Cyber Security News Roundup – 27th February 2023

It's the beginning of a new week, and that means a round up of some of the cyber security and data protection news headlines over the last 7 days! To learn more about each story, click the headings.

Activision Confirms Data Breach Exposing Employee and Game Info 21/02

Video game giant Activision has confirmed that it suffered a cyber breach in December 2022, during which threat actors gained access to their network after tricking an employee with an SMS phishing text. The development environment does not appear to have been affected, with Activision themselves stated that no source code or player details have been leaked, however reports are surfacing that the criminals managed to exfiltrate sensitive workplace documents, employee details including names, email addresses, phone numbers and salaries, and also the full release schedule up until November 2023. (Bleeping Computer)

Hackers Use Fake ChatGPT Apps to Push Windows and Android Malware 22/02

The rising popularity of OpenAI’s ChatGPT has led to cyber criminals pretending to offer the bot’s premium services for free as a way to distribute malware or redirect victims to phishing pages. One example, discovered by security researcher Dominic Alvieri, involved using a fake ChatGPT domain to infect users with an info-stealing malware. ChatGPT only operates under the ‘chat.openai.com’ domain, and does not have any mobile or desktop apps at present. Anything else claiming to be a ChatGPT product is fake and likely an attempt to scam or infect. (Bleeping Computer)

Dole Ransomware Attack Shuts Down Entire North American Production 24/02

Dole Food Company, one of the world’s largest producers and distributors of fresh fruit and vegetables, has suffered from a ransomware attack that has caused disruption to their operations. The cyber attack has forced Dole into shutting its North American production facilities, causing a lettuce supply shortage at US grocers and supermarkets. Dole state that they quickly contained the threat, shutting down their computer systems quickly after the ransomware was discovered, and are now working with third parties to remediate and secure their systems. It is unclear whether this attack will have a trickle down effect on their supply chain and despite assurances from Dole that the impact was limited, customers have been questioning why store shelves are empty of lettuce and salad kits. (Cyber News)

Dutch Police Arrest Three Ransomware Actors Extorting €2.5 Million (bleepingcomputer.com) 24/03

The Cyber Crime wing of the Amsterdam police has arrested three men between the ages of 18 and 21 for ransomware activity that has successfully extorted €2.5 million and targeted thousands of small and medium sized businesses worldwide. The three individuals have been charged with stealing sensitive data and demanding ransoms with their victims including online shops, software firms, and organisations connected to critical infrastructure, and with ransom demands ranging from €100,000 to €700,000 depending on the size of the targeted business. (Bleeping Computer)

Stanford University Discloses Data Breach Affecting PhD Applicants 24/03

Stanford University, one of the most prestigious higher education institutions in the US, has sent data breach notification letters to 897 individuals who submitted personal information to the graduate admissions in the Department of Economics. Due to a settings misconfiguration, a folder containing the 2022-23 admission files was made public on the department’s website which subsequently received two downloads and revealing applicant’s sensitive personal information. No financial or social security information was leaked, and Stanford state that there is currently no evidence that the exposed information has been misused. (Bleeping Computer)

State Sponsored Hackers Were in News Corp's Servers for Two Years 24/03

Media and publishing giant News Corp has reported that the criminals responsible for their January 2022 data breach had access to their systems for up to two years prior to the attack. The unauthorised users, linked to the Chinese State, accessed business documents and emails linked to a number of personnel accounts between February 2020 and January 2022. This headline follows a similar story that attackers targeting domain hosting giant GoDaddy had access to the company’s network for a number of years prior to the breach. (Zero Security)

Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's vital that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how we could protect your business!