week46_2021-min-min

Here’s your weekly data breach news roundup:

Sky Routers, Utah Imaging Associates (UIA), Stripchat, California Pizza Kitchen, and Movistar.

Sky Routers

Sky, a U.K. broadband provider, left about 6 million customers’ underbellies exposed to attackers who could remotely sink their fangs into their home networks: a nice, soft attack surface left that way for nearly 18 months as the company tried to fix a DNS rebinding vulnerability in customers’ routers.

Pen Test Partners reported the problem to Sky Broadband – a broadband service offered by Sky UK in the United Kingdom – on May 11, 2020 … and then chased Sky for a repeatedly postponed update, the security firm said in a post.

The flaw could have affected customers who hadn’t changed the default admin password on their routers. As well, non-default credentials could have been brute-forced, according to Pen Test Partners. The vulnerability has now been fixed.

Utah Imaging Associates

week46_2021_utahimaging

Utah Imaging Associates (UIA), a Utah-based radiology center, has announced a data breach affecting 582,170 people after their personal information was exposed.

According to the data breach notification sent to affected individuals, the security incident was discovered on September 4, 2021, and was remediated on the same day.

However, the initial network infiltration happened on August 29, 2021, allowing the threat actors to explore UIA’s internal systems and potentially steal data for about a week.

The subsequent forensic investigation carried out with the help of a specialized third-party cybersecurity firm revealed that the unauthorized network intruder had access to the  personal information of patients.

Stripchat

A database containing the highly sensitive information on both users and models on the popular adult cam site Stripchat were discovered online, left completely unprotected. The data exposure puts models and users at risk of extortion, violence and more.

Stripchat is a popular site founded in 2016 and based in Cyprus that sells live access to nude models.

Volodymyr “Bob” Diachenko, head of security research Comparitech, reported that he discovered the database on an Elasticsearch cluster on Nov. 5. It contained about 200 million Stripchat records, he said, including 65 million user records containing email addresses, IP addresses, the amount in tips they gave to models, a timestamp of when the account was created and the last payment activity.

Another database contained about 421,000 records for the platform’s models, including their usernames, gender, studio IDs, tip menus and prices, live status and what is called their “strip score.”

It’s unclear if anyone with nefarious purposes managed to access it before it was secured on Nov. 7.

California Pizza Kitchen

week46_2021_californiapizzakitchen

Fast-casual pizza chain and frozen food disrupter California Pizza Kitchen reportedly suffered a data breach that exposed the Social Security numbers of over 100,000 current and former employees, according to a breach notification viewed by TechCrunch.

Though CPK didn’t specify the exact number of people affected in the note, a separate data breach notification filed with the Maine attorney general’s office put the figure at 103,767. Aside from Social Security numbers, the breach also exposed an unspecified number or names and other files. Gizmodo reached out to CPK for more details about the additional exposed materials but did not yet hear back.

The company claims it first noticed a disturbance to its systems on September 15 and took action quickly. However, it wasn’t until October 4 that the company claimed it was able to determine cybercriminals had gained access to its system.

Movistar

week46_2021_movistar

Movistar has suffered a security breach that has exposed “basic and identification data, contact details, as well as information about the products and services contracted with us” to which unauthorized third parties would have had access. This has been confirmed in a statement by the company itself.

Some clients of Movistar and O2 have received, in the last hours, SMS and emails from the operators, warning of the hack and informing users: “Hello, this is IMPORTANT. We have detected (and it has already been blocked) an access irregular to our systems from suspicious IPs. […] There is no evidence that said data has been exploited and there has been no access to billing data, or to the details of calls, or access passwords “, reads the message.