Skip to main content
News

Cyber News Rundown: TMX Finance discovers network left vulnerable for months

Cyber News Rundown: TMX Finance discovers network left vulnerable for months
Forum|alt.badge.img+7
  • Threat Research Analyst
  • 4 replies

Canadian lender TMX Finance announced that they discovered a breach in the middle of February that had left their network exposed to unfettered access since December. In other cybersecurity news, more than a dozen internal law enforcement agencies teamed up to take down the infamous dark web forum Genesis Market.

Record encryption speeds observed in new ransomware variant

During the investigation of a cybersecurity incident, researchers identified a new ransomware variant that uses intermittent encryption to encrypt an entire system at record speeds. The variant, dubbed ‘Rorschach’, shares many similarities with DarkSide ransomware and even uses an identical ransom note, though without any branding or threat actor organization claiming responsibility. Along with DarkSide, Rorschach has also cherry-picked a variety of highly effective features from a number of other ransomware families like LockBit and Babuk.

Digital marketplace leaks 600k customer records

An unsecured database was recently found that contains more than 600,000 records belonging to customers of the digital marketplace, Z2U. Within the database was an alarming amount of sensitive purchase details, screenshots of passports and other ID cards, and even customer support dashboard information on customer interactions. Fortunately, the database was properly secured within days of being contacted by the researcher who initially discovered the breach.

Genesis Marketplace taken down by law enforcement

With the combined efforts of more than a dozen international law enforcement agencies, the dark web sales forum ‘Genesis Market’ was taken offline, and 120 individuals have been arrested globally. Genesis Market was used mainly for nefarious reasons and offered a wide variety of tools and services for stealing information, deploying malware, or selling stolen data. Having operated since 2018, it is unclear if the FBI was able to detain the actual site operators or if they just rounded up individuals who had been active users or sellers on the site.

TMX Finance breach exposes millions of customers

Officials for the Canadian lender, TMX Finance and its subsidiaries, have confirmed that unknown threat actors had breached their network in December and had unlimited access to many systems until being discovered on February 13th. The breach includes all stored personal and financial information of more than 4.8 million personal loan customers, including tax data, bank account information, and social security numbers. TMX has offered a year of identity monitoring services to all affected customers, though they should remain on alert for any suspicious activity, as the exposed data is extremely sensitive.

Western Digital suffers network breach

Over the weekend, staff at Western Digital were forced to take several of their critical servers offline in response to some unauthorized activity on the network. Many of their customers are facing outages and an inability to access any cloud-stored data but were reassured that Western Digital was working with law enforcement to investigate the intrusion and promptly restore services. The overall extent of the breach is still unclear and could have far-reaching implications throughout the supply chain.

Did this help you find an answer to your question?

11 replies

TripleHelix
Moderator
Forum|alt.badge.img+63
  • Moderator
  • 8902 replies
  • April 7, 2023

Thanks Connor you always supply great information! 💯


ProTruckDriver
Moderator

Another great informative article. Thanks Connor.👍


Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54

Thank you Connor.


russell.harris
Popular Voice
Forum|alt.badge.img+5

Yet again a great article thanks @ConnorM 


kleinmat4103
Popular Voice
Forum|alt.badge.img+6
  • Popular Voice
  • 512 replies
  • April 7, 2023

Thanks again for the rundown @ConnorM!

 


tasystems
New Voice
Forum|alt.badge.img+8
  • New Voice
  • 156 replies
  • April 8, 2023

Western Digital suffering a breach… that one felt really weird as the hard drive manufacturer name is a brand that I have been familiar with since the whole computer malarky began all those years ago! And as for a new ransomeware variant now kicking around, time for me to do another security email update to clients to make them aware yet again.

These pieces of information really do make it easier to contact clients and make them aware that it’s not all just about talk and scaremongering, it’s real!

Thanks again @ConnorM for the information.


Robis
New Member
Forum|alt.badge.img+1
  • New Member
  • 74 replies
  • April 8, 2023

Thank You Connor


  • New Member
  • 3 replies
  • April 9, 2023

In a recent cyber news roundup, it was reported that TMX Finance, a consumer finance company in the United States, had discovered that their network had been left vulnerable for several months. The vulnerability was caused by a misconfiguration in a third-party security product, which allowed unauthorized access to sensitive data. The data included names, Social Security numbers, and financial information of customers.

According to the report, TMX Finance immediately launched an investigation and engaged a third-party cybersecurity firm to assist with the analysis. The company also notified law enforcement and regulatory authorities, as well as all affected customers.

TMX Finance has since taken steps to strengthen their cybersecurity measures, including implementing additional security controls, improving access controls, and enhancing their monitoring and detection capabilities.

This incident highlights the importance of regular security assessments and third-party vendor risk management. It also underscores the need for companies to have robust incident response plans in place to minimize the impact of a cyber attack or data breach. As cyber threats continue to evolve and become more sophisticated, it is crucial for companies to stay vigilant and proactive in their cybersecurity efforts.

 


Martin.1
Popular Voice
Forum|alt.badge.img+4
  • Popular Voice
  • 424 replies
  • April 11, 2023

@ConnorM  thank you for the post. As always, highly informative and appreciated. 


  • New Member
  • 9 replies
  • April 11, 2023

Another great informative article, Thank you Connor


Forum|alt.badge.img

Rally interesting update. Thanks you Connor.


Reply