The trial just concluded for a Californian accused of orchestrating a phishing campaign that defrauded the US Department of Defense of $23.5 million. In other cybersecurity news, Kellogg Community College is the latest higher education institution to fall victim to a cyberattack.
Nordic Hotels suffers data breach
Officials for Nordic Hotels & Resorts in Finland revealed that their booking systems were compromised during a February security incident and may have affected over 20,000 former guests who booked on the the hotel’s websites. The incident took place over several days in February, though it wasn’t identified or patched by IT staff until April 9. It is believed that 5 total hotels were affected, though officials have confirmed that only guest contact information was accessed, as the booking system didn’t store financial data.
Cyberattack takes down German car rental provider
IT staff for German-based car rental provider Sixt made the emergency decision to shut down most of their internal systems to prevent additional damage from a cyberattack. Customers who attempted to use their rental services were told to inquire via email, but any responses would be on a significant delay, and pick-up/drop-off of vehicles would be processed on paper forms. Sixt has reported the breach to the proper officials and is working with law enforcement to investigate the incident further.
Michigan college becomes a ransomware victim
Kellogg Community College in Michigan fell victim to a ransomware attack leaving college staff with no choice but to cancel classes on all five of their campuses until further notice. The attack was discovered on Friday and IT staff spent most of the weekend working to restore their systems from back-ups, which allowed the remaining staff to return by Tuesday with students returning later in the week.
Australian transport compromised in cyberattack
Transport for NSW in Australia revealed that the online application for the Authorized Inspection Scheme (AIS) had been breached during a cybersecurity incident. The attack exposed an unconfirmed number of completed vehicle inspection applications that contained extremely sensitive identifying information on NSW citizens. This is the second critical cybersecurity incident to impact Transport for NSW, as they were also affected by the Accellion exploit in December of 2019.
Californian arrested for defrauding the U.S. Department of Defense for $23.5 million
The trial has just finished for a California man who’s accused of orchestrating a 2018 phishing scheme that defrauded the U.S. Department of Defense (DoD) for $23.5 million. The scheme diverted funds that wer originally intended as payment to a jet fuel provider. The phishing campaign was centered around registering several web domains that were nearly identical to legitimate supplier domains and used to send out the phishing emails. If sentenced, the offender will face up to 30 years in prison and $1 million in fines.
