The world is facing an endless wave of cyberattacks, and nothing seems like a healthy security habit today. However, a close examination of the recent cyber attacks enables an individual or organization to access the probable cyber threats and make their security investments and phishing protection plan accordingly. Here are last week’s cyber-attacks across the globe
Data Breach Hits Drizly
Leading online alcohol delivery startup Drizly of the U.S. and Canada disclosed to its customers that they had undergone a data breach. Although they claim that no financial details have been affected by the breach, a database posted on the dark web by adversaries claims otherwise.
The compromised details include the email addresses, date-of-birth, passwords, delivery address, phone numbers, I.P. addresses, and geolocation data of customers. Approximately 2.5 million Drizly accounts are affected by the breach.
To protect yourself from phishing, Drizly customers must change their passwords and use strong and unique passwords for all their accounts.
Hackers Compromise 9.5K Ledger Account Details
In two consecutive cyber attacks, adversaries compromised over a million email addresses and 9500 names, addresses, phone numbers, and order details from Ledger’s database. The first attack was identified on 14 July 2020, and though immediately patched, it was still exploited ten days later.
To ensure protection against phishing, Ledger has informed the French Data Protection Authority (CNIL) and is working closely with Orange Cyberdefense. The attack on Ledger serves as a lesson for all users to refrain from sharing payment information and credentials with anybody who claims to be a cryptocurrency wallet developer.
Cyber Attack On Telecom Argentina
Telecom Argentina underwent a massive ransomware attack recently where access to the company’s VPN and other databases was disrupted. The attackers have demanded $7.5 million in privacy coin Monero (XMR) from the company. They have threatened to increase the amount to $15 million (XMR 216,189) if they fail to make the ransom payment by 21 July.
Although the attack couldn’t cause any significant damage, it affected the internal systems of Telecom Argentina, such as corporate VPN, Citrix, Siebel, Genesys, the Customer, and Field Service virtual machines, etc. To ensure protection from phishing, all companies should encrypt their databases and secure their network infrastructure. They should also have regular backups of data to ensure that there are no business disruptions in the eventuality of such a cyber attack.
Blackbaud Attack Hits University Of South Wales
The second-largest university in Wales – the University of South Wales recently underwent an attack by the U.S. based firm Blackbaud. Blackbaud actors had already extracted an unrevealed ransom from the University in May.
South Wales University is now working on its phishing attack prevention measures. They found that email addresses and names from their alumni database were compromised in the attack. To ensure anti-phishing protection for all, they have notified the affected people to remain extra cautious. The university is taking measures to prevent such attacks in the future and has also reported the attack to the Information Commissioner’s Office.
Avon Leave Database Online
The renowned cosmetics brand Avon recently underwent a massive data breach because of a misconfigured cloud server. Approximately 19 million user and employee records have been compromised because of an unencrypted database left online. The exposed details include the full names, phone numbers, dates of birth, email and home addresses, and GPS coordinates of users.
The 7 GB leaked database also included over 40,000 security tokens, OAuth tokens, internal logs, account settings, and technical server information. The attack has made all affected people vulnerable to a plethora of cyber attacks. Avon’s stand in the market has also risked because any hacker with the server’s I.P. address can now establish full server control on the Avon brand.
However, Avon is trying its best to contain the attack and hopes that credit card details were not compromised in this breach.
Netflix Phishing Scam
A hacker has innovated and worked hard to make his Netflix phishing scam look credible. The attacker aims to steal payment card details of Netflix users via a “failed payment” error hiding behind a functional CAPTCHA page to bypass email security controls.
The scheme employed using fake emails that were sent at the beginning of the month. The emails impersonated the Netflix support service and used the address firstname.lastname@example.org.
The email contains a link that takes the user to a phishing page. Although the URL has now been taken down, Netflix users who made recent payments must take measures to ensure protection from phishing because the fake website looked exactly like the genuine Netflix domain.
Data Breach Hits National Cardiovascular Partners
Hackers compromised the email account of a National Cardiovascular Partners (NCP) employee through which the details of 78,070 NCP patients were leaked. The compromised details included the names and other contact information of patients. NCP is adapting the phishing prevention best practices and has offered a free identity detection and identity theft resolution to all customers affected in this breach. NCP is also being extra cautious and rendering security training to its employees.
22 Million Promo.Com User Data Leaked
The Israeli-based marketing video creation site Promo.com has recently notified its users of a massive data breach. The breach has led to the leak of 22 million user records on the dark web for free.
Initially, a renowned seller of data breaches posted the Promo.com database online, but it was soon taken down. However, another data breach seller uploaded the database again on the same hacker forum. The compromised details include email addresses, names, genders, geographic location, and hashed passwords for 2.6 million users.
Although hashed or salted, the hackers with access to the database have already leaked 1.4 million cracked passwords from this database. Users have an even higher risk of a cyberattack, and hence they must immediately subscribe to some anti-phishing services to keep their online activities and identity secure.
Yet Another Security Concern At Oneplus
The Chinese smartphone company OnePlus has created quite a market for itself. However, the brand has not been as proactive about its security online as it is about the launch of its advanced products. A recent breach at OnePlus revealed the email addresses of over a hundred users. The incident happened because OnePlus committed the mistake of putting the customer email I.D.s in the ‘TO’ field instead of the ‘BBC’ field while sending out a mass mailer for research purposes.
Resultantly, all recipients of the email could view the email addresses of at least a hundred other OnePlus users. Such instances expose users to unprecedented cyber threats and speak a lot about the company’s approach to customer privacy. OnePlus users are advised to closely monitor the emails they receive and change their existing passwords to something more durable.