Tag Archive for: Potentially

Authentication firm Okta says up to 366 customers potentially hit by hack

/in


By Raphael Satter

WASHINGTON (Reuters) – Hundreds of customers of digital authentication firm Okta Inc have possibly been affected by a security breach caused by a hacking group known as Lapsus$, the company said on Tuesday.

The breach has sparked concern since the cyber extortion gang posted what appeared to be internal screenshots from within the organization’s network roughly a day ago.

In a series of blog posts, Chief Security Officer David Bradbury said the “maximum potential impact” was to 366 customers whose data was accessed by an outside contractor, Sitel.

The contractor employed an engineer whose laptop the hackers had hijacked, he added.

The 366 number represented a “worst case scenario,” Bradbury cautioned, adding that, in any case, the hackers had been constrained in their range of possible actions.

Okta, based in San Francisco, helps employees of more than 15,000 organizations securely access their networks and applications, so a breach at the company could lead to serious consequences across the Internet.

Bradbury said the intrusion would not have given “god-like access” to the intruders as they would have been unable to perform actions such as downloading customer databases or accessing Okta’s source code.

Okta first got wind of the breach in January, he added, while the Miami-based Sitel Group only received a forensic report about the incident on March 10, giving Okta a summary of the findings a week later.

Bradbury said he was “greatly disappointed by the long period of time that transpired between our notification to Sitel and the issuance of the complete investigation report.”

Sitel did not immediately return a message seeking comment early on Wednesday.

(Reporting by Raphael Satter; Editing by Shri Navaratnam)

Source…

Hackers hit Broward Health network, potentially exposing data on 1.3M patients, staff

/in


Hackers breached the computer networks of Broward Health in October and may have accessed personal and financial information on more than 1.3 million patients and staff.

The southeast Florida health system, which operates more than 30 healthcare locations in Broward County, disclosed it was hit with a cyberattack on Oct. 15, 2021, when an intruder gained unauthorized access to the hospital’s network and patient data through a third-party medical provider, according to a statement posted to the health system’s website Saturday.

The health system said it discovered the intrusion four days later, on Oct. 19, and contained the incident, then notified the FBI and the Department of Justice (DOJ).

Broward Health said it waited months to notify victims and make the breach public because the DOJ told them to hold off on sending out breach notification letters to preserve an ongoing law enforcement investigation, the health system said.

RELATED: 2020 offered a ‘perfect storm’ for cybercriminals with ransomware attacks costing the industry $21B

The health system also immediately required a password reset for all employees and engaged an independent cybersecurity firm to conduct an investigation. Broward Health engaged an experienced data review specialist to conduct an extensive analysis of the data to determine what was impacted, which determined some patient and employee personal information may have been impacted. 

The hackers accessed names, birthdays, addresses, banking information, Social Security numbers, drivers’ license numbers, patient histories and treatment and diagnosis records, among other information, according to the health system.

The hospital system did not say how many people were involved, but a submission to the Maine attorney general’s office states that 1,357,879 people were affected. 

The information was removed from the hospital’s system, “however, there is no evidence the information was actually misused,” the health system said in its statement.

The incident did not appear to involve ransomware. Broward Health spokesperson Jennifer Smith told CNN in an email that the hackers did not make any ransom demand and that no ransom was paid.

RELATED: 

Source…

Samsung’s app store is home to potentially harmful apps

/in


Samsung's app store is home to potentially harmful apps

Samsung’s app marketplace Galaxy Store that comes pre-installed on its smartphones appears to be home to sketchy movie streaming apps, Android Police has found.
Several clones of the now-defunct Showbox movie streaming app being hosted on the Galaxy Store could be potentially dangerous. Per mobile security analyst linuxct, while these apps may not be harmful on their own, they appear to be armed with technology that may let them download and execute malware. 
The issue came to light when the outlet’s writer Max Weinbach discovered that at least five of the Showbox copycats were possibly malicious after warnings from Google’s Play Protect and this prompted the publication to conduct an investigation.

Analysis done through online virus and malware scanning service Virustotal showed that something is definitely fishy. Some of the apps also ask for excessive permissions, including access to call logs. 

The other issue is that Showbox had a reputation for being a pirate tool and there is little chance that the clones that are on the Galaxy Store are not infringing on copyrights. None of these apps can be found on Google’s Play Store. 

Since the Galaxy Store doesn’t show an install count, it’s hard to ascertain how many times the apps in question were downloaded, but for what it’s worth, they have received hundreds of reviews, with some mentioning the malware warnings.
Samsung is yet to comment on the findings. Thus, for now, it might be a better idea for Samsung phone users to only download apps from Google’s Play Store.

Source…

Chinese Ransomware Attacks Major Energy Network! Potentially Shutting Down Power for 3 Million Homes

/in


Chinese ransomware hackers attack the major energy network of CS Energy, which powers a whopping three million households in Australia.

Crypto Hackers Steal $120 Million After Hacking DeFi Site BadgerDAO

(Photo : by NICOLAS ASFOURI/AFP via Getty Images)
(FILES) In this file photo taken on August 04, 2020, Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, uses his computer at their office in Dongguan, China’s southern Guangdong province. – As the number of online devices surges and super-fast 5G connections roll out, record numbers of companies are offering up to seven-figure rewards to ethical hackers who can successfully attack their cybersecurity systems.

The cyberattack could have potentially shut down power to the millions of homes in the region, as per the report by News.com Australia.

Chinese Ransomware Attacks Major Energy Network

The CEO of CS Energy, Andrew Bills, said in a statement that the cyber attack against its major energy network is a worrying and “growing trend.”

The power firm attributed the massive cyber attack to hackers from China. However, it did not disclose any more details about the ransomware gang behind the incident.

Chinese Ransomware Potential Power Shut Down

The cyberattack believed to have been done by Chinese hackers could have taken out a whooping 3,500 megawatts of power from the two massive thermal coal plants in the region.

That said, the potential extent of the attack could have affected around 1.4 million to about three million homes.

Power Outage Avoided

According to the news story by 7News, the CEO of the energy firm further noted that the hacking incident did not result in any power outage due to the rapid response of its employees.

Bills said that “this incident may have affected our corporate network, but we are fortunate to have a resilient and highly skilled workforce.”

The CS Energy boss went on to praise the employees of his firm, noting that they worked the extra mile to ensure that Queenslanders will not experience any massive power outage.

The CEO added that the firm was able to “quickly contain this incident by segregating the corporate network from other internal networks,” including those from the Kogan Creek…

Source…