29 May 2020

IRM Weekly Cybersecurity Roundup: Bank of America data breach and more

Bank of America data breach slip-upBank of America data breach

The Bank of America data breach was self-inflicted in a process error, confirmed this week. The data breach was caused by credit applications being incorrectly uploaded to the US Small Business Administration test platform.

It’s thought that this process was part of the application process for customers, enabling authorised credit lenders to test the customer application and send them on to the next party to continue the application process. Instead, various other third parties were able to view the data where they shouldn’t have had access.

Information exposed to third parties include business tax identification numbers, business addresses, owner’s names, social security numbers, addresses, phone numbers and email addresses.

The Bank of America do not believe the data has been misused and letters have been sent to affected parties.

You can read more here.

Israeli confirms water system cyber-attack attempts

The national cyber chief for Israel, Yigal Unna, announced this week that they had thwarted a major cyber-attack on it’s water systems. Whilst not confirmed by Unna, this is widely thought this was caused by Iran as an ‘organised’ and ‘synchronised’ attack.

The chief indicated that this attempt had kick-started an element of cyber warfare, and many sources state that Israel are behind the shutting down of a key Iranian port two weeks after the water system cyber-attack attempt.

Unna made reference to the significant impact this attack could have had by targeting critical national infrastructure: “We can see something like this aiming to cause damage to real life and not to IT or data.”

Other than disrupting the flow of water supply to citizens, Unna explains that the cyber-attack could have led to chlorine or other chemicals getting into the water source in the wrong proportions and this could have had a serious outcome.

You can read more here.

26 million LiveJournal user credentials for sale on Dark Web

Livejournal-logoA database containing the credentials for 26 million LiveJournal accounts has been leaked and sold on the Dark Web and various hacker forums.

It seems the data comes from an incident back in 2014 where 33 million accounts were hacked. The breach was never reported at the time, but rumours have been circulating in recent years.

It’s thought that hackers have been using this data for a long-time already but is only surfacing recently due to the attempt to sell-on the data.

You can read more here.

EasyJet faces class-action lawsuit

After the data breach covered in last week’s roundup, it has been reported this week that EasyJet now faces a £18 billion class-action lawsuit.

Putting together the lawsuit is PGMBM, where each customer affected could receive up to £2,000.

Whilst £2,000 per person equates to an eye-watering amount to the organisation being sued, experts point out that a data breach for an individual can cost them much more than £2,000 in the long-run if their personal details get into the wrong hands.

You can read more here.

Quick-Fire Updates

Remote Pen Testing – Common Questions Answered: One of IRM’s Technical Team Leaders answers the most common questions we have received about how remote penetration testing works. Read it here.

Employees admit they are cutting corners on cybersecurity by working from home: A survey has shown that half of employees could be putting their organisation at risk by working from home, as they are taking more risks with the way they handle data. For example, how they share confidential files. Read more here.

Sri Lankan telecom firm victim to cyber-attack: SLT (Sri Lanka Telecom) confirmed this week that they detected an attempt of a cyber-attack affecting a section of their internal IT systems. As a precautionary measure, they shut down some of their servers. Read more here.

Fancy getting the newsletter sent your inbox directly every week? Sign up to the newsletter here.