Here are the top stories of recent weeks:
- AI Chatbot Startup Based in the United Kingdom Facing Backlash After Data Leak
- Nintendo Breach Shuts Down Portal and Affects Over 300k Accounts
- Ransomware Threat Actors Auctioning Victim Data on the Dark Web
- Recent Data Breach Affects National Railroad Passenger Corporation, Amtrak
- Malicious Self-Destructing Skimmer Steals Payment Card Information
Babylon Health, a telehealth startup valued in excess of $2 Billion, has suffered a data leak that enabled a user of the mobile app to access other patients’ video consultations. The company confirmed the breach, telling the BBC that a software error was the cause of the incident and went on to state that only a small number of users based in the UK were able to see other patients’ sessions. In all it claimed that three users were able to access other patients’ data, however, under UK and EU law health data is considered special category data--meaning the highest standard of data protection applies under the General Data Protection Regulation (GDPR).
During the month of April, over 160k Nintendo 3DS and Wii users were affected in a breach that exposed their personal information, including D.O.B, payment information, and email accounts. An investigation ensued after numerous complaints regarding unwarranted in-game purchases were reported. Nintendo is still trying to get to the bottom of how the parties gained access to the NNID info. It has been asking for users to submit feedback in an attempt to locate the source of the breach. In an updated statement, the company said another 140k accounts had been compromised. Nintendo said the number increased as a result of its ongoing investigation.
The cybercriminal group, REvil, began auctioning off sensitive data stolen from companies affected by its malicious software. This latest move by REvil may be just another tactic used by criminals to force victims to negotiate a ransom payment, however, researchers suggest that the threat actors may be desperate due to the unprecedented economic slowdown caused by the COVID-19 pandemic. Moreover, there is some evidence to suggest that recent global events have had a significant impact on ransomware payouts. By deploying a comprehensive security solution, organizations can enable remote access to critical data, without worrying about if and when they will be breached.
Although customer PII may have been compromised in the recent Amtrak data breach, the railroad company asserts that Social Security numbers, credit card information, and other financial data was not involved in the data leak. The attack vector involved was compromised usernames and passwords, which may suggest the use of credentials previously leaked or stolen, or the use of brute-force methods. At the moment there is no evidence that customer information has been exploited, such as through sales or identity fraud.
The Greenworks Tools website is the recent victim of a malicious script with self-cloaking capabilities, that was stealing customer payment card information and redirecting it to threat actors. According to publicly available data, Greenworks Tools recorded a steep increase in visitor traffic from 45,000 February to 350,000 on May 20. Customers from the U.S. that made a purchase since June 8 have been advised to contact their bank and cancel their payment card. Researchers have contacted the hardware company about the breach but apparently the script is still running.
To learn about cloud access security brokers (CASBs) and how they can protect your enterprise from data leakage, malware, and more, download the Top CASB Use Cases below.