The Vice Society threat group has published data acquired during a breach of the University of Duisburg-Essen after the school refused to pay a demanded ransom. In other cybersecurity news, maritime software supplier DNV suffered a breach of their internal systems that has left roughly 1,000 ships operating at limited capacity.
Software vendor exposes Nissan customer data
Officials for Nissan North America announced that 18,000 of their US customers have had their information compromised due to a poorly secured database owned by a third-party software vendor. The investigation into the database breach revealed an initial security incident last June. Further digging identified that an unauthorized user had gained access to a significant amount of sensitive customer data. This breach continues the pattern of threat actors targeting car manufacturers through improperly configured servers and GitHub repositories.
Vice Society publishes data from University of Duisburg-Essen attack
Following the refusal by the University of Duisburg-Essen (UDE) to pay the ransom demanded from the November attack by the Vice Society, the threat group has begun publishing data that was stolen during their intrusion into the UDE systems. While the exact amount of stolen data is still unclear, officials are processing the data published on the Vice Society leak site to verify which students and staff have been affected.
Magecart targets Liquor Control Board of Ontario (LCBO)
Last week it was discovered that malicious code had been injected into the main website for the Liquor Control Board of Ontario (LCBO), which is Canada’s largest alcohol retailer. The code had been actively stealing payment card data for nearly a week. Segments of the injected code point towards the Magecart group being responsible for the attack and will be posting the stolen data for sale to a variety of web forums that specialize in the trafficking of identity and payment card information.
Ransomware attack on maritime supplier affects 1,000 active ships
Maritime software supplier DNV suffered a ransom attack on their internal network that forced staff to temporarily shut down their ShipManager system to avoid additional damage. While officials for DNV are still working to determine if any sensitive data was stolen during the attack, they have confirmed that impacted customers should still be able to use the offline functionalities of ShipManager until the incident has been resolved. It is believed that 70 customers of DNV are involved, which translates to 1,000 ships being unable to operate at full capacity.
Contractor breach exposes millions of Japanese insurance customers
After a data breach at an unnamed third-party vendor, about 2 million Japanese customers of both Aflac and Zurich insurance have had all their stored information compromised. The investigation into this breach has revealed that the threat actors used previously leaked credentials to hack into the third-party vendor, though the actual source of those credentials remains a mystery.
