Late last week, an unaffiliated threat actor began publishing stolen data belonging to HCA Healthcare, one of the largest healthcare facility operators in the US. Upon further investigation, it has been confirmed that sensitive health records for over 11 million patients have been compromised and listed for sale, as HCA has chosen not to pay the demanded ransom. The stolen data could easily be used for nefarious purposes such as phishing attacks and other social engineering scams.
Former water plant employee charged with software tampering
A former employee of the Discovery Bay water treatment plant in California has been charged with remotely accessing the plant’s IT systems and uninstalling vital water management software. Shortly after his resignation in January of 2021, the individual used remote access software to infiltrate his former employer and make malicious changes to their operations. He has been charged with a single count of intentionally causing damage to a protected computer and could face up to 10 years in prison.
Bangladesh government website leaks data on millions of citizens
A researcher has recently discovered a prominent Bangladeshi government website has been leaking citizen data for an undetermined amount of time and could be setting up millions of citizens for identity theft frauds. Despite spending the last 3 weeks attempting to contact multiple Bangladeshi government agencies to properly secure the site, it is still unsecure and could be actively exploited by threat actors. The leaked information could easily be used to make changes to many different internal applications by threat actors who are disguised as a Bangladesh citizen.
Nickelodeon suffers internal data breach
Officials for Nickelodeon, the children’s tv network, have confirmed that they had fallen victim to a data breach in January that has leaked sensitive internal documents and other production resources. The company first identified some unauthorized access to their systems in January but successfully secured their network, though some information had already been stolen. It is believed that the stolen data does not contain any information on customers or employees and could be extremely old with a negligible impact on the company’s current operations.
Ukrainian diplomats targeted by BMW phishing campaign
At least 22 foreign embassies in Kyiv, Ukraine have been targeted by a new phishing campaign that is using the sale of a local BMW 5-series to compromise the email servers of foreign diplomats. This campaign began with threat actors discovering a legitimate flyer that was advertising the sale of the BMW from a known diplomat and used it to create a malicious flyer that could be used to lure other diplomats and cause further chaos. It is believed that the threat actors behind this campaign are a part of the Cozy Bear APT group, that has significant ties to the Russian government.
