week10-2022-min-min

Here’s your weekly #databreach news roundup:

Vodafone and Mercado Libre, Wightlink, Acro, Monongalia Health, Rosatom, Martı, Yandex, and Adafruit.

Vodafone and Mercado Libre

week10-2022-vodafone

The ransomware group that hit Samsung and Nvidia appears to have struck two new big-name targets in the tech sector: a South American e-commerce giant and a British telecom multinational.

Buenos Aires-based online marketplace MercadoLibre admitted in an SEC filing this week that source code and user data were accessed, although it did not reveal how.

“Although data from approximately 300,000 users (out of our nearly 140 million unique active users) was accessed, to date and according to our initial analysis, we have not found any evidence that our infrastructure systems have been compromised or that any users’ passwords, account balances, investments, financial information or credit card information were obtained. We are taking strict measures to prevent further incidents,” it said.

Separately, Vodafone is reportedly investigating claims that internal data was breached.

Wightlink

Wightlink have been writing to their customers this evening advising that their personal data has been breached

Wightlink say that on Monday, 7th February 2022 they discovered they were the victim of a criminal cyber-attack via unauthorised activity on their IT systems, which resulted in some customer personal information being accessed.

What has been compromised
They say their security experts have been carrying out extensive investigations and have now advised that the compromised data may include the following details for some customers:

  • first name
  • last name
  • bank account number
  • sort code
  • address
  • signature

Acro

THE WHAT? Japanese beauty e-tailer Acro has been hit by a third-party data breach, which exposed more than 100,000 payment cards across two of its four beauty product websites. 

THE DETAILS The hack took place on the Three Cosmetics domain as well as Amplitude, with data exposed by consumers that purchased items between 21st May, 2020 and 18th August, 2021. 

Stolen data included cardholder names, payment card numbers, dates of expiry and security codes, according to The Daily Swig. 

The breach has been reported to law enforcement and Japan’s Personal Information Protection Commission, with affected customers having been notified by Acro from 24th February. 

THE WHY? The attack is thought to have compromised a vulnerability in the payment processor’s systems. 

Acro has since apologized to consumers, urging people to monitor their financial statements for suspicious activity. 

Monongalia Health

March 03, 2022 – West Virginia-based health system Monongalia Health began notifying patients of a healthcare data breach that resulted in unauthorized access to protected health information (PHI). Just a few months ago, Monongalia fell victim to a phishing attack that also exposed PHI.

Mon Health discovered the second data security incident on December 18, 2021, when it detected unusual network activity. After the discovery, Mon Health disabled a “significant portion” of its IT network and initiated downtime procedures.

The breach did not involve Mon Health’s EHR systems. Still, it potentially exposed the names, addresses, Medicare claim numbers, Social Security numbers, birth dates, health insurance plan member ID numbers, dates of service, patient account numbers, medical information, and health plan enrollment status of some patients, providers, employees, and contractors.

Rosatom

The screenshots ATW has posted on Twitter indicate that the group has accessed Rosatom’s Allure Reports.

Heading such as “Clone RA,” “RosatomCareerSiteAutoTests” and “FirstTestProject” are clearly visible in the screenshot.

It’s not yet clear whether the breach will affect the daily operations of the company. However, the very fact that a company responsible for building and maintaining nuclear power plants has been breached could be unnerving for officials running it.

Martı

week10-2022-marti

The e-scooter ride-hailing app Martı has reported a data breach, with assesment ongoing on how many people were affected, Turkey’s data watchdog announced Saturday.

In its statement, the Personal Data Protection Board (KVKK) said that the company reported the breach in line with legal obligations.

Unauthorized people accessed Martı’s systems for data supervisor databases. The board and the company were notified of the breach by the controller, it added.

Yandex

Anonymous is back at it again, the hacking group claims to have breached into the Russian search giant Yandex.ru. network.

The Yandex data breach is suspected to have happened today, compromising Yandex’s network with 150K users data being leaked including password, mail details. This compromised data includes that of the verified user accounts as well.

Yandex N.V. is a MNC and a search giant for Russian and Russian-language users, providing 70+ internet-related products and services, including search and information services, mobile applications, transportation, e-commerce, navigation, and online advertising.

After anonymous claims Yandex data breach, their stolen data is made publicly available on the web now and is marked as New Text Document.txt with a size of 165.6 MB and fuckers Yandex accounts.zip with 1.14 MB as samples of evidence.

Adafruit

week10-2022-adafruit

Adafruit has disclosed a data leak that occurred due to a publicly-viewable GitHub repository.

The company suspects this could have allowed “unauthorized access” to information about certain users on or before 2019.

Based in New York City, Adafruit is a producer of open-source hardware components since 2005. The company designs, manufactures, and sells electronics products, tools, and accessories.