Cyber Security News Roundup – 6th March 2023

It's the beginning of a new week, and that means a round up of some of the cyber security and data protection news headlines over the last 7 days! To learn more about each story, click the headings.

Hacker leaks alleged Activision employee data on cybercrime forum 27/02

Threat actors behind the recent cyber attack on Activision have leaked the stolen employee information to hacking forums. Activision confirmed that the December 2022 breach occurred after an employee was tricked into providing their credentials via SMS phishing, and that no sensitive employee, player, or game data was stolen. This contradicts fresh reports that claim that the leaked information contained 19,444 unique records including full names, phone numbers, job titles, and email addresses. The appearance of this data on hacking forums increases the risk of Activision employees being targeted in further phishing campaigns. (Bleeping Computer)

LastPass: DevOps engineer hacked to steal password vault data in 2022 breach 27/02

LastPass has revealed more information about the cyber attack in which cyber criminals accessed and stole data from their AWS cloud storage servers over two months. The threat actors used stolen data from the previous August breach, information from a different data breach, and also installed a keylogger on a senior LastPass DevOps engineer's computer. This provided the criminals with access to LastPass' encrypted Amazon S3 buckets, which in turn allowed the threat actors to access a wide and varied amount of data that included development and source code repositories, internal scripts, internal documents, DevOps secrets. Cloud based storage backups that contained sensitive customer data were also stolen, however LastPass state that most of this data is completely encrypted. (Bleeping Computer)

Ransomware attack on US Marshals Service affects 'law enforcement sensitive information' 27/02

The US Marshals Service has been targeted by a successful ransomware attack that has affected a computer containing sensitive law enforcement information, including personal information relating to the targets of ongoing investigations. The US Justice Department has stated that this is a "major incident", significant enough that the Agency has to notify Congress. This is now the second significant cyber incident to have affected US federal law enforcement in February, following a breach that forced the FBI to contain malicious activity on it's own network earlier in the month. (CNN)

Dish Network confirms ransomware attack behind multi-day outage 28/02

American satellite dish and tv provider Dish has recently suffered from a ransomware attack that caused a multi-day network and service outage. The attack affected their website, app, Boost Mobile subsidiary and other networks also owned and operated by Dish network, also well as reportedly making their call centre's phone numbers unreachable. The Dish website is still only partially functional, with sources suggesting that the Black Basta ransomware operation is behind the attack. (Bleeping Computer)

WH Smith staff data hit by cyber-attack 02/03

WH Smith has suffered from a cyber attack which has seen sensitive data accessed, potentially including names, addresses, national insurance numbers, and the dates of birth of their current and former staff. According to WH Smith, their website, customer accounts and customer databases are not affected. The retailer, that employs 10,000 people across the UK, has launched an investigation and reported the breach to the relevant authorities, with the Information Commissioner's Office stating that it was aware of the incident.

Chick-fil-A confirms accounts hacked in months-long "automated" attack 02/03

American fast food chain Chick-fil-A has confirmed a cyber incident, in which customers' accounts were breached after a months long credential stuffing attack. Chick-fil-A first began investigating suspicious activity on their customer accounts in January,

Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's vital that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how we could protect your business!