Cybersecurity news headlines (Jun 1 – Jun 31)
June has been a worrying month in regards to data breaches. Three major companies, including one of the biggest sportswear manufacturers Adidas, have revealed that they have suffered data breaches, which resulted in customer data being accesses by unauthorized parties. Two South Korean cryptocurrency exchange services have reported hacks, which led to tens of millions of dollars stolen. In other news, Google and Facebook are accused of violating GDPR (again), and Kaspersky Lab halts cooperation with Europol following a controversial European Parliament vote.
Here are the cybersecurity news headlines (Jun 1 – Jun 31).
Online genealogy platform MyHeritage suffers data breach
An Israeli online genealogy platform MyHeritage revealed earlier this month that they suffered a data breach involving over 92 million of its users. The company was made aware of the incident by a security researcher, who found information of MyHeritage users on a third-party server. The company revealed the breach to its users the same day. The breach is believed to have taken place on October 26, 2017.
The company reassured users in a blog post that the only stolen information was email addresses and hashed passwords. Actual passwords were not part of the stolen information.
“MyHeritage does not store user passwords, but rather a one-way hash of each password, in which the hash key differs for each customer. This means that anyone gaining access to the hashed passwords does not have the actual passwords,” the blog post explains.
The same security researcher who informed the company of the breach reported that no additional data has been found on the server. MyHeritage also believes that the breach was limited to email addresses. Credit card information is not stored on MyHeritage, but on billing provides instead. And sensitive information (family trees and DNA data) is stored on different systems.
An investigation of the incident has been launched, and the company is introducing two-factor-authentication to provide an extra layer of security for its users. MyHeritage users are also strongly urged to change their passwords.
South Korean cryptocurrency exchange Bithumb hacked
It has been revealed that South Korean cryptocurrency exchange service Bithumb was victim of a hack, which resulted in 35 billion won ($31.5 million) worth of cryptocurrency stolen. Little details have been revealed about how the hack was carried out or even what cryptocurrency was stolen.
As soon as the company noticed the hack, it blocked users from withdrawals and transferred the majority of its funds to an offline wallet. They also warned users to temporarily not deposit funds or make payments.
Bithumb assures its users that it will compensate all affected users from its reserve funds.
This is the second time the crypto currency exchange suffered a hack. It also feel victim in 2017, when unknown amounts of Bitcoin and Ether were stolen.
Ticketmaster reveals security breach
Ticketmaster, a ticket sale and distribution company, has admitted to suffering a security breach, which may have resulted in hackers accessing personal information of customers. The security breach was noticed on June 23, 2018 and is believed to have affected less than 5% of Ticketmaster’s global customers. Affected users likely had their names, addresses, email addresses, telephone numbers, payment details as well Ticketmaster login details accessed by the hacker.
The company has put the blame on a third-party customer service chat application made by Inbenta Technologies. Such chat applications are used widely by various websites in order to make interactions with customers easier. Ticketmaster claims that they have discovered malware on the Inbenta Technologies customer support application hosted on their UK website, which led to the breach. The application was quickly disabled on the website.
However, Inbenta CEO Jordi Torras claims that the fault is not theirs.
Ticketmaster directly applied the script to its payments page, without notifying our team. Had we known that the customized script was being used this way, we would have advised against it, as it incurs greater risk for vulnerability. The attacker(s) located, modified, and used this script to extract the payment information of Ticketmaster customers processed between February and June 2018,” Torras says in the statement.
Affected customers have been emailed by Ticketmaster, and the company is offering 12 months of free identity monitoring services.
It has also been revealed that Monzo, a UK-based mobile bank, had warned Ticketmaster about the breach back in April. Monzo noticed the signs of the breach after 50 of their customers reported fraudulent transactions. The bank had alerted Ticketmaster, who said they would perform an internal investigation. According to Ticketmaster, the investigation showed no signs of any kind of breach.
Adidas reports data breach
Sportswear manufacturer Adidas revealed last week that they were victim of a data breach, which could have exposed personal information of customers who shopped via the US website. The breach was noticed earlier last week, when an unauthorized party claimed to have accessed personal information of Adidas customers. Not much additional information is available about the breach.
“According to the preliminary investigation, the limited data includes contact information, usernames and encrypted passwords. adidas has no reason to believe that any credit card or fitness information of those consumers was impacted,” Adidas Group stated.
Law enforcement agencies have been informed and brought in to help investigate the breach. In the meantime, customers are being alerted. According to various news outlets, there could be a few millions Adidas customers affected. They are being warned about sophisticated phishing attempts, and are advised to change passwords.
Another South Korean cryptocurrency exchange Coinrail hacked
Another South Korean cryptocurrency exchange announced a hack, in which tokens of Pundi X (NPXS), NPER (NPER), and Aston (ATX) ICOs (Initial Coin Offerings) were stolen. While the cryptocurrency exchange did not reveal the amount of funds stolen, it is believed that tokens worth around $40 million (at the time they were stolen) were taken.
Coinrail’s website has been in maintenance mode since the intrusion has been detected, and most of its cryptocurrency assets were moved to offline wallets. An investigation into the hack has been launched, and affected ICO companies are cooperating to freeze stolen tokens. Other cryptocurrency exchanges were also contacted to freeze the hacker’s addresses in which the stolen funds are kept.
Facebook and Google in hot waters over possible GDPR violations
The GDPR (General Data Protection Regulation) came into effect on 25 May, 2018, and it caused a lot confusion about new privacy settings. Companies that have users in Europe were forced to make changes to their privacy settings in order to give people more control over their information usage. But it seems Facebook and Google are having a hard time changing their ways.
The Norwegian Consumer Councils have published a lengthy report detailing how companies manipulate users into sharing information about themselves. Facebook and Google are being accused of using misleading privacy-intrusive default settings and misleading wording to manipulate users.
“Choices are worded to compel users to make certain choices, while key information is omitted or downplayed. None of them lets the user freely postpone decisions. Also, Facebook and Google threaten users with loss of functionality or deletion of the user account if the user does not choose the privacy intrusive option,” the report says.
According to the report, both Google and Facebook require many more steps to limit data collection, which influences users to leave settings as they are.
In addition to these accusations, an Austrian privacy advocate filled complaints against both Google and Facebook for these same reasons. The companies could be facing fines up to $24 million or 4% of their annual global turnover if they are found to be in violation of the new regulations.
European Parliament votes in favor of a controversial motion, Kaspersky stops cooperation with Europol as a result
Russian security firm Kaspersky Lab has been battling allegations of suspicious ties between the company and Russian intelligence agencies for a while now. After the US banned Kaspersky products from goverment agencies, it seems the EU are trying to do the same. The European Parliament has voted in favor of a motion that calls for member states to review software used in EU institutions, and ban programs that have been confirmed to be malicious. Kaspersky Lab is specifically mentioned in the motion as malicious software.
“Calls on the EU to perform a comprehensive review of software, IT and communications equipment and infrastructure used in the institutions in order to exclude potentially dangerous programmes and devices, and to ban the ones that have been confirmed as malicious, such as Kaspersky Lab, clause 76 reads.
Despite the EU document not having any legislative power, Kaspersky Lab has not taken to being called malicious well, and has halted its cooperation with Europol as a result.
“Today, the European Parliament voted on a report in which Polish representative, MEP Fotyga included an amendment referencing Kaspersky Lab which is based on untrue statements. Although this report has no legislative power it demonstrates a distinct lack of respect for the company which has been a firm friend of Europe in the fight against cybercrime . It is for that reason that Kaspersky Lab has taken the difficult decision to temporarily halt our numerous collaborative European cybercrime-fighting initiatives, including that with Europol, until we receive further official clarifications from the European Parliament,” a Kaspersky Lab representative said in a statement.
The halt in cooperation also includes NoMoreRansom, a project that has been very successful in helping people decrypt ransomware-encrypted files for free.
WiperSoft.com is not sponsored, affiliated, linked to or owned by malware developers or distributors that are referred to in this article. The article does NOT endorse or promote malicious programs. The intention behind it is to present useful information that will help users to detect and eliminate malware from their computer by using WiperSoft and/or the manual removal guide.
The article should only be used for educational purposes. If you follow the instructions provided in the article, you agree to be bound by this disclaimer. We do not guarantee that the article will aid you in completely removing the malware from your PC. Malicious programs are constantly developing, which is why it is not always easy or possible to clean the computer by using only the manual removal guide.