w3-newsletter-2021

Here’s your weekly data breach news roundup:​

  • New Zealand’s central bank
  • Top gaming companies
  • Leading domain name registrar – Web.com
  • Belden
  • United Nations Environmental Programme (UNEP)
  • Ubiquiti networks
  •  European Union medical agency
  • SocialArk

New Zealand’s central bank

w3-2021-newsletter-newsland-centralbank

New Zealand’s central bank says that one of its data systems has been breached by an unidentified hacker who potentially accessed commercially and personally sensitive information.

A third-party file sharing service used by the Reserve Bank of New Zealand to share and store sensitive information was illegally accessed, the Wellington-based bank said in a statement.

Governor Adrian Orr said the breach has been contained. The bank’s core functions “remain sound and operational”, he said.

The system had been secured and taken offline until the bank completes its initial investigations. “It will take time to understand the full implications of this breach and we are working with system users whose information may have been accessed,” Orr said. The bank declined to answer emailed questions seeking more details.

Top gaming companies

Sensitive information pertaining to employees at some of the web’s most popular gaming companies is available to buy on the dark web, security researchers have discovered. 

Kela Research, an Israeli cybersecurity firm, found more than 500,000 leaked credentials connected to employees at leading gaming companies.

Leading domain name registrar - Web.com

Leading domain name registrar Web.com announced that it had discovered a data breach that likely involves millions of customer accounts. This massive exposure of account information did not contain credit card numbers, but is likely to lead to an explosion of phishing scams as the detailed personal information can be connected directly to websites and their owners.

The breach appears to have happened in late August of this year, and involved Web.com subsidiaries Register.com and Network Solutions, but was not discovered by internal security until the middle of October.

Web.com issued a statement indicating that standard contact information attached to a domain name registration was accessed by the intruder: full names, billing addresses, phone numbers, email addresses and information about the services the account holder is subscribed to. The company claimed that credit card information was encrypted and not compromised, but even without that the information that was leaked provides plenty of opportunity for phishing scams.

Belden

Belden disclosed a data breach, where the attackers stole files containing information about employees and business partners.

Belden is an American manufacturing company of networking, connectivity and cable products employing approximately 9,000 people.

A sophisticated attack took place that accessed servers that contained Personal Data of some current and former employees, as well as limited company information about its business partners.

“Our IT professionals were able to detect the unusual activity and believe we have stopped further unauthorised access of personal data on our servers,” stated the company.

Personal data stolen may include information as to names, birthdates, home addresses, email addresses, government-issued identification numbers (for example, national insurance / social security), Bank account details of North American employees on Belden payroll and other general employment-related information.

United Nations Environmental Programme (UNEP)

w3-2021-newsletter-unep

Researchers have responsibly disclosed a security vulnerability by exploiting which they could access over 100,000 private employee records of United Nations Environmental Programme (UNEP).

The data breach stemmed from exposed Git directories and credentials, which allowed the researchers to clone Git repositories and gather a large amount of personally identifiable information (PII) associated with UNEP employees.

Ethical hacking and security research group Sakura Samurai have now disclosed their findings on a vulnerability that let them access over 100,000 private records of United Nations Environment Programme (UNEP) employees.

Ubiquiti Networks

w3-2021-newsletter-ubiquiti

Networking equipment and IoT device vendor Ubiquiti Networks has sent out today notification emails to its customers informing them of a recent security breach.

“We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider,” Ubiquiti said in emails today.

The servers stored information pertaining to user profiles for account.ui.com, a web portal that Ubiquiti makes available to customers who bought one of its products.

The site is used to manage devices from a remote location and as a help and support portal.

According to Ubiquiti, the intruder accessed servers that stored data on UI.com users, such as names, email addresses, and salted and hashed passwords.

Home addresses and phone numbers may have also been exposed, but only if users decided to configure this information into the portal.

SocialArk

w1-2021-newsletter-socialarks

A cloud misconfig by SocialArks exposed 318 million records gleaned from Facebook, Instagram and LinkedIn.

More than 400GB of public and private profile data for 214 million social-media users from around the world has been exposed to the internet – including details for celebrities and social-media influencers in the U.S. and elsewhere.

The leak stems from a misconfigured ElasticSearch database owned by Chinese social-media management company SocialArks, which contained personally identifiable information (PII) from users of Facebook, Instagram, LinkedIn and other platforms, according to researchers at Safety Detectives.

The server was found to be publicly exposed without password protection or encryption during routine IP-address checks on potentially unsecured databases, researchers said. It contained more than 318 million records in total.

European Union medical agency

europeunionmedicineagency

Hackers have leaked the information they stole about the COVID-19 vaccines as part of a cyberattack targeting the European Union’s medical agency, the organisation has admitted.

The attack against the European Medicines Agency (EMA) was first disclosed last month and now it has been determined that those behind the hack gained access to information about coronavirus medicines.

“The ongoing investigation of the cyberattack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines belonging to third parties have been leaked on the internet. Necessary action is being taken by the law enforcement authorities,” the EMA said in a statement.