Last week, officials for the City of Augusta, Georgia have announced that the recent IT outages were the result of a ransomware attack by the BlackByte group. Shortly after the incident, a 10GB data trove was published to the BlackByte group’s leak site, with options to purchase or remove the data, with differing price tags. Ransomware attacks have been targeting cities with an increasing rate since the start of 2023, and with the pressure to restore normal functionality as quickly as possible, they tend to be highly lucrative victims.
Millions of Android devices infected by SpinOk trojan
Researchers have been tracking a new Android trojan, dubbed SpinOk, that can easily embed itself in innocuous apps and track a variety of information that is being sent or received by the device. The SpinOk module also offers several features that claim to provide services to the user but begins transmitting device data immediately and can hide its network activity while avoiding proxy settings. It is believed that the malicious SpinOk module was active in 101 apps, with over 420 million device installations, before the Google Play store was notified.
ABB suffers data breach
Over the weekend, officials for the industrial solutions provider ABB released a statement confirming they had fallen victim to a ransomware attack earlier this month, that may have compromised some sensitive internal data. While the company has returned to normal operation quickly, and their name is nowhere to be found on the ransomware group’s leak site, it is believed that they paid the demanded ransom to avoid any further disruption.
Misconfigured SimpleTire database exposes 2.8 million customer records
A security researcher recently found a non-password protected database belonging to the online tire retailer, SimpleTire, that contained over 2.8 million customer records. The researcher contacted the company to report his findings, but it took nearly 3 weeks before the database was properly secured. Beyond the company’s response time, it is unclear how long the database was publicly exposed for, or who may have had access to the contained data during that time.
MCNA Dental reveals major data breach
Nearly 3 months after first identifying some unauthorized activity on their internal network, officials for Managed Care of North America (MCNA) Dental have posted a notification to their website regarding a severe data breach. It is believed that the LockBit ransomware group was responsible, which was later confirmed when the group published the 700GB data trove to their dark web leak site, after failing to receive the $10 million ransom.
