Recently, officials for Sony Interactive Entertainment confirmed that one of their Japanese servers had been affected by the MOVEit data transfer vulnerability and had exposed sensitive information on nearly 6,800 individuals. The responsible group, Cl0p ransomware, had added Sony to their leak site back in June but nothing had been confirmed by the company until last week. Staff at Sony are also currently investigating another data breach, in which two separate threat groups are both claiming to have illicitly obtained a 3.14GB data trove from the company and have posted it for sale on a known hacker forum.
Google identifies multiple zero-day vulnerabilities in computer chips
Both Qualcomm and Arm chip manufacturers were contacted by the Google Threat Analysis Group about a number of zero-day vulnerabilities that had been found in several of their devices, which could be exploited by threat actors. Both companies have identified the listed vulnerabilities and have begun pushing out patches, as the Arm vulnerability has already been exploited in a series of targeted cyberattacks.
ALPHV/BlackCat ransomware group claims attack on Motel One chain
Over the weekend, the threat actors behind the ALPHV/BlackCat ransomware group added the Motel One hotel group to their leak site and claimed to have stolen 6TB of data. According to the post, the group stole booking and reservation information from the past 3 years, and includes payment data, and other personally identifiable information (PII) from thousands of Motel One customers. Officials for Motel One believe that their network was only breached for a brief time and are downplaying the overall impact of the security incident, stating that only 150 credit cards were compromised.
Cyberattack targets Lyca Mobile's network
Officials for the mobile virtual network operator, Lyca Mobile, have revealed that their internal network was compromised by a cyberattack, which has impacted their customer’s ability to top-up their pay-as-you-go accounts, as well as some international calling functionality. Only 4 of the 60 countries that Lyca Mobile operates in were unaffected by this incident, and the formal investigation into the attack is still ongoing, though it is believed to have been the fault of a ransomware group. It is still unclear if any data was stolen during the attack or when Lyca’s full services will be restored.
McLaren Health Care falls victim to ransomware attack
Late last week, a Michigan-based healthcare provider McLaren Health Care fell victim to an ALPHV/BlackCat ransomware attack, that appears to have affected the provider’s 2.5 million patients. The ransomware group published the stolen data to their leak site and released a statement that claims McLaren Health Care negotiated with the group to cover up the incident, rather than disclosing the attack to the proper authorities.
