The Sting - Week of 1/20/2023 edition
01/20/2023
T-Mobile Says Hackers Stole Data On About 37 Million Customers
T-Mobile US Inc. said hackers accessed data, including birth dates and billing addresses, for about 37 million of its customers, the second major security lapse at the wireless company in two years. The company said in a regulatory filing yesterday that it discovered the problem on Jan. 5 and was working with law-enforcement officials and cybersecurity consultants. T-Mobile said it believes the hackers had access to its data since Nov. 25 but that it has since been able to stop the malicious activity. The cellphone carrier said it is currently notifying affected customers and that it believes the most sensitive types of records—such as credit card numbers, Social Security numbers and account passwords—weren’t compromised. T-Mobile has more than 110 million customers. The Federal Communications Commission, said it had opened an investigation. “This incident is the latest in a string of data breaches at the company, and the FCC is investigating.” Full Story
Source: The Wall Street Journal
01/19/2023
Intuit's Mailchimp Comes Forward On A Recent Social Engineering Attack
"On Jan. 11, the Mailchimp Security team identified an unauthorized actor accessing one of our tools used by Mailchimp customer-facing teams for customer support and account administration," reads a Jan. 13 post (updated Jan. 18) on the Mailchimp website. "The unauthorized actor conducted a social engineering attack on Mailchimp employees and contractors, and obtained access to select Mailchimp accounts using employee credentials compromised in that attack. Based on our investigation to date, this targeted incident has been limited to 133 Mailchimp accounts. After we identified evidence of an unauthorized actor, we temporarily suspended account access for Mailchimp accounts where we detected suspicious activity to protect our users’ data." Founded in 2001 and headquartered in Atlanta with additional offices in Brooklyn, N.Y., Oakland, Calif., and Vancouver, Canada, Mailchimp (acquired by Intuit in Sep. 2021) is used by millions of customers around the world. Full Post
Source: Mailchimp
01/18/2023
Vice Society Ransomware Gang Claims Attack On One Of Germany’s Largest Universities
The Vice Society ransomware group said it was responsible for a Nov. 2022 attack against one of Germany’s largest universities. The University of Duisburg-Essen in the country’s North Rhine-Westphalia region was forced to shut down its entire IT infrastructure and disconnect it from the network following the incident. The university has 12 departments and about 43,000 students. Hackers managed to obtain some of the university’s data and put it on the dark web, according to a statement released by the university on Jan. 16. The leaked data allegedly contains financial documents, student information and research papers. At the time of publication, the university had not responded to The Record’s request for comment. The University of Duisburg-Essen did not name Vice Society as the perpetrator of the cyberattack, but the group itself listed the university as one of its victims. Full Story
Source: The Record
01/17/2023
Hacktivists Leak 1.7TB Of Cellebrite, 103GB Of MSAB Data
The Israeli mobile forensics firm, Cellebrite, has apparently suffered yet another data breach in which hackers managed to steal 1.7 TB of data. The hackers are also claiming to have stolen 103 GB of data from MSAB, a Sweden-based forensics firm. The Petah Tikva, Israel-based Cellebrite is frequently criticized for aiding governments with its tools and spyware to monitor the activities of human rights activists, officials, dissidents, and journalists. This time, however, the company has become a target of the data breach. The data was later posted online by Enlace Hacktivista and DDoSecrets. Further analysis revealed that data from MSAB was also leaked. The firm is criticized for providing services to repressive regimes including Myanmar’s security forces. Both databases are currently being offered for downloading through torrents and direct downloads from DDoSecrets and Enlance Hacktivista. Full Story
Source: HackRead
01/16/2023
ODIN Intelligence Website Is Defaced As Hackers Claim Breach
The website for ODIN Intelligence, a company that provides technology and tools for law enforcement and police departments, was defaced yesterday. The apparent hack comes days after Wired reported that an app developed by the company, SweepWizard, which allows police to manage and coordinate multi-agency raids, had a significant security vulnerability that exposed personal information of police suspects and sensitive details of upcoming police operations to the open web. Emma Best, co-founder of non-profit transparency collective DDoSecrets, told TechCrunch that data was exfiltrated from ODIN’s servers and that the organization was in possession of it. “We received the data the other day and are processing it,” Best said. A defacement note made note of three large archive files, totaling more than 16 gigabytes of data. Full Story
Source: TechCrunch