Data on Millions of DriveSure Customers Exposed in Latest Breach
Upwards of three million US drivers who have registered with a service provider, DriveSure, may have had their data leaked in a breach that occurred back in December. Multiple databases containing personally identifiable information on millions of customers were uploaded to a dark web forum last month in a data dump that reached 22GB in size. The data contained within the exposed databases could lead to a massive boom in phishing attacks and other methods for compromising an individual’s identity.
CD Projekt Red Faces Ransomware Attack
The developers of Cyberpunk 2077, CD Projekt Red, have announced that they have suffered a ransomware attack that took several of their main systems offline. It is believed that amidst the cyberattack, the source code for the game Cyberpunk 2077 was amongst the data that was stolen by the attackers. The company has already confirmed that they won’t be paying the demanded ransom and will be working to restore their systems from backups, regardless of if the stolen data is eventually made public.
Egregor Ransomware Operators Arrested in Ukraine
After nearly a year of targeting predominantly French companies and organizations, law enforcement agencies from France and Ukraine have successfully taken down the operators of the Egregor ransomware group. Following these arrests, the dark websites for both Egregor’s payment and data leaks have been taken offline, but this also means any current victims are unable to pay a ransom or receive a decryptor for a paid ransom.
Australian Transport System Suffers Data Leak
Following the exploitation of Accellion's FTA software back in December, the systems for Transport for New South Wales (TfNSW) has found indications that their data was stolen in the zero-day attacks that targeted the End-of-Life file transfer software. While no client information was included in the leak, the TfNSW is working to contact those individuals that may have been involved to properly secure the servers used by Accellion. Sadly, this isn’t the first data breach to affect an NSW government agency in the last 12 months, with both Service NSW and the driver’s license database falling victim to cyberattacks.
California Stadium Suffers Cyberattack at the Hands of Ex-Employee
Nearly a month after being released from his job as the California Earthquake’s stadium concessions contractor, a former employee used his old administrator credentials to malicious access and alter internal data, causing major issues for the vendor. By deleting all the menu and pricing lists for the concession vendor in the middle of an Earthquake’s game, he disabled the company’s ability to process any credit card transactions, resulting in thousands in lost revenue and a massive distrust in the vendor’s capabilities amongst the public.