There’s no rest for cyber criminals this week (as usual.) Even with more details continuing to come out about the recent massive data leak from National Public Data, more cyber security incidents continue to occur. Let’s dive in to some of the cybersecurity incidents that happened this week!
Toyota has recently been hit with a cyber-attack resulting in roughly 240GB of data being stolen. While Toyota hasn’t released any information on the attack, including an estimate of how many of their customers had their data exposed, the hacker group ZeroSevenGroup is claiming to be responsible for the attack. ZeroSevenGroup has said that the stolen information includes information of both employees and customers of Toyota, including things such as contracts and financial information.
(–Source: Dark Reading
Read More: Toyota Customer, Employee Data Leaked in Confirmed Data Breach (darkreading.com) )
More details continue to be released about the huge data leak related to the background check company National Public Data in which 272 million social security numbers were leaked. In a new report from KrebsOnSecurity, the leak appears to be worse than originally thought. A sister site to National Public Data, RecordsCheck.net, had source code and plain text usernames and passwords of their users stored in a zip file that was downloadable up until August 19th. Access to this information, which included logins belonging to the founder of National Public Data, are partly responsible for access to the stolen data. After KrebsOnSecurity contacted RecordsCheck about this file, it has been removed and National Public Data claims to be shutting down the site.
(–Source: MacRumors
Read More: Major ‘National Public Data’ Leak Worse Than Expected With Passwords Stored in Plain Text – MacRumors )
In February of this year Change Healthcare, a health payment processing company, experienced a data leak. Individuals whose information was stolen during this attack are just now starting to get letters about the incident. The attack resulted in “a substantial quantity of data” including names, dates of birth, contact information, addresses, medical records, and more being taken and caused Change Healthcare to shut down certain accesses in an effort to stop the attack. The hackers responsible were holding the stolen data for ransom and received a $22 million ransom payout.
(–Source: Kiplinger on MSN
Read More: Change Healthcare Data Breach: What to Know for Your Social Security Number and More (msn.com) )
On August 17, Microchip Technology, a US semiconductor manufacturing firm “detected poptentially suspicious activity involving its information technology systems.” On August 19, after investigation, evidence was found of unauthorized access. They are still unsure of the cause of the incident, but have confirmed that, as a result of the incident, their manufacturing facilities are operating at lower levels than normal and the ability to fulfill orders has been impacted.
(–Source: The Register on MSN
Read More: Chipmaker Microchip reveals cyber attack whacked manufacturing capacity (msn.com) )
The Oregon Zoo has been hit by an attack that compromised over 100,000 of their visitors’ credit card information if they had purchased tickets to the zoo online any time between December 20, 2023 and June 26, 2024. This incident was confirmed last Friday by the Oregon Zoo. After a month long investigation after noticing suspicious activity on their ticketing site, the zoo is working on notifying visitors whose information was compromised in the attack.
(–Source: OregonLive.com on MSN
Read More: Over 100,000 Oregon Zoo visitors’ credit card information compromised in data breach (msn.com) )