Adopting the phishing prevention best practices can ascertain a significant level of protection from the cyber adversaries who are always trying to infiltrate into the systems of businesses, organizations, and even government offices. The following headlines from the bygone week prove why enterprises must take phishing prevention seriously
Belarusian Police Officers Become Victims Of Protest-Inspired Hacker
The adversaries have recently leaked the personal details of 1,003 Belarusian police officers through a Google Spreadsheet. Most of these officers were lieutenants, majors, captains, and the compromised details included their names, dates of birth, and the officers’ departments and job titles.
The data breach comes as retaliation to the inhuman police actions during anti-government demonstrations. The data was published by the news agency Nexta who encouraged the public to come forward and reveal (if they know) other details of these officials such as their addresses, phone and car numbers, habits, among other information. Undoubtedly, protection against phishing has taken a backseat in Belarus amidst all the chaos.
Tasmania University Accidently Leaks Students’ Data
In yet another incident of the negligence of phishing protection measures, the University of Tasmania has publicly released the personal details of 19,900 students. The good thing is that the data was made available to only the faculty with access to the utas.edu.au email address on the Microsoft Office 365 platform SharePoint.
The University deeply regrets this digital blunder and has been personally notifying and offering anti-phishing solutions to all affected students. They have also employed cyber experts to secure the leaked information and have initiated a support line (1800 019 897) to assist students in these difficult times.
CNO Undergoes Cyberattack: Services Remain Inactive
The CNO – College of the Nurses of Ontario became the victim of a significant cyberattack recently, which may have affected over 185,000 nurses‘ details. Consequently, the CNO had to shut down its services and seek the expertise of security investigators.
They are still struggling to re-establish their operations, with several services remaining inactive. The college has taken measures for protection from phishing attacks and extended free credit monitoring and identity theft protection services to its staff members.
Mass Account Hack at Activision
Recent reports suggest a mass account hacking campaign that has targeted over 500,000 Activision accounts. The hack was reported by the eSports site Dexerto on 20th September. The login details of affected users are already leaked, and the adversaries have changed the passwords beforehand to avoid any scope of easy account recovery.
Although Activision has denied a mass hack’s prospects citing their proactive anti-phishing protection measures, users are still facing and reporting the issue. Users are advised to adopt healthy password habits and refrain from recycling the same password for different accounts online.
Shower Of Cyberattacks On Tutanota
The German encrypted email service provider Tutanota recently underwent a series of cyberattacks that initially targeted their website and later, their DNS providers.
Resultantly, millions of Tutanota users faced disruption in services on and off between 14th September (first DDoS attack) and 17th September. But Tutanota was resilient with its anti-phishing solutions and was prompt to restore services soon after the attack.
No user data was compromised in any of these attacks as the E2E services makes it impossible for anyone (even Tutanota) to access the confidential emails exchanged between users.
Microsoft Accidentally Leaks Users’ Search Query Data
Security researcher Ata Hakcil recently identified a Bing backend server of Microsoft left unprotected online. Although the incident hasn’t compromised any sensitive user information, it has exposed over 6.5TB of log files with 13 billion search query records.
The server remained online from 10th to 16th September and was brought offline by the Microsoft Security Response Center (MSRC) after being informed. Fortunately, the exposed data was limited and de-identified.
Ransom X Attacks IP Photonics Corp.
The U.S. laser company IP Photonics Corp. recently underwent a ransomware attack supposedly from Russian state-sponsored hackers. Ransom X is believed to be responsible for bringing down the information technology systems of IP Photonics. The adversaries are now threatening the company against involving law enforcement in the matter.
The attack on IP Photonics shall impact U.S. national security implications as the company also develops laser weapons for U.S. defense forces.
Half Of All Americans Have Their PII With China Says FBI
In a recent statement, FBI Director Christopher Wray said that China uses massive data mining to steal the Personally Identifiable Information of almost half of America’s population. He says that an adult in the U.S is more likely to have his data compromised by China than not.
The FBI director supported his argument by stating the 2017 Equifax theft that affected over 150 million people, the attack on the health care provider Anthem, and the Office of Personnel Management affecting 60 million and 22 million people, respectively.
Wray considers this to be one of the most massive transfers of wealth in human history and seconds the State Department’s recent order of shutting down the Chinese consulate in Houston. Such extreme foreign intrusion demands equally bold phishing prevention measures.
Ransomware Hits Eyewear Company Luxottica
Eyewear Company Luxottica recently underwent a ransomware attack, which made the websites for Ray-Ban, LensCrafters, EyeMed, Sunglass Hut, and Pearle Vision inactive. This was in addition to the breakdown of Luxottica’s portals – one.luxotrica.com and university.luxottica.com. Their offices in Agordo and Sedico, Italy, were having trouble with their computer systems as well.
Luxottica’s information security manager Nicola Vanin later confirmed the attack via a LinkedIn post and assured that no user data was compromised so far. Luxottica is taking anti-phishing measures, but their services are yet to be fully operational.
Cyberattack Brings Down the Website Of Ukraine National Police
The Ukraine National Police website underwent a cyberattack at 11:45 am (EEST) on Wednesday, 23rd September. Resultantly, the website became inoperative and was used by the adversaries to post false information. The department notified the breach via a Facebook post and said that their cyber experts are working on restoring their website.
The Ukraine National Police regrets such an incident and is adopting measures to prevent phishing attacks in the future.