PayPal accounts breached in large-scale credential stuffing attack
PayPal is alerting its members and users about a data breach that may have led to the exposure of personal data for thousands of users who had their accounts accessed through credential stuffing attacks that occurred between December 6 and December 8, 2022. PayPal detected and mitigated the attack quickly and by December 20, 2022, could confirm that unauthorized third parties had logged into the accounts with valid credentials. PayPal representatives state that the attack was not due to a breach on its systems and has no evidence that the user credentials were obtained directly from them. Almost 35,000 users have been impacted by the incident, during which hackers had access to account holders’ full names, dates of birth, postal addresses, social security numbers, and individual tax identification numbers.
Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner
Yum! Brands, the operator of these names, along with The Habit Burger Grill fast-food restaurant chains, suffered a ransomware attack that resulted in the temporary closure of 300 locations in the United Kingdom. The impacted restaurants in the United Kingdom have since returned to normal operations. Yum! Brands has confirmed that data was stolen in the attack but sees no evidence that customer information has been exposed.
ODIN Intelligence hack exposes a huge trove of police raid files
A huge cache of data, including “detailed tactical plans for imminent police raids, confidential police reports with descriptions of alleged crimes and suspects, and a forensic extraction report detailing the contents of a suspect’s phone” were stolen from the internal servers of ODIN Intelligence, a tech company that provides apps and services to police departments. This followed a defacement of its website over the weekend. The group behind the breach said in a message left on ODIN’s website that it “hacked the company after its founder and chief executive Erik McCauley dismissed a report by Wired, which discovered the company’s flagship app SweepWizard, was insecure and spilling sensitive data about upcoming police operations to the open web.” The hackers also published the company’s AWS private keys and claimed to have “shredded” the company’s data and backups but not before exfiltrating gigabytes of data from ODIN’s systems.
Google parent Alphabet to cut 12,000 jobs
These cuts will affect 6% of the company’s workforce worldwide, in teams including in recruitment and engineering. This comes shortly after Microsoft announced the elimination of 10,000 jobs, and just weeks after Amazon announced 18,000 job cuts, along with similar announcements from Hewlett Packard and Salesforce. Daniel Ives of Wedbush Securities said “the layoffs highlight irresponsible spending across a sector basking in hypergrowth. “The reality is tech stalwarts over-hired at a pace that was unsustainable and now darker macro is forcing these layoffs across the tech space,” he said.
(BBC News)
Thanks to this week’s episode sponsor, SafeBase
Riot Games hacked, delays game patches after security breach
The video game developer and publisher of League of Legends and Valorant says it will delay game patches after its “development environment was compromised last week.” The publisher revealed the incident in a Twitter thread on Friday night and promised to keep customers updated. They blame the attack on social engineering, and added that the breach directly impacted its ability to publish patches for its games.
Cyberattack on Nunavut energy supplier limits company operations
The Qulliq Energy Corporation in Canada’s Nunavut territory has suffered a cyberattack that has crippled its administrative offices. Officials stated the attack started on January 15. Power plants are still operating normally, but computer systems at the corporation’s customer care and administrative offices are unavailable, and they company cannot accept bill payments through credit cards. Customers can still pay using cash or through bank transfers. The company is still trying to determine what information may have been stolen or accessed during the attack.
Rentokil pilots facial recognition system as way to exterminate rats
According to The Guardian, “the world’s largest pest control group is piloting the use of facial recognition software as a way to exterminate rats in people’s homes. Rentokil said it had been developing the technology alongside Vodafone for 18 months.” The technology tracks the rodents’ habits and streams real-time analysis using artificial intelligence. It is already being used in customers’ homes. Rentokil’s chief executive, Andy Ransom, told the Financial Times, “the technology will identify which rat has come back, where are they feeding, where are they sleeping, who’s causing the damage, which part of the building are they coming from, where are they getting into the building from, whether it’s the same rodent that caused the problem last week.”
Last week in ransomware
Last week, the US and France conducted a law enforcement operation where they seized the domain and arrested the operator of the Bizlato crypto exchange for allegedly money laundering crypto proceeds generated from ransomware and illegal drug transaction. Also last week, Vice Society ransomware leaked the data for University of Duisburg-Essen (UDE), shipping software supplier DNV suffered an attack that impacted the ship management software of 1,000 vessels, the Los Angeles Unified School District confirmed that SSNs were stolen in last year’s ransomware attack. In the good news column, Avast released a free decryptor for the BianLian ransomware and reports from both Chainalysis and Coveware illustrate that ransomware payments dropped approximately 40% in 2022 as companies refuse to pay and the enterprise invests in stronger security and better backups.