28 Jun
Here’s your weekly #databreach news roundup:
UPS
Multinational shipping company UPS is alerting Canadian customers that some of their personal information might have been exposed via its online package look-up tools and abused in phishing attacks. #databreach @serghei @bleepingchttps://t.co/FUeSMzyjSl
— DevaOnBreaches (@DevaOnBreaches) June 22, 2023
UPS, a global shipping company, has notified its Canadian customers about a potential data breach. The company revealed that some personal information of customers may have been exposed through its online package tracking tools and used in phishing attacks. UPS initially disguised the breach notification as a warning about phishing, but it later became clear that the company had received reports of fraudulent text messages containing recipients’ names and addresses. UPS discovered that the attackers had used its package look-up tools between February 2022 and April 2023 to access delivery details and personal contact information. The company has taken measures to prevent further phishing attempts and is notifying affected individuals. The phishing attacks have affected UPS customers worldwide, with the threat actors impersonating shipments from companies like LEGO and Apple.
BreachForums
BreachForums disclosed that the #databreach was carried out by a rival hacker forum, which exploited a zero-day vulnerability in MyBB, the free and open source forum software.https://t.co/Y4AYE1SFUj
— DevaOnBreaches (@DevaOnBreaches) June 20, 2023
BreachForums, an online forum involved in the trade of stolen data, has experienced a data breach after being revived by the ShinyHunters hacker group. The breach exposed personal information of over 4,000 registered members. The hackers behind the breach, a rival forum called OnniForums, exploited a zero-day vulnerability in the forum software, MyBB. The administrator of BreachForums confirmed the breach and urged members to reset their passwords. Tweets from OnniForums claimed responsibility for the attack and revealed their involvement in breaching another hacker forum. The leaked data includes login keys, usernames, email addresses, IP addresses, password hashes, and other details. The breach has significant implications for cybercriminals, potentially exposing their identities and activities to law enforcement and undermining their reputation and trust within the hacking community. It also provides valuable insights for cybersecurity professionals to strengthen defenses against cybercriminal tactics.
The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company.
— DevaOnBreaches (@DevaOnBreaches) June 18, 2023
This is getting even more interesting considering the current situation at Reddit. https://t.co/69hFjLoAJ1
The BlackCat ransomware gang has claimed responsibility for a cyberattack on Reddit in February, stating that they stole 80GB of data from the company. The attack occurred after an employee fell victim to a phishing attack, allowing the threat actors to gain access to internal documents, source code, and employee data. Reddit clarified that its production systems were not breached, and user passwords, accounts, and credit card information were unaffected. The BlackCat gang demanded $4.5 million from Reddit to delete the stolen data but threatened to leak it when their demands were not met. This incident is linked to a similar attack on Western Digital in March, where the same group caused a significant outage to the company’s cloud service.
Shell
Oil giant Shell said it is investigating after a security researcher found an exposed internal database spilling the personal information of drivers who use the company’s electric vehicle charging stations. @TechCrunch @zackwhittakerhttps://t.co/oonEfOuQvO
— DevaOnBreaches (@DevaOnBreaches) June 11, 2023
Oil company Shell is conducting an investigation after a security researcher discovered an exposed internal database containing the personal information of drivers using the company’s electric vehicle (EV) charging stations. The database, hosted on Amazon’s cloud, was accessible without a password and contained millions of logs, including details about customers, fleet operators, and the locations of the charging stations. The information exposed included names, email addresses, phone numbers, and vehicle identification numbers (VINs). It is unclear how long the database was accessible, but Shell has taken steps to address the issue and is investigating the incident. The security researcher, Anurag Sen, previously discovered exposed data from other companies, including Amazon and U.S. military emails.
R&B Corporation of Virginia
Social Security numbers (SSNs) of over 300,000 US residents have been exposed to a #databreach that occurred at R&B Corporation of Virginia, also known as Credit Control Corporation. @lapienyte @CyberNewshttps://t.co/gIcw1S7P86
— DevaOnBreaches (@DevaOnBreaches) June 15, 2023
A breach at R&B Corporation of Virginia, a debt collection service provider also known as Credit Control Corporation, has exposed the Social Security numbers (SSNs) of over 300,000 U.S. residents. The breach was initially disclosed to the Maine Attorney General in May after the company detected unusual activity on its networks in March. Personal information including names, SSNs, and in some cases, driver’s license numbers, were copied by an unauthorized party. The breach impacted individuals associated with various U.S. health institutions, with the total number of affected individuals being 286,699 according to R&B Corporation. However, a filing with the U.S. Department of Health and Human Services revealed that the breach affected 345,523 individuals, and the list of impacted healthcare providers was twice as long as initially reported.