week11-2023

Here’s your weekly #databreach news roundup:​​​​​

National Basketball Association (NBA), Hitachi Energy, Latitude Financial, Healthcare provider (ILS), Skoda Auto India, Rubrik, and Zoll Medical.

National Basketball Association(NBA)

National Basketball Association

The NBA (National Basketball Association) is notifying fans of a data breach after some of their personal information, “held” by a third-party newsletter service, was stolen.

The NBA is a global sports and media organization that manages five professional sports leagues, including the NBA, WNBA, Basketball Africa League, NBA G League, and NBA 2K League.

NBA programming and games are broadcasted worldwide, in over 215 countries and territories, spanning over 50 languages.

In “Notice of Cybersecurity Incident” emails sent to an unknown number of fans, NBA says its systems were not breached, and the affected fans’ credentials were not impacted in this incident. However, some fans’ personal information was stolen.

Hitachi Energy

Hitachi Energy

Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a GoAnyway zero-day vulnerability.

Hitachi Energy is a department of Japanese engineering and technology giant Hitachi focused on energy solutions and power systems. It has an annual revenue of $10 billion.

The attack was made possible by exploiting a zero-day vulnerability in the Fortra GoAnywhere MFT (Managed File Transfer), first disclosed on February 3, 2023, and now tracked as CVE-2023-0669.

“We recently learned that a third-party software provider called FORTRA GoAnywhere MFT (Managed File Transfer) was the victim of an attack by the CLOP ransomware group that could have resulted in an unauthorized access to employee data in some countries,” Hitachi said in a press statement.

Latitude Financial

Latitude Financial

Latitude Financial has revealed a cyber attack and data breach that impacts approximately 225,000 customers, including unauthorised access to just shy of 100,000 copies of driver’s licences.

The financial services company, which offers loans, insurance and digital payment products, entered a trading halt on the Australian Securities Exchange this morning.

The company said that “unusual activity” was detected on systems; it said the activity “is believed to have originated from a major vendor” it engages.

The attacker obtained Latitude employee login credentials before the incident was isolated, the company said [pdf], and that allowed them to “steal personal information that was held by two other service providers”.

Healthcare provider (ILS)

Independent Living Systems (ILS), a Miami-based healthcare administration and managed care solutions provider, suffered a data breach that exposed the personal information of 4,226,508 individuals.

The number of impacted individuals makes this the largest data breach in the healthcare sector disclosed this year.

According to the notification submitted to the Office of the Maine Attorney General, the company discovered that its network was hacked on July 5, 2022.

During the subsequent investigation, the firm discovered that the perpetrators had access to ILS systems between June 30 and July 5, 2022, and had access to the data during that time.

 

Skoda Auto India

The Czech automaker Skoda Auto’s Indian website that has allegedly been compromised. An unknown user claims access to over 20 databases from the official website of the car maker – Skodalive.co.in. The leaker has posted this on a popular underground hacker forum infamous for the sale and purchase of leaked data.

The user says, “will provide access for a small fee.” and that the data has been, “Acquired privately”. The alleged data leak includes personal information of over 50,000 Skoda Auto’s Indian customers, in addition to leads used for marketing. The website skodalive.co.in now shows a Windows IIS server page, and leads to Microsoft’s IIS server deployment page.

Rubrik

Cybersecurity company Rubrik has confirmed that its data was stolen using a zero-day vulnerability in the Fortra GoAnywhere secure file transfer platform.

Rubrik is a cloud data management service that offers enterprise data backup and recovery services and disaster recovery solutions.

In a statement from Rubrik CISO Michael Mestrovichon, the company disclosed that they were victims of a large-scale attack against GoAnywhere MFT devices worldwide using a zero-day vulnerability.

GoAnywhere is a secure web file transfer solution that allows companies to securely transfer encrypted files with their partners while keeping detailed audit logs of who accessed the files.

Rubrik says the breach was contained in a non-production IT testing environment, and no customer data was impacted.

Zoll Medical

Medical device and software maker Zoll Medical says the personal and health information of more than a million people, including patients and employees, may have been stolen by crooks in January.

In documents submitted to officials in US states, and letters sent out to those people affected, Zoll said that on January 28 the biz detected “unusual activity” on its internal network and confirmed an intrusion on February 2.

The data that could have been pored over or exfiltrated includes the names, addresses, birth dates, and Social Security numbers of current and former employees and patients, they wrote in a March 10 letter which is included in the state filings. In addition, miscreants seeing this information may be able to infer that some of those people either used or considered using a Zoll product, the LifeVest wearable cardioverter defibrillator.