Thirty-one individuals across 3 countries were arrested in a sting operation targeting hackers using automotive diagnostic software to remotely change software in cars, allowing them to open the cars and start them. In other cybersecurity news, Australian wine retailer Vinomofo suffered a data breach that potentially exposed the personal information of 500,000 customers.
Ransomware attack temporarily shuts down Medibank insurance firm
The Australian insurance firm Medibank confirmed that recent service outages were the result of a ransomware attack. Staff initially found unauthorized activity within their network on Wednesday, and quickly began shutting down peripheral systems to prevent further intrusion. Just before the weekend, Medibank started the process of contacting their 2.8 million customers to alert them of the system breach. Their investigation into any compromised customer data was still ongoing.
London council spends £12m+ on ransomware recovery
A recent report on the 2 year long ransomware recovery for the Hackney Council revealed that the total costs for restoring systems to their original state pushed past £12 million. Public sector authorities are becoming prime targets for cyberattacks, as they tend to rely on outdated hardware that’s unable to receive the latest software patches. This leaves them vulnerable to a wide range of attacks. Alongside the money spent on restoring data and re-creating systems, the hacker group responsible for the attack published the stolen data to their leak site after ransom negotiations fell through.
Data breach exposes sensitive information on MyDeal customers
A data breach at the Woolworth subsidiary MyDeal originated when a hacker used compromised credentials to gain access to a wide range of systems and sensitive customer data for 2.2 million users. While the online retail marketplace that brings Australian shoppers and local retailers closer together does not store any payment card data, they are recommending that all users update their login credentials and be alert for any potential phishing attacks.
International law enforcement arrests car fob hacking group
Law enforcement agencies from across Europe recently wrapped up an operation to capture a hacking group that was compromising car key fobs to steal the targeted vehicle. 31 individuals were arrested in 3 different countries, with law enforcement also seizing over €1 million in criminal assets. The group used automotive diagnostic software to remotely change the software in cars from two French manufacturers, allowing them to unlock and start the vehicle without needing a key.
Australian wine retailer suffers data breach
In the recent string of cyberattacks on Australian businesses, the wine retailer Vinomofo has become the latest victim. After finding unauthorized activity on their internal servers, it’s believed that all Vinomofo’s 500,000 customers may have had their sensitive data exposed. The company has confirmed that they do not store payment cards or driver’s license details. The stolen data has already been posted to a leak site for sale, with a small portion of the data being made available as proof that the data trove is legitimate.
