Phishing Watchdog – Stay Safe with Instant Alerts


Apple Targeted in $50 Million Ransomware Hack of Supplier Quanta

21st April 2021 | Target: Apple | Reported Here

Ransomware group REvil claimed in a blog post published on Tuesday to have stolen blueprints for Apple’s latest products. On the same day, Apple CEO Tim Cook announced multiple new products at an online event.

Quanta Computer Inc. acknowledged the attack in a statement made to Bloomberg, stating that the company’s information security team worked with external experts to deal with cyber attacks on a small number of servers. The company also told Bloomberg that there has been no material impact on business operations.


[above via Techrepublic post]  Update 1


Eversource Energy data breach caused by unsecured cloud storage

20th April 2021 | Target: Eversource Energy | Reported Here

Eversource Energy suffers a data breach after customer sensitive data was disclosed on an unsecured cloud server.

Eversource Energy, a publicly traded, fortune 500 energy delivery company in New England, powering 4.3 million electric and natural gas customers throughout Connecticut, Massachusetts, and New Hampshire.


[above via Securereading post]  Update 1


Geico data breach exposed customers’ driver’s license numbers

19th April 2021 | Target: GEICO Insurance company | Reported Here

Car insurance provider Geico has suffered a data breach where threat actors stole the driver’s licenses for policyholders for over a month.

Geico is the second-largest car insurance company in the United States, with over 17 million policies for more than 28 million vehicles.


[above via Bleeping Computer post]  Update 1 / Update 2


HackBoss malware poses as hacker tools on Telegram to steal digital coins

16th April 2021 | Target: Various Hacking Groups | Reported Here

Hackers are distributing cryptocurrency-stealing malware over a Telegram channel to would-be hackers in a scam that has racked up $500,000, according to security researchers.

According to cyber security firm Avast, Hackers are running a Telegram channel called “Hack Boss” to distribute malicious software for other hackers to use. Unfortunately for the hackers who download it, the software won’t help them spread malware. Instead, it’ll infect their systems with cryptocurrency-stealing malware.


[above via Itpro post]  


Celsius email system breach leads to phishing attack on customers

15th April 2021 | Target: Celsius Network | Reported Here

Crypto lending service Celsius has discovered a data breach with one of its third-party service providers has exposed the personal information of its customers, an email sent to Celsius customers and shared with CoinDesk confirms.

Hackers gained access to a “third-party email distribution system” Celsius uses, according to the email. The hackers have used this information to send fraudulent emails and text messages to Celsius to trick them into revealing the private keys to their funds.


[above via Coindesk post] Update 1 


Gay dating site Manhunt hacked, thousands of accounts stolen

14th April 2021 | Target: Manhunt | Reported Here

Gay dating app Manhunt has revealed that it was hacked in February, exposing the data of thousands of users.

In a statement to the Washington state attorney general’s office, Manhunt said a hacker had “gained access to a database that stored account credentials for Manhunt users.”


[above via Metroweekly post] Update 1


Cyber-Attack Shutters Half of Tasmania’s Casinos

13th April 2021 | Target: Tasmania’s Casinos | Reported Here

Poker machines at Tasmania’s two casinos have been offline since the Easter weekend due to a ransomware cyber-attack.

Owner Federal Group was forced to shut down gaming machines at Hobart’s Wrest Point and the Country Club in Launceston following an “incident” in the early hours of 3 April.


[above via TheGuardian post] Update 1 / Update 2


Iran Nuclear Facility Suffers Cyber-Attack

11th April 2021 | Target: Natanz Nuclear Site | Reported Here

Israel appeared to confirm claims that it was behind a cyber-attack on Iran’s main nuclear facility on Sunday, which Tehran’s nuclear energy chief described as an act of terrorism that warranted a response against its perpetrators.

The apparent attack took place hours after officials at the Natanz reactor restarted spinning advanced centrifuges that could speed up the production of enriched uranium, in what had been billed as a pivotal moment in the country’s nuclear programme.


[above via TheGuardian post] Update 1


Upstox Alerts Users of Data Breach; Says Funds, Securities Remain Safe

11th April 2021 | Target: Upstox | Reported Here

Upstox has alerted customers of a security breach that included contact data and KYC details of customers. The retail broking firm assured users that their funds and securities remain safe.


[above via Gadgets NDTV post] Update 1


Over 600,000 stolen credit cards leaked after Swarmshop hack

8th April 2021 | Target: Swarmshop | Reported Here

A breach of Swarmshop, an online hub for selling stolen personal and payment records, has led to the exposure of more than 600,000 payment card numbers and nearly 70,000 sets of US Social Security numbers and Canadian Social Insurance numbers, Group-IB researchers report.


[above via Dark Reading post] Update 1 / Update 2