Here’s your weekly #databreach news roundup:
Twilio, CDCR, Plex, PLN, DESFA, Kiplepay, Westfield Fire Department EMS, and Signal.
Twilio
U.S. messaging giant Twilio has confirmed hackers also compromised the accounts of some Authy users as part of a wider breach of Twilio’s systems. Authy is Twilio’s two-factor authentication (2FA) app it acquired in 2015. @carlypage_ @TechCrunch https://t.co/egxx09k0NL
— DevaOnBreaches (@DevaOnBreaches) August 27, 2022
U.S. messaging giant Twilio has confirmed hackers also compromised the accounts of some Authy users as part of a wider breach of Twilio’s systems. Authy is Twilio’s two-factor authentication (2FA) app it acquired in 2015.
Twilio’s breach earlier this month, which saw malicious actors accessing the data of more than 100 Twilio customers after successfully phishing multiple employees, keeps growing in scale. Researchers this week linked the attack on Twilio and others to a wider phishing campaign by a hacking group dubbed “0ktapus,” which has stolen close to 10,000 employee credentials from at least 130 organizations since March.
Now, Twilio has confirmed that Authy users were also impacted by the breach.
Read more at : https://techcrunch.com/2022/08/26/twilio-breach-authy/
California Department of Corrections and Rehabilitation
In early 2022, the California Department of Corrections and Rehabilitation (CDCR) Information Technology (IT) professionals discovered a potential #databreach following routine maintenance on one of their information systems.https://t.co/6QgN13yb4K
— DevaOnBreaches (@DevaOnBreaches) August 25, 2022
In early 2022, the California Department of Corrections and Rehabilitation (CDCR) Information Technology (IT) professionals discovered a potential data breach following routine maintenance on one our information systems. The breach potentially included medical information on everyone who was tested for COVID-19 by the department from June 2020 through January 2022, including staff, visitors, and others. It did not include COVID testing information for the incarcerated population.
The breach also potentially included mental health information for the incarcerated population in the Mental Health Services Delivery System going as far back as 2008.
At this time and as a result of our forensic analysis, CDCR does not have any collaborating evidence which suggests the data exposed has been compromised or misused.
Despite this, CDCR is notifying potentially impacted people out of an abundance of caution so they may take any steps they think they need to do to protect themselves.
Plex
Streaming media platform Plex has confirmed a #databreach and is warning users to change their passwords.@zackwhittaker @TechCrunch https://t.co/jEY1bOxYwK
— DevaOnBreaches (@DevaOnBreaches) August 25, 2022
Streaming media platform Plex has confirmed a data breach and is warning users to change their passwords.
Plex said it discovered the compromise on Tuesday and found the intruder had accessed “a limited subset of data that includes emails, usernames, and encrypted passwords.” Plex vice-president of engineering Schuyler Ullman told TechCrunch that user account passwords are hashed — essentially scrambled in a way that makes them unreadable to humans — using the stronger bcrypt algorithm, and further protected by cryptographic concepts known as salting and peppering, which makes it far more difficult for attackers to unscramble stolen passwords.
Plex said credit card and payment data is not stored on its servers.
PLN
Two #databreach listings related to Indonesia surfaced at an online hacker marketplace recently. The first contained the private data of more than 17 million PLN customers, including their names, addresses, and power consumption. https://t.co/UjsqP27Tea
— DevaOnBreaches (@DevaOnBreaches) August 24, 2022
Indonesia is in the midst of yet another major data breach scandal, this time involving state utility firm PLN as well as numerous other companies based in the country.
Recently, two listings related to Indonesia surfaced at an online hacker marketplace. The first, the user claimed, contained the private data of more than 17 million PLN customers, including their names, addresses, and power consumption. The user did not specify an asking price for this breach.
DESFA
Greece's largest natural gas distributor DESFA confirmed on Saturday that they suffered a limited scope #databreach and IT system outage following a cyberattack. @billtoulas @BleepinComputer https://t.co/ThVaJePE5G
— DevaOnBreaches (@DevaOnBreaches) August 24, 2022
Greece’s largest natural gas distributor DESFA confirmed on Saturday that they suffered a limited scope data breach and IT system outage following a cyberattack.
In a public statement shared with local news outlets on Saturday, DESFA explained that hackers attempted to infiltrate its network but were thwarted by the quick response of its IT team.
Kiplepay
Kiplepay, an e-wallet service provider and a wholly-owned subsidiary of Green Packet, had informed its Kiple Visa Prepaid Card users via email of a potential #databreach through a third-party payment gateway provider.https://t.co/26wUPHdIvL
— DevaOnBreaches (@DevaOnBreaches) August 22, 2022
Kiplepay, an e-wallet service provider and a wholly-owned subsidiary of Green Packet, had informed its Kiple Visa Prepaid Card users via email of a potential data breach through a third-party payment gateway provider on 15th August 2022.
The customer communication was released following Bank Negara Malaysia’s (BNM) notification to the company which highlighted payment gateway provider iPay88’s potential data breach incident.
BNM had requested the company to notify affected cardholders of additional protective measures that are being taken to protect them against risks of fraudulent or unauthorised transactions that may arise from this incident.
Westfield Fire Department EMS
Anyone who has been transported by Westfield Fire Department EMS providers may have been exposed to identity theft following a #databreach, MassLive reported Wednesday.https://t.co/It1L7HRHZJ
— DevaOnBreaches (@DevaOnBreaches) August 20, 2022
Anyone who has been transported by Westfield Fire Department EMS providers may have been exposed to identity theft following a data breach, MassLive reported Wednesday.
The department uses Comstar Ambulance Billing.
Westfield Fire Chief Patrick Egloff said in a letter to residents that anyone in the area who has been transported may have gotten a legitimate letter from Comstar warning them of the breach possibly including their personal data.
Egloff said he did not know how many people may be affected.
“I know of people who are getting letters who haven’t used an ambulance in a couple years,” he said.
Signal
Signal has confirmed that a #databreach at verification partner Twillio exposed the phone numbers and SMS codes of roughly 1,900 users. @jonfingas @engadget https://t.co/7DX8NXEgi2
— DevaOnBreaches (@DevaOnBreaches) August 18, 2022
Signal’s reputation for secure messaging doesn’t make it completely invulnerable to hacking incidents. The company has confirmed that a data breach at verification partner Twillio exposed the phone numbers and SMS codes of roughly 1,900 users. As TechCrunch observed, the intruder could have either used the information to either identify Signal users or re-register their numbers to other devices.
The data has already been misused. The culprit searched for three phone numbers, and re-registered the account of one user. Signal doesn’t store chat histories or contacts online, so the breach shouldn’t have revealed other sensitive details.
