w13-2023

Here’s your weekly #databreach news roundup:​​​​​

Western Digital, TMX, VodafoneZiggo, , MSI, NCB Management Services, Crown Resorts, Meriton, Blue Shield, and Nordik Spa.

NCB Management Services

NCB Management Services

Nearly half a million people had their sensitive financial information leaked during a cyberattack on NCB Management Services – a company that purchases debt.

The Pennsylvania-based company sent out breach notification letters last week after discovering the attack on February 4.

In documents filed with Maine’s Attorney General, the company said 494,969 people had their names, addresses, phone numbers, email addresses, dates of birth, employment positions, pay amounts, driver’s license numbers, Social Security numbers, account numbers, credit card numbers, routing numbers, account balances, and account statuses leaked.

Crown Resorts

Crown Resorts, Australia’s largest gambling and entertainment company, has confirmed that it suffered a data breach after its GoAnywhere secure file-sharing server was breached using a zero-day vulnerability.

The Blackstone-owned company has an annual revenue that surpasses $8 billion and operates complexes in Melbourne, Perth, Sydney, Macau, and London.

This data breach was conducted by the Clop ransomware gang, which has shifted over the past year from encrypting files to performing data extortion attacks.

VodafoneZiggo

The personal data of approximately 700,000 VodafoneZiggo customers have leaked out due to a data breach, the company said on Wednesday. The telecom provider works with market research firm Blauw, which said a day earlier that someone outside the company gained access to the personal data because of a problem with one of the company’s software suppliers.

This mainly concerns data such as names and e-mail addresses, according to VodafoneZiggo. “We are still conducting further investigation. As far as we know, it does not concern bank details and passwords.” Scammers can use names and contact details as part of a phishing attempt, where they pose as someone else in emails or direct messages to steal sensitive information or passwords, for example.

Meriton

Property company Meriton has disclosed that nearly 36GB of data was exfiltrated in a January 14 cyber incident affecting its Meriton Suites business unit.

In an FAQ posted to its website, the company said it has notified nearly 1900 Meriton Suites staff and guests of the breach, and said they have “received tailored advice in respect to recommended steps that should be taken.”

The breach did not affect the company’s customer database, and the company said its investigation “has revealed no evidence that affected individuals have had their information misused.”

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Blue Shield

In a data breach disclosure filed with the Maine Attorney General’s office, U.S. healthcare giant Blue Shield of California confirmed more than 63,000 customers may have been affected by a recent ransomware attack.

TMX

TMX

TMX Finance and its subsidiaries TitleMax, TitleBucks, and InstaLoan have collectively disclosed a data breach that exposed the personal data of 4,822,580 customers.

TitleMax is a lending business operating 1,100 stores across the U.S., TitleBucks is a car title loans service, and InstaLoan is a fast-approval personal loan service for those with bad credit.

In a data breach notification letter sent yesterday to impacted individuals, the Canadian finance giant informs that hackers breached its systems in early December 2022 but did not detect the breach until February 13th, 2023.

Western Digital

Western Digital announced today that its network has been breached and an unauthorized party gained access to multiple company systems.

The California-based computer drive maker and provider of data storage services says in a press release that the network security incident was identified last Sunday, on March 26.

An investigation is in early stages and the company is coordinating efforts with law enforcement authorities.

Uber

uber

Uber has had more of its internal data stolen from a third party that suffered a security breach. This time, the personal info of the app’s drivers was swiped by miscreants from the IT systems of law firm Genova Burns.

In a letter [PDF] to affected drivers, the lawyers said they had looked into the intrusion, and had some bad news: “The investigation determined that information you provided to Uber, including your name and Social Security number and/or Tax Identification number, was among the impacted data.”

Uber did not respond to The Register‘s question about how many of its drivers had their records stolen.

Nordik Spa

Nordik Spa in Chelsea, Que. is warning customers about a major data breach involving its gift card system.

In an email to customers, Groupe Nordik says “an event” occurred with its gift certificate system that may have resulted in the access of personal information, including credit card information, by a non-authorized party.

“In late February 2023, we became aware of suspicious activity on our gift certificate system,” Nordik Spa said in the email Tuesday night.

“We then shut down the system and initiated a full investigation with an expert third-party firm. It is possible that your personal information was accessible when purchasing a gift certificate on the platform during the period of November 4, 2022 – February 27th, 2023.”

MSI

MSI

Following reports of a ransomware attack, Taiwanese PC vendor MSI (short for Micro-Star International) confirmed today that its network was breached in a cyberattack.

Earlier this week, the Money Message ransomware gang claimed to infiltrate some of MSI’s systems and stolen files that will be leaked online next week if the company refuses to pay a $4 million ransom.