Welcome to this week’s cybersecurity news roundup! Let’s dive in…
The labor union, International Brotherhood of Electrical Workers (IBEW) had a class action complaint filed against them for a data breach that occurred earlier this year that resulted in an unauthorized third-party gaining access to names and social security numbers of IBEW members both current and former.
The cybercrime group BlackSuit led the cyberattack that caused this leak of information. IBEW wasn’t the only organization affected, as this was a part of an attack on many other businesses in March of this year.
Affected individuals were alerted by IBEW at the beginning of August, and the class action complaint filed against the organization claims that the delay in alerting those affected caused harm to the individuals.
(–Source: JD Supra
Read More: Labor Union Faces Class Action for Data Breach | Robinson+Cole Data Privacy + Security Insider – JDSupra )
NullBulge, a hacker group, launched an attack on Disney over the Summer in which they gained access to over 1TB of sensitive data by infiltrating Disney’s internal Slack channels. After a closer look into the leaked files, it was found that more than 44 million Slack messages from Disney were leaked. These messages include 18,800 spreadsheets and 13,000 PDFs from both private and public company channels.
Disney crew members and guests of both the Disney theme parks and cruise lines had personal information included in this leak. This information includes addresses, phone numbers, birthdates, passport and visa information, and current assignments of the Disney Cruise Line crew members. Financial information of Disney+ streaming customers is also included.
(–Source: Mashable
Read More: Disney data breach: Disneyland, Disney Cruise guests and employees personal info leaked | Mashable )
A warning has recently been issued to over 900,000 Medicare customers that their personal information may have been included in data leaked during a cyberattack that occured last year targeting the MOVEit file transfer service.
While the attack happened in May of last year, it was only recently discovered that Medicare customers’ information had been compromised.
(– Source – Newsweek
Read More: 900,000 Americans on Medicare Warned of Data Breach – Newsweek )
Highline Public Schools in Washington State, a K-12 school district with over 17,500 students and 2,000 staff members, was the target of a cyberattack this past weekend, causing the schools to be closed on Monday and Tuesday.
Unauthorized activity was detected on the school’s systems and immediate action was taken to mitigate the attack. The network has been disconnected from the internet as a precaution and staff are only able to access key applications required for the schools to operate safely.
Cyberattacks against schools are becoming more common especially at the beginning of the school year.
(–Source: Infosecurity Magazine
Read More: Highline Public Schools Forced to Close By Cyber-Attack – Infosecurity Magazine (infosecurity-magazine.com) )
The ongoing investigation into the major cyberattack on Transport for London has led to the arrest of a 17 year-old teenager on suspicion of Computer Misuse Act offences. He was bailed after answering questions.
This investigation of the attack on TfL is still ongoing.
(–Source: The Independent on MSN
Read More: Boy, 17, arrested in connection with TfL cyberattack (msn.com) )
Fortinet, one of the largest cybersecurity companies in the world, recently experienced a cyberattack in which a hacker claimed to steal 440GB of files from the company’s Microsoft Sharepoint server. Early yesterday morning, the hacker behind the incident took to a hacking forum to announce that they had stolen data from Fortinet and shared credentials in order for others to access and download the stolen content.
Fortinet has confimed that an unauthorized individual did access their files that contain customer data, but did not disclose exactly how many customers have been affected and what data has been compromised.
(–Source: BleepingComputer
Read More: Fortinet confirms data breach after hacker claims to steal 440GB of files (bleepingcomputer.com) )
AT&T, Microsoft Teams, and Microsoft Outlook networks experienced outages yesterday morning beginning at 9am EST.
The outages mainly affected Microsoft Teams, with around 4,000 outages being reported. Microsoft Outlook had around 1,000 outages, while the AT&T networks also reached reports of more than 4,000 outages affecting landline and mobile internet.
While there is no indication that this was a cyberattack, the disruption is still being investigated. Thankfully, most of the issues were resolved by 11am EST.
(–Source: TODAY on MSN
Read More: Microsoft, AT&T customers hit with outages — what to know (msn.com) )