Recently, officials for the United Nations' International Civil Aviation Organization (ICAO) have revealed that their recruitment database was compromised, with hackers accessing nearly 42,000 data records. The threat actor behind this incident, NatoHub, has published a trove of 2GB to the known hacking forum, BreachForums, and allegedly contains recruitment application information spanning from April 2016 to July of 2024. It is unclear how the hacker was able to gain access to the database, but officials for ICAO have confirmed that no financial information was leaked, and no aviation-related systems have been affected.
Casio confirms data theft from October security incident
Following the announcement by the Underground ransomware group of a 205GB data breach from the electronics manufacturer, Casio, officials for the company have confirmed that sensitive data for nearly 6500 employees was exposed. It has also been revealed that 91 Casio customers were also affected, along with 1931 individual business partners, and personal data for 9 potential Casio employees. Casio officials believe this+ incident can be attributed to a phishing email with a malicious attachment that was opened by an unnamed employee.
Ransomware targets Richmond University Medical Center
As the investigation into the ransomware attack of the Richmond University Medical Center in New York concludes, it has been revealed that sensitive medical records for more than 670,000 patients may have been compromised. The initial attack occurred in May of 2023 and took investigators until December of 2024 to fully identify the extent of the breach, leaving the threat actors plenty of time to cause additional damage with the stolen data. Strangely, no ransomware group has claimed responsibility for this incident in the 18 months since the breach was first discovered.
NFL pro shop suffers payment card breach
Over 8,500 customers of the Green Bay Packers’ online retail shop have been affected by a data breach that occurred in September of last year. After identifying the system intrusion, NFL staff disabled the checkout and other payment card functionality as they investigated the incident and began informing all potential victims. The investigation revealed that some malicious code had been injected into the site, which allowed the threat actors to access payment details from a variety of payment options for nearly a month before the site was re-secured.
DDoS attack impacts Japan’s largest mobile carrier
At the end of the year, Japan’s largest mobile service operator, Docomo fell victim to a DDoS attack that caused nearly 12 hours of service disruption across the country. After resolving the incident, staff at Docomo worked to improve their resistance towards this type of attack and increase other security measures as well, since the company isn’t new to being a cybersecurity target. In late 2023, Docomo suffered a ransomware attack that demanded a $1 million ransom, though it is still unclear if the threat actors were able to exfiltrate any data.
