Facebook
week21-2022-min

Here’s your weekly #databreach news roundup:​

General Motors, Illuminate Education, Scarborough Health Network (SHN), Nederlander Theatrical Corp, Zola, and National Registration Department (NRD) – Malaysia.

Illuminate Education

week21-2022-illuminateeducation

The breach of student data that occurred during a January 2022 cyberattack targeting Illuminate Education’s systems is now known to have impacted the nation’s second-largest school district, Los Angeles Unified with 430,000 students, which has notified state officials along with 24 other districts in California and one in Washington state.

The data breach notifications posted on the California Attorney General’s website in the past week by LAUSD, Ceres Unified School District with 14,000 students, and Riverside County Office of Education representing 23 districts and 431,000 students, mean that Illuminate Education’s data breach leaked the private information of well over 3 million students — and potentially several times that total.

The vast reach of the data breach will likely never be fully known because most state laws do not require public disclosure of data breaches; Illuminate has said in a statement that the data of current and former students was compromised at the impacted schools but declined to specify the total number of students impacted in multiple email communications with THE Journal.

Scarborough Health Network (SHN)

Canadian healthcare service provider Scarborough Health Network (SHN) has warned that a data breach may have exposed patient healthcare records.

In a breach notice, SHN explained that its IT staff noticed unusual activity on its systems on January 25.

After containing the problem and calling in help from external IT forensics experts, a subsequent investigation discovered that a “subset of data” on a number of SHN’s servers had been accessed by unauthorized parties.

Unnamed hackers were kicked off its systems by February 1, according to SHN. IT security controls and monitoring practices have been upgraded to guard against potential follow-up attacks.

Nederlander Theatrical Corp

week21-2022-nederlander

According to the recent notice provided to those who were impacted by the breach, Nederlander first detected a problem on November 21, 2021, when the company became aware of suspicious activity on its computer network. In response, Nederlander secured its systems and, with the assistance of third-party experts, launched an investigation into the incident.

The investigation confirmed that the company was indeed the victim of a cyberattack and that certain files on its network were subject to unauthorized access. Upon discovering that sensitive consumer data was contained in the files that were accessible to the unauthorized party, Nederlander Theatrical Corp. reviewed the affected files in hopes of determining exactly what information was compromised and to whom it belonged.

While the breached information varies depending on the individual, it may include your name and Social Security number. According to an official filing by Nederlander, the company believes that the breach affected the information of 14,318 individuals.

General Motors

week21-2022-generalmotors

General Motors suffered a hack that exposed a significant amount of sensitive personal information on car owners—names, addresses, phone numbers, locations, car mileage, and maintenance history.

The Detroit-based automaker revealed details of the incident in a breach disclosure filed with the California Attorney General’s Office on May 16. The disclosure explains that malicious login activity was detected on an unspecified number of GM online user accounts between April 11 and 29. Further investigation revealed that the company had been hit with a credential stuffing attack, which saw hackers infiltrate user accounts to steal customer reward points, which they then redeemed for gift cards. Credential stuffing is a rudimentary type of cyberattack that involves using lists of previously compromised login credentials to hack into online accounts. Such lists can be purchased with relative ease on the dark web.

Zola

Zola, a wedding planning startup that allows couples to create websites, budgets and gift registries, has confirmed that hackers gained access to user accounts but has denied a breach of its systems.

The incident first came to light over the weekend after Zola customers took to social media to report that their accounts had been hijacked. Some reported that hackers had depleted funds held in their Zola accounts, while others said they had thousands of dollars charged to their credit cards.

In a statement given to TechCrunch, Zola spokesperson Emily Forrest said that accounts had been breached as a result of a credential stuffing attack, where existing sets of exposed or breached usernames and passwords are used to access accounts on different websites that share the same set of credentials.“The vast majority of Zola couples were not impacted, but we are deeply apologetic to those who detected any irregular account activity,” Forrest said. “Our team acted as quickly as possible to protect our community of couples and guests, and we were able to block all attempted fraudulent transfers.”

National Registration Department (NRD) - Malaysia

week21-2022-nationregistration-malaysia

As millions of Malaysians are worried that their personal data could go into the wrong hands following an alleged data leak at the National Registration Department (NRD), the government has assured the public that the situation may not be as serious as it seems.

In fact, the Home Minister of Malaysia stated that the alleged data leak containing information of 22.5 million Malaysians is not from the NRD as there was a mechanism in place which could prove that the leaked information did not come from the department.

Local tech portal Amanz had initially reported that a database allegedly from the NRD about 160GB in size, was being sold for US$10,000 on the dark web. The data contained information on 22.5 million Malaysians born between 1940 and 2004.

This is not the first time the NRD has been breached.  Last year, a database of about 4 million Malaysians from the NRD also made its way to forums on the dark web and was sold on it.