The Target: Ticketmaster, the world’s leading online ticketing platform owned by Live Nation.
The Take: The stolen data trove reportedly includes names, addresses, phone numbers, and partial credit card information.
The Vector: While the specific circumstances of the breaches—including exactly what information was stolen and how it was accessed—remain unclear, the incidents may be linked to attacks against company accounts with cloud hosting provider Snowflake.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
The Target: Cencora, formerly AmerisourceBergen, is a pharmaceutical services provider specializing in drug distribution, specialty pharmacy, consulting, and clinical trial support.
The Take: Cencora's internal investigation, which concluded on April 10, 2024, confirmed that the following information had been exposed: full name, address, health diagnosis, medications, and prescriptions.
The Vector: In February 2024, Cencora disclosed a data breach in a Form 8-K filing with the SEC, stating that unauthorized parties gained access to its information systems and exfiltrated personal data.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
The Target: Santander, the euro zone's second-biggest bank by market value.
The Take: The bank said in a statement that the data was from customers in Spain, Chile and Uruguay, as well as all current and some former employees. No data on transactions, nor any credentials that would allow to perform transactions were stored in the database, it said.
The Vector: The bank said it recently became aware of unauthorized access to one of its databases hosted by a third-party provider.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
The Target: Firstmac is a significant player in Australia's financial services industry, focusing primarily on mortgage lending, investment management, and securitization services.
The Take: From the investigation that followed, assisted by external cybersecurity experts, Firstmac determined that the following information was compromised: First name, Residential address, Email address, Phone number, Date of birth, External bank account information, Driver’s license number.
The Vector: Firstmac experienced a cyber incident where an unauthorised third party accessed a part of their IT system.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
The Target: University System of Georgia is a state government agency that operates 26 public colleges and universities in Georgia with over 340,000 students.
The Take: The cybercriminals accessed: Full or partial (last four digits) of Social Security Number, Date of Birth, Bank account number(s), Federal income tax documents with Tax ID number.
The Vector: The Clop ransomware gang leveraged a zero-day vulnerability in Progress Software MOVEit Secure File Transfer solution in late May 2023 to conduct a massive worldwide data theft campaign.
This breach is critical reminder that zero-day exploits do happen, and furthermore that patching software in a timely, effective manner is a key component of ensuring customer data is protected. Ensuring third-party vendors are deploying patches and fixes in accordance with a firm’s cybersecurity policy is an important step in an overall robust security posture.
The Target: The OWASP (Open Web Application Security Project) Foundation is a nonprofit organization focused on improving the security of software. It provides freely available resources, tools, and documentation to help organizations develop, deploy, and maintain secure software applications.
The Take: The incident impacted OWASP members from 2006 to around 2014 who provided their resumes as part of joining OWASP. Exposed resumes contained names, email addresses, phone numbers, physical addresses, and other personally identifiable information.
The Vector: In late February 2024, the Foundation received a few support requests and became aware of a misconfiguration of OWASP’s old Wiki web server. The misconfiguration led to a data breach involving old member resumes.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
The Target: Discord is an instant messaging and VoIP social platform which allows communication through voice calls, video calls, text messaging, and media and files.
The Take: Four billion public Discord messages which were publicly accessible and gathered from 14,201 servers, which are home to 627,914,396 users.
The Vector: Scraping is a method where automated tools extract information from a platform, such as Discord, by exploiting weaknesses in bots or unofficial apps’ access and interaction with the targeted platform.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection. Change your password, enable two-factor authentication and be mindful of sharing personal information or sensitive content within Discord chats, even on private servers.
The Target: Prisma Finance, a popular decentralized finance (DeFi) platform.
The Take: The Munchables blockchain-based game said it was attacked, and several security firms said about $62 million worth of cryptocurrency was stolen from the game. That incident was followed by another when a hacker stole about $11.6 million from Prisma Finance.
The Vector: The theft occurred as a result of a flash loan attack. Flash loan attacks involve hackers borrowing funds that do not require collateral, buying a significant amount of a cryptocurrency to artificially raise its price and then offloading the coins. The loan is paid back and the borrower keeps any profit. The report said that once the first person had exploited the vulnerability in the platform, two others copied the same method.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
The Target: The PandaBuy online shopping platform.
The Take: The data contained approximately 1.5 million unique UserIds, First Name, Last Name, Phone Numbers, Emails, and Login IPs.
The Vector: "The data was stolen by exploiting several critical vulnerabilities in the platform's API and other bugs were identified allowing access to the internal service of the website," the threat actor said.
This breach is critical reminder that zero-day exploits do happen, and furthermore that patching software in a timely, effective manner is a key component of ensuring customer data is protected. Ensuring third-party vendors are deploying patches and fixes in accordance with a firm’s cybersecurity policy is an important step in an overall robust security posture.
The Target: Prudential Insurance — one of the largest insurers in the United States.
The Take: The company said the names, addresses, driver's license numbers or ID cards of 36,545 were accessed.
The Vector: The company filed documents with the SEC on February 13 warning that a “cybercrime group” was able to access “administrative and user data from certain information technology systems and a small percentage of Company user accounts associated with employees and contractors.”
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Prague
2nd Floor, The Park
V Parku 8
Chodov, Praha, 148 00
Czech Republic
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy