Tag Archive for: breach

Fujitsu hack raises questions, after firm confirms customer data breach • Graham Cluley


Fujitsu hack raises questions, after firm confirms customer data breachFujitsu hack raises questions, after firm confirms customer data breach

Fujitsu has warned that cybercriminals may have stolen files with personal and customer data after it discovering malware on its computer systems.

The firm at the center of the British Post Office scandal, said in a Japanese press release that it had discovered the presence of malware on its computers, the potential theft of customer data, and apologised for any concern or inconvenience caused.

Fujitsu announcementFujitsu announcement
Announcement published on Fujitu’s Japanese website.

The press release (a Google-translated version can be read here), is somewhat scant on detail.

For instance:

  • Fujitsu doesn’t disclose the malware found, the number of affected computers, or the internal systems or databases accessed.
  • Fujitsu doesn’t specify the type of malware found – a remote access backdoor? ransomware? something else?
  • Fujitsu doesn’t share details about the stolen information, calling it “personal information and customer information.” For instance, does it include contact details, passwords, or payment information?
  • Fujitsu announced on Friday 15 March that it suffered a cyber attack, but didn’t specify when it was discovered or how long the hackers had access to its systems and data.

Fujitsu says it has reported the incident to regulators and will contact affected individuals and customers.

The company also says that it has not seen any reports of the potentially stolen information being misused. Statements like these are meant to reassure affected parties, but they don’t make you feel much more comfortable in reality.

An absence of evidence is not evidence of absence. How could a company ever confidently and honestly claim it has incontrovertible proof that exfiltrated data has not been exploited by malicious hackers and online fraudsters?

Sign up to our free newsletter.
Security news, advice, and tips.

In the past, there have been many incidents where data stolen in a hack has not immediately shown up, before appearing on the dark web months or even years later.


Source…

Greensboro College Experiences Bad Data Security Breach


Hackers who went after Greensboro College got some of the most valuable personal information hackers can get ­– Social Security numbers.

And, though the scope of the attack still isn’t completely clear, one sign that it was quite vast is that some of the stolen information involved a teacher who taught there a quarter of a century ago and has had no other relationship with the university since.

Greensboro College is now in the process of warning those affected by the security breach that happened in mid-2023.

Data theft victims have just received a letter stating: “Greensboro College is writing to notify you of a recent event that may affect the privacy of certain information related to you. This notice provides information about the event, our response, and resources available that we are offering at no cost to you to help protect your information from possible misuse, should you feel it appropriate to do so.”

The “What Happened?” section of the letter states that the college detected “potentially malicious activity” on some of its computer systems.

Once the college discovered the breach, college officials notified law enforcement agencies, and conducted an internal investigation to determine the extent of the problem. That investigation found that some computer systems were subject to unauthorized access between August 10, 2023 and August 21, 2023.

Some of the data stolen includes names and Social Security numbers.

The college completed its study in early February of 2024 and began sending out notices.

Greensboro College stated that it is now, “instituting additional technical safeguards and policies and procedures,” and added, “Our response to this event also included prompt reporting to law enforcement and notification to relevant state and federal regulators.”

Greensboro College is offering those affected access to 24 months of credit monitoring and identity theft protection services at no cost.

Source…

Roku Suffers Data Breach, Hackers Sell Credentials of Hundreds of 15,000 Stolen Accounts


Streaming platform Roku officially discloses hackers have successfully breached its systems to steal more than 15,000 customer accounts containing sensitive information. Hundreds of the accounts are reportedly being sold online as the breach has given hackers access to the owner’s stored credit card information to make illegal purchases.

With over 80 million active users, the firm reportedly disclosed the hack on Friday in documents it filed with the attorneys general of Maine and California. Fifteen thousand three hundred sixty-three accounts were compromised between December 28, 2023, and February 21, 2024, according to the papers.

The documents show that hackers gained access to the accounts by obtaining login credentials from other sources, instead of getting into Roku’s system. Using a hacking technique called a credential stuffing assault, threat actors gather credentials that have been made public in past data breaches and then try to use them to access other websites.  

DNA Testing Companies Adopt Two-Factor Authentication in Response to 23andMe Data Breach

(Photo : THOMAS SAMSON/AFP via Getty Images)
An agent of the operational center of the French National Cybersecurity Agency (ANSSI) checks datas on a computer in Paris on November 24, 2022.

According to the firm, once an account was compromised, threat actors were able to alter all of the user’s data, including passwords, email addresses, and shipping addresses.

Roku clarified, however, that the unauthorized actors who gained access to the impacted Roku accounts did not have dates of birth, social security numbers, complete payment account numbers, or any other kind of sensitive personal information that needed to be disclosed.  

This essentially locked the user out of the account, enabling threat actors to utilize the saved credit card information to make transactions without sending order confirmation emails to the actual account holder.

According to BleepingComputer, several threat actors are employing the Open Bullet 2 or SilverBullet cracking tools to carry out credential-stuffing assaults. With the help of these apps, hackers can import custom configuration files made specifically to carry out credential-stuffing attacks against particular…

Source…

Roku hackers breach 15,000 accounts and are selling them online


Hackers likely obtained account information exposed in previous data breaches of third-party services, Roku says. This kind of attack, called credential stuffing, involves hackers getting the emails and passwords exposed in data breaches and trying the combination on other services. Once they gained access to an account, Roku hackers changed the login information for some accounts, allowing them to gain full control.

If the account had stored credit card info, hackers could also purchase subscriptions within Roku for services such as Netflix, Max, Paramount Plus, Hulu, Peacock, Disney Plus, and others. Bleeping Computer also found that hackers are selling the stolen information for around 50 cents per account on a hacking marketplace.

One saving grace is that the Roku accounts didn’t reveal social security numbers, full payment account numbers, or dates of birth. Roku says it has since “secured the accounts from further unauthorized access” by asking affected users to reset their passwords. It’s also working to cancel and refund unauthorized purchases. Even if you weren’t affected by this data breach, it still might be worth checking HaveIBeenPwned to see if any of your credentials have been exposed recently. It also couldn’t hurt to change your Roku password.

Source…