With Thanksgiving kicking off the holiday season next week, hackers continue their antics and we’ll likely see an increase of cybercrime throughout the holidays. Here’s a recap of what happened this week:
Chinese state-sponsored hacking group, Salt Typhoon, has breached T-Mobile’s network in a US telecommunication provider targeted attack that also affected AT&T, Verizon, and Lumen Technologies.
The hackers were able to leverage the vulnerabilities in telecom infrastructure to infiltrate systems used for law enforcement surveillance, leaving federal agencies and security experts concerned about the severity of the incident while they wait for T-Mobile to release details about what information was stolen. The FBI and CISA are currently investigating.
(–Source: Infosecurity Magazine
Read More: T-Mobile Breached in Major Chinese Cyber-Attack on Telecoms – Infosecurity Magazine )
Home mortgage lender, AnnieMac, recently suffered a cybersecurity incident in which over 170,000 customers had their sensitive data exposed.
The incident occurred in August of this year when an unnamed attacker gained access to AnnieMac’s IT infrastructure and “viewed and/or copied certain files” containing customers’ full names and Social Security Numbers.
A third-party forensics company is investigating the matter and AnnieMac has alerted affected customers and is offering them a year’s worth of identity theft protection and monitoring.
(–Source: TechRadar on MSN
Read More: Top American mortgage lender AnnieMac says thousands of customers have had data stolen in breach )
Back in 2021, popular live streaming platform, Twitch, was the target of an attack in which an anonymous hacker leaked the site’s source code as well as personally identifiable information of Twitch users.
With the breach affecting over 35,000 Turkish citizens, the country took it upon itself to open an investigation into the attack. The investigation stated that the company, which is owned by Amazon since 2014, “failed to take adequate security measures beforehand.” Twitch also downplayed the severity of the breach when it occurred, claiming that attackers did not gain access to user login credentials. Following the investigation, the conclusion was reached that Amazon is to blame, and is fining the company $58,000.
(–Source: TechRadar Pro on MSN
Read More: Twitch data breach leaves Amazon with major fine )
After the parent company of Stop & Shop and Hannaford grocery stores experienced a recent “cybersecurity issue within its US network,” product shortages have affected the stores. It has been nearly two weeks since the incident occurred, and shelves are still bare.
At least 27 Stop & Shop locations in Massachusetts, Connecticut, Rhode Island, and other states are still experiencing issues with filling the shelves, especially when it comes to meat products and produce.
The company has stated that they are working to restock out-of-stock items in impacted stores as soon as possible so as not to affect the upcoming holidays.
(–Source: NBC News on MSN
Read More: Stop & Shop cyber incident leaves some shelves empty ahead of Thanksgiving )
Amid claims that Ford’s internal database was leaked online, the company is looking into the potential data breach, that is said to expose 44,000 records of customer names, locations, and which products they purchased, after known hackers posted on BreachForums.
Ford is actively investigating these claims.
(–Source: TechRadar on Yahoo! News
Read More: Ford says it is investigating claims thousands of workers have had data leaked online )
In October of this year, an unidentified hacker gained access to Maxar Space Systems’ internal networks using a Hong Kong-based IP address. Allegedly, the hacker maintained access and exfiltrated sensitive data for a week before being detected.
The information the attacker gained access to includes names, addresses, social security numbers, business contact information, and other sensitive data of Maxar employees. These affected employees, both current and former, have been offered a years’ worth of identity theft protection, and law enforcement has been notified of the breach.
(–Source: TechRadar on MSN
Read More: US space tech firm Maxar says employee personal data leaked in hack )
Aspen Healthcare fell victim to a data breach after being targeted in a ransomware attack in which hackers gained access to consumers’ information. The incident occurred in October of this year, but was officially filed with the Attorney General of Texas this week.
The information collected in this breach includes names, birth dates, addresses, insurance and health records, and social security numbers.
Data breach letters have been sent out to affected parties as of November 18th.
(–Source: JD Supra
Read More: Aspen Healthcare Services Announces Data Breach Following Ransomware Attack | Console and Associates, P.C. – JDSupra )