Cyber Security News Roundup – 20th March 2023
By Emily Davidson
20 March 2023It's the beginning of a new week, and that means a round up of some of the cyber security and data protection news headlines over the last 7 days! To learn more about each story, click the headings.
LA housing authority discloses data breach after ransomware attack 13/03
The Housing Authority of the City of Los Angeles (HACLA), a US state-chartered agency that provides affordable housing to low-income individuals and families, is warning of a "data security event" after being targeted by the infamous ransomware operation LockBit. The HACLA first noticed that its systems had been encryted on the 31st December 2022, forcing IT staff to shut down the organisation’s servers. Examined server logs suggest that the hackers managed to access a variety of sensitive information including full names, contact details, social security and passport numbers, and financial and medical information. After uploading samples of stolen files the LockBit gang threatened to publish all the leaked data, indicating that ransom demands were rejected, but the download link to the stolen data set no longer works and it has not been redistributed to any further hacking forums. (Bleeping Computer)
Hacker selling data allegedly stolen in US Marshals Service hack 15/03
A threat actor is selling what they claim to be 350 gigabytes of leaked data from the US Marshall Service to a Russian speaking hacking forum. Up for sale for $150,000, the files include aerial photos of high-security locations, copies of identification documents, wiretapping and surveillance details, and information on convicts, gang leaders and cartels. The threat actor also claims that many of the files are listed as “TOP SECRET” and that some include witness protection details. Last month the USMS stated that they were investigating a “data exfiltration event” following the ransomware attack on the 17th February. (Bleeping Computer)
Latitude cyberattack leads to data theft at two service providers 16/03
Latitude Financial Services, one of Australia’s largest personal loans providers and the largest non-bank consumer credit lender, has suffered a cyber attack that has forced the company to shut down internal and customer facing systems as well as seeing data leaked. According to the ‘Cyber Indicent’ notification the company network was breached with a hacker initially stealing an employee’s login credentials, before using those credentials to login to two of the company’s service providers and access the data. Around 103,000 thousand ID documents, of which 97% were driving licences, were stolen from the first service provider while 225,000 customer records were stolen from the second. (Bleeping Computer)
LockBit ransomware attacks Essendant 17/03
Following the recent multi day outage at office supplies wholesaler Essendant, the LockBit ransomware operation has now claimed responsibility. The attack disrupted access to their customer support and caused widespread harm to Essendant’s operations, forcing them to cancel orders. On the 14th of March, 8 days after the initial attack, Essendant appeared on LockBit’s leaks page with a threat of publishing the data on the 18th of March. LockBit, arguably the world’s most dangerous ransomware operation, show time and time again that they follow through with their threats to dump compromised data if ransom demands are not met. (Malware Bytes)
NBA alerts fans of a data breach exposing personal information 17/03
The NBA is notifying fans of a data breach that successfully targeted personal information held by a third-party newsletter service. Customers have been notified that the NBA’s company systems were not breached and that that affected fans’ credentials weren’t impacted however some fans’ personal information was stolen. The NBA is now working with the third party provider to investigate and understand the incident, whilst it is also working with cybersecurity specialists to understand the scope of the attack. (Bleeping Computer)
Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's vital that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how we could protect your business!
Latest resources
A Guide to Cyber Recovery Cleanrooms
At Celerity, we’re committed to helping organisations navigate the complexities of emerging technologies that drive resilience and compliance. That’s why we’re excited to share this insightful article from our partner, Predatar. Written by CEO Alistair Mackenzie, it explores the growing importance of cyber recovery cleanrooms, their benefits, and how to cut through the noise to make informed decisions.
Celerity Secures Spot on Crown Commercial Service G-Cloud 14 Framework to Drive Public Sector Digital Transformation
Celerity is delighted to have been named as a supplier on the Crown Commercial Service (CCS) G-Cloud framework, with the latest iteration, G-Cloud 14, commencing on 9th November 2024 and running through April 2026.
Play your virtualisation cards right with Red Hat OpenShift
If you’re the customer of one very large virtualisation vendor, you may feel like you’ve been dealt a pretty bad hand over the last few months. With the long-term impact of new licensing and support programmes up in the air, organisations are seeking guidance from IT service providers on how they can best plan for, and manage, their virtualised infrastructure going forward.