Cyber Security News Roundup – 5th June 2023

It's a new week, and that means a round up of some of the cyber security and data protection news headlines over the last 7 days! To learn more about each story, click the headings.

Toyota finds more misconfigured servers leaking customer info

31/5

Following recent reports that a misconfigured server had exposed the information of over 2.15 million Toyota users in Japan, the corporation has discovered another two misconfigured cloud services that have leaked customers’ personal information including names, email and physical addresses, and phone numbers for over 7 years. Toyota has not yet confirmed how many customers have been affected by the first leak, but the second, which contained less sensitive data, has impacted around 260,000. (Bleeping Computer)

US government legal firm Casepoint investigating data breach

2/6

Casepoint, a top US law firm with clients including the Department of Defense (DoD) and the Securities and Exchange Commission (SEC), is investigating a suspected cyberattack that has resulted in the theft of terabytes of sensitive data. Casepoint did not appear to deny reports that the ALPHV ransomware operation, linked to the Russian government, was behind the attack, with two terabytes of stolen data being posted on their leaks site. Some of this data reportedly belongs to the US government. Casepoint remain fully operational, after activating their incident response protocols and hiring external forensic experts to assist with investigations. (Tech Radar)

Burton Snowboards discloses data breach after February attack

2/6

Burton Snowboards customers have been notified of a data breach, after some of the snowboard manufacturer’s sensitive information was accessed or stolen during a “cyber incident”. Discovered on the 11^th of February, the attack caused a system outage and forced Burton to cancel online orders. In the notification letter sent to affected customers, Burton explained that the information in files that had potentially been stolen may include names, social security numbers, and financial account information. The manufacturer has reset passwords of affected accounts, alongside notifying the relevant regulators and law enforcement agencies and hiring external forensic experts to establish the nature of the breach and identify what information was affected. (Bleeping Computer)

Large Spanish bank confirms ransomware attack

4/6

One of Spain’s largest lenders, Globalcaja, managing over $4.6 billion in consumer loans and over 1,000 employees, has confirmed that it is dealing with a ransomware attack that has affected several offices. The attack has been claimed by the Play ransomware operation, with the group claiming to have stolen confidential private and personal data, business documents, passports, contracts, and more on their leaks site, adding a publication date of the 11^th of June. Globalcaja’s electronic banking and ATM services were not disrupted by the attack, with offices operating in “total normality” in these areas. The company is yet to respond to questions about whether or not it intends to pay the ransom, however is stressing that it is working hard to “normalise the situation” and is “prioritising security at all times”. (The Record)

Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's vital that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how we could protect your business!