Phishing Watchdog – Stay Safe with Instant Alerts


Minnesota’s second-largest health care data breach

16th September 2020 | Target: Minnesota’s | Reported Here

Hundreds of thousands of patients and donors to Children’s Minnesota and Allina Health hospitals are getting letters saying some of their personal data may have been exposed in a data breach,

Hundreds of thousands of patients and donors to Children’s Minnesota and Allina Health hospitals are getting letters saying some of their personal data may have been exposed in the second-largest health care data breach in state history.


[above via Startibune post] Update 1


DDoS Attacks Hit 1 Tbps in 2020

16th September 2020 | Target: Various Organizations | Reported Here

There has been a 151% increase in the number of DDoS attacks in the first half of 2020, compared to the same period in 2019.

According to Neustar’s latest CyberThreats and Trends Report, these attacks include the largest that Neustar has ever mitigated at 1.17 Tbps.

As reports of the number of detected DDoS attacks increase, Neustar said the number of attacks sized 100 Gbps and above grew by 275%, and the number of “small attacks,” sized 5 Gbps and below, increased by more than 200%. These small 5 Gbps and below attacks represented 70% of all attacks mitigated by Neustar between January and June 2020.


[above via Infosecurity post] Update 1


Data Breach Hits 46,000 US Veterans

14th September 2020 | Target: US Veterans | Reported Here

The Department of Veterans Affairs (VA) announced Monday that the personal information of around 46,000 veterans was accessed in a recent data breach.

The news came after the agency’s Financial Services Center discovered that an unauthorized user had accessed an application used to help veterans pay for medical care and diverted funds meant for community health providers.


[above via The Hill post] Update 1


US staffing firm Artech discloses ransomware attack

11th September 2020 | Target: Artech Information Systems | Reported Here

One of the largest IT staffing companies in America has been hit by a second ransomware attack in nine months.

At the start of September, Artech Information Systems disclosed a data breach caused by a ransomware attack perpetrated between January 5 and 8, 2020.

Attackers deployed the ransomware three days after gaining unauthorized access to some of the company’s systems. The incident was picked up by the company following reports of suspicious activity on the user account of an Artech employee.


[above via Infosecurity post]  


Chinese Ambassador’s Twitter Account “Hacked”

10th September 2020 | Target: Liu Xiaoming | Reported Here

A pornographic post was ‘liked’ from the official account of Chinese ambassador Liu Xiaoming, after which the country has asked Twitter to initiate a probe in what it says is a hacking incident.

Xiaoming’s account showed the liked video for over an hour on Wednesday, leading to a number of comments and reactions before it was finally taken down.


[above via DNA India post]  Update 1 / Update 2


Cryptocurrency exchange Eterbase hacked, $5.4 million worth of funds stolen

10th September 2020 | Target: Eterbase  | Reported Here

ETERBASE, a Bratislava-based cryptocurrency exchange, disclosed this week a security breach. The exchange said hackers breached its internal network and stole cryptocurrency funds worth $5.4 million.

The incident, which was disclosed on Thursday, involved the theft of various cryptocurrencies from the company’s hot wallets.


[above via Zdnet post]  Update 1


DOJ Scam Targets Elderly Americans

8th September 2020 | Target: Elderly Americans | Reported Here

The Office of Justice Programs’ Office for Victims of Crime (OVC) has received multiple reports that individuals claiming to represent the Department of Justice are calling members of the public as part of an imposter scam. The department strongly encourages the public to remain vigilant and not to provide personal information during these calls, which appear to target the elderly.


[above via Justice post] Update 1 


Webmaster Portal Leaks 63 Million Records

8th September 2020 | Target: Webmaster Portal | Reported Here

The world’s largest webmaster form has been found wanting in terms of its cybersecurity posture after researchers discovered an unprotected database leaking data on nearly 900,000 users.

Digital Point provides a platform for members to chat and buy and sell websites, domains and digital services.

Back in July, researchers at WebsitePlanet teamed up with Jeremiah Fowler to discover an Elasticsearch database belonging to Digital Planet that was left online without password protection, exposing nearly 63 million records.


[above via Startupdigital post]


US Arrests Tourist Over Malware Conspiracy

26th August 2020 | Target: Tesla | Reported Here

The FBI has arrested a Russian tourist in America, who investigators say offered a Tesla employee $1 million to infect company computers with malware in a scheme to steal data and extort payment from the company.

Egor Igorevich Kriuchkov, 27, was arrested last week in Los Angeles and federally charged with conspiracy to damage a protected computer, after the Tesla employee alerted the company and the FBI.


[above via Dailymail post] Update 1 


Data Firm Exposes 235 Million Social Media Profiles

19th August 2020 | Target: Social Media App | Reported Here

A Hong Kong-registered company that sells data on social media influencers has exposed as many as 235 million user profiles scraped from Instagram, TikTok, and YouTube on the web without a password or any other authentication required to access it, according to a report by British research firm Comparitech.

Security researcher Bob Diachenko, who leads Comparitech’s cybersecurity research team, uncovered three identical copies of a database which included names, contact information, images and statistics about followers on August 1, Comparitech said in the report on Wednesday.


[above via SCMP post] Update 1 


Experian South Africa discloses data breach impacting 24 million customers

19th August 2020 | Target: Experian | Reported Here

Experian has suffered a major breach of customers’ personal information, affecting an estimated 24 million South Africans and nearly 800,000 businesses.

The credit reporting agency revealed in a statement yesterday that an individual fraudulently claimed to represent one of its client and then requested “services” from the firm, prompting the release of the data.


[above via Infosecurity post] Update 1