The target: Capital One Bank
The take: Highly sensitive information of 106 million customers including: 140,000 Social Security numbers, 1 million Social Insurance Numbers for Canadian credit card customers, bank account numbers, credit card application data including scores, balances, limits and payment history, and some of transaction data.
The attack vector: A misconfigured firewall in Capital One’s AWS infrastructure allowed the attacker to clone data housed in cloud storage instances. The attacker employed VPN and anonymized browsing to execute the attack surreptitiously – but was ultimately found out when they bragged about the heist in public Slack channels. Capital One was notified of the breach via an e-mail tip with directions to a public Github repository where the attacker had archived some of the exfiltrated data.
The target: Over 17,000 websites using Amazon’s S3 public cloud storage.
The take: Credit Card payment information and personal data.
The attack vector: MageCart Group perpetrated the hacking campaign which methodically scanned and identified 17,000 unique, misconfigured Cloud Storage buckets. After locating an unsecured cloud storage server, they focused on JavaScript files which they then downloaded, added their card skimming script, and then reuploaded the now infected files.
The target: Bitpoint - A Tokyo based cryptocurrency exchange.
The take: 28 million USD total. 24 million were customer assets and 4 million were company assets. All of Bitpoint’s services are now suspended for customers.
The attack vector: Unauthorized access to its hot (stored/accessible online) wallet system through the mismanagement and compromise of user’s private keys. No breach of cold (offline storage) wallets were detected.
The target: The American Land Title Association (ALTA)
The take: Usernames and passwords of insurance agents, abstracters and underwriters.
The attack vector: A threat actor claiming to be an ethical hacker who claimed they had access to over 600 records. They also enacted a phishing campaign asking members to open a PDF listing the membership directory to confirm their information.
The target: The Georgia Institute of Technology, a public university headquartered in Atlanta
The take: The personal information of 1.3 million employees and students, including names, addresses, social security numbers and dates of birth.
The attack vector: Security failures in a web application allowed attackers to access the connected database and exfiltrate the contained data.
The target: Attunity, a company that manages and safeguards data.
The take: Passwords and network information about Attunity as well as emails and technology designs from some of its high-profile customers.
The attack vector: Attunity's cloud storage was improperly configured so the sensitive data was publicly visible in plain text. More than a terabyte of data was left unsecured on Amazon Web Services cloud-computer servers.
The target: Desjardins Group, a Quebec-based federation of credit unions.
The take: Personal information for more than 2.7 million individuals and more than 173,00 businesses, potentially including name, date of birth, social insurance number, address, phone number, e-mail address, and ‘details about banking habits’.
The attack vector: Desjardins announced that the breach was not the result of an external cyberattack, but was the result of ‘unauthorized and illegal use of its internal data by an employee who has since been fired.’.
The target: United States Customs and Border Security Protection, the largest federal law enforcement agency of the US Department of Homeland Security.
The take: Photos of the faces and license plates of almost 100,000 travellers to have entered and exited the US via a single (unnamed) land border entry port.
The attack vector: A ‘malicious cyberattack’ against federal contractor ‘Perceptics’ led to the images being made available on the dark web, along with other proprietary information.
The target: Quest Diagnostics, the largest blood testing provider in the US, and LabCorp, a leading health care diagnostics company.
The take: Almost 20 million patient records, including names, dates of birth, addresses, phone numbers, dates of service, providers, and balance information, including 200,000 credit card or bank account details.
The attack vector: American Medical Collection Agency, a third-party collections firm, reported that their web billing site had been breached as of Aug 1, 2018 through March 30, 2019, resulting in the theft of information held on behalf the entities for whom they provided collection services.
The target: Norway’s largest healthcare authority, Health South-East.
The take: Patient records and private health information for almost 3 million people.
The attack vector: Apparently focused on the health service’s relationship with Norway’s armed forces and the ‘Trident Juncture 18’ NATO exercise scheduled for October 2018, cybercriminals exploited legacy systems and substandard security to exfiltrate health data for almost half of Norway’s population. Reports indicate that as of June 2017, more than 1,200 of Health South-East’s endpoints were running the Windows XP operating system (which reached end-of-life in 2014).
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Prague
2nd Floor, The Park
V Parku 8
Chodov, Praha, 148 00
Czech Republic
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy