Week 23 Cyberattack Digest 2018 – MyHeritage, Bitfinex, Booking.com and others
It turned out to be a nice new tradition of making cyber attack week digests. Today, we will not interrupt it and make another overview on the breaches of Week 23 Cyberattack Digest 2018.
DNA testing service experiences a massive espionage attack
MyHeritage testing service is an Israel-based ancestry platform that possesses critical account details from genealogy and DNA of its clients. As the result of a breach, 92,283,889 account details were compromised. The breach that presumably took place on October 26th, 2017 affected email addresses data. The company’s representatives claim that no medical details were accessed. «It’s our DNA and there isn’t much more inhumane than seeing that info stolen. But, by all reports that’s not what got stolen. In reality, usernames and passwords were stolen”, Mark Aselstine, founder of Uncorked Ventures, commented. And at some point these words have much sense – a DNA is not the main target anyway.
Attackers wiped out a critical police evidence
The reasons of attacks do not always lie in professional or material interest. A recent attack on Atlanta’s police website can demonstrate how unpredictable the hackers’ actions can be. After detecting a breach, the local attorneys confirmed that malefactors wiped out an important police video evidence.
One of the largest cryptocurrency exchange services was affected by a DDoS attack
Bitfinex, cryptocurrency exchange service is supposed to be one of the largest platforms by trading volumes. On Tuesday morning, it was taken down after a DDoS cyberattack. This was not the only case when the platform fell a victim of attackers. Hong Kong-based exchange Bitfinex has also been attacked recently as well as several other cryptocurrency markets.
Not the best time to book a hotel on Booking.com
A phishing campaign has recently affected Booking.com users. The researchers that investigated the case concluded that the possible breach might have occurred by obtaining the data from several partner hotels. Affected customers started to receive WhatsApp and text messages with a warning. The users had to click the malicious link in order to change their passwords: this gave attackers a possibility to access their bookings.
Bible Society was fined for poor security measures
Bible Society was fined £100k for lacking the appropriate security measures. Due to the security failing, over 400,000 Christian backers were affected in an espionage attack on the website. The attacker managed to bruteforce a weak password, which provided him with access to the database that included details on home addresses, telephone numbers and bank accounts.
This week was overwhelmed with Espionage attacks. Cristina Salinas, Sr. Account Supervisor at Touchdown PR, says that security incidents like MyHeritage are “an important reminder that our personal information is constantly at risk”.