At the beginning of the week, luxury car maker, Ferrari released an official statement revealing that they had been contacted by an unknown threat actor that was demanding a ransom payment to stop the publishing of customer data. The company has confirmed that several of their internal systems had been compromised, leading to the exposure of some sensitive customer information, though the actual number of affected clients is still unknown.
NBA warns fans of data breach
Officials for the NBA have begun contacting an undisclosed number of fans who may have had their personally identifiable information (PII) stolen during a security incident at a third-party email service. It is believed that an unauthorized user gained access to internal servers belonging to a third-party email service that facilitates communications between the NBA and fans who provided their contact information and was able to exfiltrate the information stored there. NBA officials have also confirmed that their systems remain unaffected and are alerting fans to remain vigilant for any potential phishing attempts.
Mispadu campaigns targets Latin American banks
Researchers have identified upwards of 20 unique Mispadu banking trojan campaigns that have been actively stealing banking credentials for thousands of Latin American banking customers. Over 90,000 credentials have been compromised from 17,595 unique websites which were affected by these campaigns, including several hundred government websites from Chile, Mexico, and Peru. Along with stealing banking credentials, Mispadu also creates a backdoor on any infected system, so threat actors can deploy additional malicious payloads.
Australian firm suffers data breach
Early last week, officials for the Australian intellectual property firm IPH discovered some unauthorized activity on their document management system, and the systems of two IPH affiliate firms. Officials for IPH have already begun an investigation into the incident and believe that a significant amount of sensitive client data was exposed, though they are still unclear on the overall extent of the breach.
LockBit claims ransomware attack on City of Oakland, California
Nearly a month after the City of Oakland, California fell victim to a ransomware attack, the LockBit ransomware group has created a post on their leak site that claims responsibility for the attack and threatens to publish all stolen data on April 10th. Strangely though, this statement from LockBit is at odds with another ransomware group, Play, who initially took responsibility for the incident and has already published 10GB of data belonging to the City of Oakland. Law enforcement investigations into this attack are still ongoing and will hopefully determine the real offender before LockBit releases their data trove.
