Facebook
w35-2022-banner

Here’s your weekly #databreach news roundup:​​​

NATO, Samsung, Akasa Air, DoorDash, LastPass, Oklahoma Student Loan Authority (OSLA), ‘START’(start.ru), Sembcorp Marine, and Neopets.

Akasa Air

w35-2022-akasa

Akasa Air said on Sunday that personal information of its registered users pertaining to name, gender, email address and phone number may have been compromised due to a technical glitch. Though the carrier reported the incident to the government body Indian Computer Emergency Response Team (CERT-In), it said there was no “intentional hacking attempt”.

“At Akasa Air, system security and protection of customer information is paramount, and our focus is to always provide a secure and reliable customer experience. While extensive protocols are in place to prevent incidents of such nature, we have undertaken additional measures to ensure that the security of all our systems is even further enhanced,” said Anand Srinivasan, co-founder and chief information officer, Akasa Air.

NATO

w35-2022-nato

Nato is assessing the impact of a data breach of classified military documents being sold by a hacker group online.

The data includes blueprints of weapons being used by Nato allies in the Ukraine war.

Criminal hackers are selling the dossiers after stealing data linked to a major European weapons maker.

MBDA Missile Systems admitted its data was among the stash but claimed none of the classified files belong to the firm.

The pan-European company, which is headquartered in France, said its information was hacked from a compromised external hard drive, adding that it was cooperating with authorities in Italy, where the data breach took place.

It is understood investigations are centred around one of MBDA’s suppliers.

DoorDash

DoorDash said the personal information of some of its customers and delivery workers was compromised in a data breach that stemmed from a phishing attack against a company it does business with.

The stolen data included customer names, email addresses, delivery addresses and phone numbers. A smaller number of customers also had basic order data and partial payment card information stolen, according to a notice posted on the food delivery company’s website on Thursday. More-sensitive information, like full credit card numbers and account passwords, weren’t compromised, the notice said.

LastPass

w35-2022-LastPass

The breach itself actually happened two weeks before that, the company said, and involved attackers getting into the system where LastPass keeps the source code of its software.

From there, LastPass reported, the attackers “took portions of source code and some proprietary LastPass technical information.”

We didn’t write this incident up last week, because there didn’t seem to be a lot that we could add to the LastPass incident report – the crooks rifled through their proprietary source code and intellectual property, but apparently didn’t get at any customer or employee data.

In other words, we saw this as a deeply embarrassing PR issue for LastPass itself, given that the whole purpose of the company’s own product is to help customers keep their online accounts to themselves, but not as an incident that directly put customers’ online accounts at risk.

Oklahoma Student Loan Authority (OSLA)

Data for over 2.5 million individuals with student loans from Oklahoma Student Loan Authority (OSLA) and EdFinancial was exposed after hackers breached the systems of technology services provider Nelnet Servicing.

Technology services from Nelnet Servicing, including a web portal, are used by OSLA and EdFinancial to give online access students taking out a loan access to their loan accounts.

Sometime in June, unidentified intruders compromised Nelnet Servicing and stayed on  its systems until July 22. The hackers compromised the company’s network likely after exploiting a vulnerability.

About 2,501,324 individuals have been impacted by  the breach.

A sample notification letter to impacted parties sent to the Office of the Maine Attorney General as part of the data breach disclosure process, Nelnet Servicing has informed OSLA and EdFinancial, who are notifying their customers.

‘START’ (start.ru)

Russian media streaming platform ‘START’ (start.ru) has confirmed rumors of a data breach impacting millions of users.

The platform’s administrators shared that network intruders managed to steal a 2021 database from its systems and are now distributing samples online.

The stolen database contains email addresses, phone numbers, and usernames. START characterizes it as uninteresting to most cybercriminals as it can’t be used for taking over accounts.

Financial information, bank card data, browsing history, or user passwords have not been impacted because these details were not present in the database.

“We have already fixed the vulnerability, and access to our data is closed,” mentions the statement on Telegram.

Even though a global reset isn’t enforced by START, it is recommended that all users change their passwords.

Neopets

week35-2022-neopets

Neopets has released details about the recently disclosed data breach incident that exposed personal information of more than 69 million members.

Findings of the investigation launched on July 20, 2022 revealed that attackers had access to the Neopets IT systems from January 3, 2021 until July 19, 2022.

The company learned about the breach only after a hacker offered to sell a Neopets database for four bitcoins. 

The hacker claimed the database contained 460MB of source code and sensitive personal information for 69 million members.

Sembcorp Marine

Singapore’s Sembcorp Marine has discovered a discovered a cybersecurity incident where an unauthorised party accessed part of its IT network via third-party software.

Sembmarine has already established that certain personally identifiable information relating to some of its incoming, existing and former employees, as well as non-critical information relating to its operations were affected.

The contractor has contacted those impacted, and said it is committed to helping them manage all possible risks and take appropriate follow-up actions.

“We are mindful of the concerns of all affected parties and would like to assure all our stakeholders that information security and the privacy of all stakeholders are our top priorities,” the company said.

Sembmarine on Thursday said that it treats the incident seriousl” and “took immediate actions” to manage and mitigate any potential risks.

Samsung

w35-2022-samsung

Electronics giant Samsung has confirmed a data breach affecting customers’ personal information.

In a brief notice, Samsung said it discovered the security incident in late-July and that an “unauthorized third party acquired information from some of Samsung’s U.S. systems.” The company said it determined customer data was compromised on August 4.

Samsung said Social Security numbers and credit card numbers were not affected, but some customer information — name, contact and demographic information, date of birth, and product registration information — was taken.