the facility to show who ‘viewed their profile last,’ adversaries stole over 100,000 Facebook users’ login credentials. The database containing all these stolen records was exposed by the hackers, which adds to the victims’ vulnerability.
The cyber attackers used these compromised accounts to spam Facebook posts with comments leading people to their scam websites, which then led the victims to a fraudulent Bitcoin trading platform.
Cyberattack Hits Americold
Cold storage company Americold Realty Trust recently underwent a cyberattack, which has affected its phone system, email communication, order fulfillment, and other operations. They had to shut down all computer systems immediately after the attack to avoid further damage. Americold was efficient in implementing its business continuity plans and is currently working with law enforcement and external security experts.
The company is doing its best to ensure protection against phishing and regards client-data discretion as an essential work principle. They notified in a statement about their integrity towards ensuring cybersecurity for all at the work front.