Tag: Cyberattack | Page 24

Toronto feared 35,000 citizens’ data would be made public after cyberattack: documents

January 2, 2022/in Internet Security

The City of Toronto expected metadata concerning some 35,000 citizens to be posted on an online forum run by Eastern European cybercriminals after a data breach earlier this year — but ended up escaping the worst, new documents obtained by CTV News Toronto show.

Some six months after an internal city agency sounded the alarm in confidential documents, the information has yet to be shared publicly and the city says it never received a ransom request, leading some cybersecurity experts to wonder if the city escaped what has been described as a massive spree of cyberattacks.

“It looks like they failed. The silence is somewhat deafening,” said cybersecurity expert Claudiu Popa. “Maybe the attacker failed to get what they wanted and didn’t have the leverage to extort this particular victim.”

The attack on Toronto was one among thousands of remote, sometimes automated attacks seeking to get data, and then threaten to expose it or destroy it unless handsome sums are paid, often in digital currency.

Ontario’s Information and Privacy Commissioner says cybercriminals are increasingly targeting public agencies, warning breaches are up 151 per cent in 2021 — with 39 public institutions attacked this year in Ontario.

“Hackers are taking advantage of the current public health crisis, and cybersecurity incidents are on the rise,” a spokesperson for the agency said.

The City of Toronto threat assessment, obtained through a Freedom of Information request, describes the attack in January of 2021 as happening through a “zero day” weakness in the city’s Accellion file transfer system.

Hackers known as “CLOP” discovered the weakness in the file transfer system at that time and used it to exploit a large number of organizations, including the Region of Durham.

CTV News Toronto has already shown that those attackers gained and then posted health and schooling data of tens of thousands of individuals, as well as a video of the arrest of a young man by Toronto police on a Durham Region transit bus.

The document appears to link the Toronto attack for the first time publicly to CLOP, which is believed to be a network operating out of…

Source…

Another T-Mobile cyberattack reportedly exposed customer info and SIMs

December 28, 2021/in Mobile Security

T-Mobile has suffered another cyberattack after being rocked by a massive data breach in August. This time around, attackers accessed “a small number of” customers’ accounts, according to documents posted by The T-Mo Report.

According to the report, customers either fell victim to a SIM swapping attack (which could allow someone to bypass SMS-powered two-factor authentication), had personal plan information exposed, or both. The document shows that the customer proprietary network information that was viewed could’ve included customers’ billing account name, phone and account number, and info about their plan, including how many lines were attached to their account.

This summer, the carrier confirmed that a data breach exposed almost 50 million customers’ data, with the attacker accessing social security numbers, names, and dates of birth. (A person who claimed to be the hacker went on to call the company’s security practices “awful.”) The information reportedly exposed in December’s breach is less sensitive (and the documents say the customers who had their SIMs swapped have regained access), and is likely not as large in scope. We weren’t able to find widespread reports from customers that said they’d received notification letters.

T-Mobile is taking immediate steps to help protect all individuals who may be at risk from this cyberattack. If you have any questions, send us a DM and we can discuss steps to increase your account security. ^KenStone

— T-Mobile Help (@TMobileHelp) December 28, 2021

T-Mobile’s support account has seemingly confirmed that there was a breach, responding to people on Twitter to say that it’s taking “immediate action” to help individuals who were put at risk by the attack. The company didn’t immediately reply to The Verge’s request for comment.

Read original article here

Denial of responsibility! Verve Times is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If…

Source…

RSA 2016: Check Point Mobile Threat Prevention | Mobile Security

December 26, 2021/in Video

N.L. cyberattack update planned, experts question scarce information provided so far

November 9, 2021/in Computer Security

ST. JOHN’S, N.L. – Security experts say it’s strange for the Newfoundland and Labrador government to have released little information about a cybersecurity attack that has crippled its health-care system more than a week after the trouble was detected.

Premier Andrew Furey is scheduled to provide an update on the situation Tuesday afternoon, but government officials have so far refused to say what kind of an attack the province is facing and whether the hackers involved have asked for money. Outside experts say it has all the signs of a ransomware attack, in which hackers infiltrate an information technology network and demand payment in return for restoring access.

Brian Honan, the head of Ireland’s Computer Security Incident Response Team, said government representatives in that country were on national radio the morning after a similar attack was discovered last May, “telling people what happened, how it happened, what the impact would be.”

“They came up very early and said they would not be negotiating with criminals, they would not be paying the ransom demand and they will be looking to restore systems as quickly as possible,” Honan said in a recent interview.

People were worried about their private information being published by the hackers, and the government’s transparency helped them understand what to expect, he said.

The attack in Newfoundland and Labrador was first discovered Oct. 30, affecting what Health Minister John Haggie described as the “two brains” behind the provincial health network’s data centre. Without access to such things as basic email, diagnostic images and lab results, the eastern health authority — which includes several major hospitals in St. John’s — was left operating largely with pen and paper and running only emergency services.

Thousands of medical appointments have been cancelled, though the health authority has been able to resume some cancer care, such as chemotherapy and radiation.

Brett Callow, a threat analyst for Emsisoft, an international cybersecurity firm based in British Columbia, said there could be “very good reason” for the Newfoundland and Labrador to keep quiet, even 11 days after the attack was first…

Source…

Tag Archive for: Cyberattack