Tag: customer | Page 3

Hosting provider CloudNordic loses customer data in ransomware attack

August 27, 2023/in Internet Security

Danish cloud hosting provider CloudNordic ApS has been struck by a ransomware attack that resulted in most customer data being lost and its systems rendered unusable.

According to a statement on the company’s website, the ransomware attack took place on Aug. 18 local time, with those behind the attack shutting down all systems, including websites, email systems and customer support systems. In their words, the attack affected “everything” and “paralyzed CloudNordic completely.”

The attack occurred as the company moved servers from one data center to another. Despite the machines being moved being protected by security software, some of the machines were infected before the move, and when they were moved, they then infected the new data center. Unfortunately, the company had all of its internal systems in the new data center.

In this case, the ransomware spread via CloudNordic’s internal network, gaining access to central administration and backup systems. Via the backup system, the attackers then gained access to all storage, the replication backup system and the secondary backup system, encrypting data on every system it got to.

The form of ransomware was not disclosed, but regardless of its type, CloudNordic noted, it cannot and does not want to meet the ransom being demanded by the hackers. According to Danish media Wednesday, the attack has also affected hundreds of companies that used CloudNordic for their hosting.

“This is another example of cyber gangs strategically focusing on high-value targets like managed service providers where they can use data exfiltration to extort multiple organizations at once and increase the odds of ransom payment,” Darren Wiliams, founder and chief executive of ransomware protection company BlackFog Inc., told SiliconANGLE. “This means the aftermath of the attack will likely unfold over a prolonged period, similar to the MOVEit attacks.”

Kevin Kirkwood, deputy chief information systems officer at security intelligence firm LogRhythm Inc., noted that ransomware attacks continue to target businesses with substantial data.

“Effectively countering these cyberthreats demands thorough readiness and enterprises must adopt…

Source…

Hatch Bank says hackers used Fortra bug to steal 140,000 customer Social Security numbers

March 4, 2023/in Internet Security

Hatch Bank, a digital-first bank that provides infrastructure for fintech companies offering their own brand credit cards, confirmed hackers exploited a zero-day vulnerability in the company’s internal file transfer software that allowed access to thousands of customer Social Security numbers.

The vulnerability in Fortra’s GoAnywhere file-transfer software came to light on February 2 after security journalist Brian Krebs publicly shared details of Fortra’s security advisory because the tech company had put the advisory behind a login prompt.

The Clop ransomware gang claimed to have exploited the zero-day flaw, tracked as CVE-2023-0669, to steal data from more than 130 organizations. Community Health Systems, one of the largest healthcare providers in the United States, was the first victim to publicly disclose it had fallen victim to the zero-day bug. Hatch Bank, this week, became the second known victim.

In its data breach notification filed with Maine’s attorney general this week, Hatch Bank said that attackers exploited the vulnerability in its GoAnywhere system to steal the names and Social Security numbers of close to 140,000 customers, including 630 individuals based in Maine.

Hatch Bank said that while Fortra (previously known as HelpSystems) learned of the vulnerability in its GoAnywhere software on January 29, the tech company didn’t notify Hatch Bank until February 3 — one day after Krebs revealed news of the GoAnywhere flaw. It’s unclear if these incidents are linked and Fortra declined to answer TechCrunch’s questions.

The notification warned that hackers had unauthorized access to Hatch’s account from January 30 to January 31. “Hatch Bank immediately took steps to secure its files and then launched a diligent and comprehensive review of relevant files to determine the information that may have been impacted,” the bank said in a letter sent to impacted customers on Monday. The bank says that it has also notified federal law enforcement.

The bank says it’s providing those affected by the breach with access to free credit monitoring services. It also said it is working to implement unspecified “additional safeguards”…

Source…

Hackers steal 10 million customer details from JD Sports

January 30, 2023/in Computer Security

If you’ve purchased trainers from sports fashion retailer JD Sports in the past, your personal details could now be in the hands of hackers.

Customers of the UK high street retailer (as well as sister firms Millets, Blacks, Size?, Scotts, and Millets Sports) are being contacted with a warning that cybercriminals have accessed details of orders made between November 2018 and October 2020.

10 million people are thought to have been impacted by the security breach, which has put at risk customers’ names, addresses, email addresses, phone numbers, order details, and the final four digits of their payment cards.

An email sent by the firm to affected shoppers describes the exposed data as “limited” and underlines that full payment card details and passwords have not fallen into the hands of hackers.

However, it is clear that the information which has been stolen by hackers is enough for JD Sports customers to be targeted with bogus communications that could attempt to steal more information from shoppers.

Accordingly, the email goes on to warn of the risk that fraudsters might exploit the exposed data to send phishing emails, or send scam calls or text messages pretending to be JD Sports or the other affected brands:

While you do not need to take any specific action, please remain vigilant to fraud attempts and be alert for any suspicious emails, calls or texts which say they are from JD Sports or any of our Group brands. Avoid clicking on links in any unexpected emails or texts.

Bizarrely, some affected customers say that the warning email they have received from JD Sports is written in Portuguese or Spanish – which would be an admirable step by JD Sports if those customers actually spoke Portuguese or Spanish, but apparently, they do not.

Neil Greenhalgh, chief financial officer of JD Sports, extended an apology to customers saying that “protecting the data of our customers is an absolute priority for JD.”

The retailer says that it has contacted the Information Commissioner’s Office (ICO) about the security breach, and is working with external experts to conduct a review of its IT security.

Source…