29 Dec
Table of Contents
Here’s your weekly data breach news roundup:
- Japanese game developer Koei Tecmo
- Microsoft cloud customers
- Jerusalem Municipality’s website
- Barcelona-based “social commerce” company 21 Buttons
- Now:Pensions
- NetGalley
- Vietnamese tech firm Innovative Solution for Healthcare (iSofH)
- Ledger
Koei Tecmo
Japanese game developer Koei Tecmo has disclosed a #databreach and taken their European and American websites offline after stolen data was posted to a hacker forum.
— DevaOnBreaches (@DevaOnBreaches) December 27, 2020
Koei Tecmo is famous for games, including Nioh 2, Hyrule Warriors, Dead or Alive, etc.https://t.co/Z1cbF9NKCQ
Japanese game developer Koei Tecmo has disclosed a data breach and taken their European and American websites offline after stolen data was posted to a hacker forum.
Koei Tecmo is known for its popular PC and console games, including Nioh 2, Hyrule Warriors, Atelier Ryza, Dead or Alive, etc.
On December 20th, a threat actor claimed to have hacked into the koeitecmoeurope.com website on December 18th through a spear-phishing campaign sent to an employee. As part of this attack, a forum database with 65,000 users was stolen, and the actor claims to have planted a web shell on the site for continued access.
Microsoft Cloud
Russian government hackers have compromised Microsoft cloud customers and stolen emails from at least one private-sector company, according to people familiar with the matter via a Microsoft corporate partner that handles cloud services.https://t.co/SrsZ7cL2jE
— DevaOnBreaches (@DevaOnBreaches) December 26, 2020
Jerusalem Municipality
A #databreach granting access to documents containing the personal information of hundreds of thousands of residents was found in the Jerusalem Municipality's website.https://t.co/q1F26h2WUk
— DevaOnBreaches (@DevaOnBreaches) December 25, 2020
A breach granting access to documents containing the personal information of hundreds of thousands of residents was found and repaired in the Jerusalem Municipality’s website, the tech website Geektime.
21 Buttons
Barcelona-based “social commerce” company 21 Buttons #databreach exposed 50 million files containing full names, postal codes, bank details, national ID numbers, PayPal email address and value of sales commissions.https://t.co/UDWKdOrXvw
— DevaOnBreaches (@DevaOnBreaches) December 25, 2020
A misconfigured cloud storage bucket has exposed the personal details of hundreds of social media influencers, potentially putting them at risk of fraud and harassment, according to researchers.
A team at vpnMentor discovered the AWS S3 bucket wide open with no encryption or password protection, back in early November. Action has apparently yet to be taken by the company responsible, Barcelona-based “social commerce” company 21 Buttons.
For a commission, influencers upload their photos to the firm’s app and link to the e-commerce stores where users can buy the clothes they’re wearing.
According to vpnMentor, the firm has around two million monthly active users and partnerships with many of the biggest brands in Europe.
Of the 50 million files exposed in the snafu, which were mainly influencer photos and videos, the research team discovered hundreds of invoices said to relate to payments made to these social media stars.
Now:Pensions
About 30,000 customers of Now:Pensions #databreach at the pensions provider led to their sensitive personal details including names, postal and email addresses, birth dates and National Insurance numbers all appeared in a public forum online.https://t.co/IcnTSjBHqs
— DevaOnBreaches (@DevaOnBreaches) December 25, 2020
About 30,000 customers of Now:Pensions face an anxious Christmas after a serious data breach at the pensions provider led to their sensitive personal details being posted on the internet.
In an email sent to affected customers, the workplace pensions firm warned that names, postal and email addresses, birth dates and National Insurance numbers all appeared in a public forum online.
The company, which manages auto-enrolled and other workplace pensions for 1.8 million workers, said that less than 2% of its customers had been caught up in the incident.
It said the customers’ data had been obtained “by an unknown third party” and blamed the breach, which happened between 11 and 14 December, on an outside contractor.
NetGalley
NetGalley – a website that gives book reviewers pre-release access to new titles – has warned users about a data breach that may have exposed mailing addresses, phone numbers, dates of birth, company names, and Kindle email addresses.#databreachhttps://t.co/2mOnqx31jM
— DevaOnBreaches (@DevaOnBreaches) December 25, 2020
NetGalley – a website that gives book reviewers pre-release access to new titles – has warned users about a data breach that may have exposed their passwords and other personal data.
“What initially seemed like a simple defacement of our homepage has, with further investigation, resulted in the unauthorized and unlawful access to a backup file of the NetGalley database,” said the company in a data breach alert published yesterday (December 23).
Users logging in must now reset their passwords in order to access their NetGalley account.
Read more at : https://portswigger.net/daily-swig/netgalley-data-breach-publishing-industry-website-forces-password-reset-following-security-incident
Vietnamese firm Innovative Solution for Healthcare (iSofH
script async src="https://platform.twitter.com/widgets.js" charset="utf-8">Vietnamese tech firm Innovative Solution for Healthcare (iSofH) leaked 12 million records on patients including highly sensitive diagnoses exposing a 4GB database of 12 million records, affecting roughly 80,000 patients and healthcare staff.#databreachhttps://t.co/myMDDBSX7j
— DevaOnBreaches (@DevaOnBreaches) December 25, 2020
A healthcare technology company leaked 12 million records on patients including highly sensitive diagnoses, before the exposed cloud server was struck by the infamous “meow” attacker, researchers have revealed.
A team at SafetyDetectives led by Anurag Sen discovered the leaky Elasticsearch server in late October after a routine IP address scan, although it’s unknown how long the data was exposed for before that.
It was traced back to Vietnamese tech firm Innovative Solution for Healthcare (iSofH), which provides software for electronic health records and hospital management to 18 medical facilities, including eight top-tier clinics.
As the server was left publicly exposed without encryption or password protection, the researchers were able to view a 4GB database of 12 million records, affecting roughly 80,000 patients and healthcare staff.
The data is a treasure trove for fraudsters, containing full names and dates of birth, postal and email addresses, phone numbers, passport details, credit card numbers, medical records and recent test results and diagnoses.
Ledger
Ledger's #databreach reportedly includes 1,075,382 email addresses from users subscribed to the Ledger newsletter, and 272,853 hardware wallet orders with information including email addresses, physical addresses, and phone numbers.https://t.co/k8E3uS64DF
— DevaOnBreaches (@DevaOnBreaches) December 21, 2020
The hacker that breached hardware wallet provider Ledger’s marketing database earlier this year has released personal data for thousands of users, prompting many to threaten the firm with a class-action lawsuit.
According to a tweet from network security firm Hudson Rock’s Alon Gal, a hacker allegedly behind the breach of personal data from hardware wallet Ledger in June has made all the information they obtained available online. This reportedly includes 1,075,382 email addresses from users subscribed to the Ledger newsletter, and 272,853 hardware wallet orders with information including email addresses, physical addresses, and phone numbers.