Still lacking a timeline for full recovery, library services provider Baker & Taylor suffered a ransomware attack and were forced to shut down their systems. In other cybersecurity news, over 100,000 individuals across 11 countries were infected as part of a 3 year long cryptominer campaign.
Millions of student loan accounts exposed in Nelnet data breach
More than 2.5 million student loan accounts have been compromised following a data breach at the technology services provider Nelnet Servicing. The breach exposed the loan account details from Oklahoma Student Loan Authority (OSLA), for which Nelnet provides online access to student loan accounts for viewing and payment options. Unauthorized access to Nelnet’s systems was first discovered on July 22 and IT staff were able to quickly put a stop to the attack. They weren’t fast enough to stop the attackers from exfiltrating a significant amount of client data, though.
Cryptominer uses various disguises to infect victims in 11 countries
Researchers have been following a cryptominer campaign since 2019 that has infected over 100,000 individuals across 11 countries. The miner has taken on a variety of disguises over the past 3 years, but mostly operates as a fake Google Translate Desktop app though it’s also been spotted as other free software. Upon installation, a payload is downloaded but not extracted for several weeks, to hide any malicious intentions from the fake app. Once it is extracted, the payload contacts a C&C server to begin mining operations on the compromised device.
Singapore organizations see massive rise in cybercrime
Singapore’s Cyber Security Agency (CSA) released a report of cyberattacks they have been notified of over the past year and have identified a significant rise in ransomware attacks. From 2020 to 2021, ransomware attacks on Singapore-based organizations increased by 54% and local URL phishing increased by 17%. In total, cyberattacks that were reported to the CSA reached 22,219, up 38% from 2020, and are only expected to surpass that number in this coming year. Singapore-based companies are also looking to increase security against IoT (Internet of Things) attacks, as they are becoming a more prominent attack vector.
Ragnar Locker leaks Portuguese airline data
Following a cyberattack on the IT systems of TAP Air Portugal, officials for the airline have stated that they fully repelled the attack and are operating normally, though their mobile app and website are still suffering with instability issues. The Ragnar Locker ransomware group posted a new addition to their leak site that claims to have hundreds of gigabytes worth of stolen data belonging to TAP Air Portugal and were prepared to release documents that proved the authenticity.
Ransomware takes Baker & Taylor’s systems offline
A week after reporting a service outage at Baker & Taylor’s, the library services provider has revealed that they had fallen victim to a ransomware attack and were still unable to restore full functionality to their systems. Officials for Baker & Taylor’s have confirmed that staff are working diligently to remove all signs of infection and begin restoring the affected servers from backups, though they still don’t have a solid timeline for full recovery.