Week 5 Cyberattack Digest 2019 – Discover Financial Services, Altran Technologies, Delaware’s Department of Insurance and others
As always, we have prepared something interesting for you. Have a look at our cyberattack week digest.
Discover Financial Services files a breach
by Bleeping Computer – 28 January, 2019
Discover Financial Services has filed a data breach with the California Attorney General’s office. Experts claim that the incident has potentially given attackers access to critical customer information, which means that any type of data from account numbers and expiration dates to security codes might have been stolen. Discover Financial Services learned about the data leakage on August 13, 2018; the incident was filed later on January 25, 2019. While such incidents are not uncommon for financial organizations, this was only the second time a data breach involving customers’ cards reported in 2018 by Discover Financial Services to the California Attorney General.
The organization is currently issuing new cards as a precaution and warns cardholders to keep an eye on their account for any fraudulent activity. “It’s crucial to protect sensitive data over the entire data lifecycle – from the POS device to processing to backup. Implementing data centric security, which means protecting data at the earliest possible point and de-protecting it only when absolutely necessary, is the only way forward,” commented Felix Rosbach, product manager at comforte AG. He also added that companies possessing payment data had to institute a wide range of features to ensure the safety of their customers’ information.
Delaware’s Department of Insurance publicly disclosed a data breach
by SC Media – 29 January, 2019
Delaware’s Department of Insurance announced that 650 residents and five companies located within the state were affected by a data breach of BenefitMall, a third-party HR services administrator for health insurance companies that took place in 2018. Back on Jan. 4, 2019, Centerstone Insurance and Financial Services publicly disclosed a “data security incident”.
The leakage presumably took place between June 2018 and October 11. Attackers managed to compromise employee email accounts containing customers’ names, addresses, Social Security numbers, birth dates, bank account numbers, and insurance payment information. The Department of Insurance suggested the customers of Highmark BCBS, Aetna, Emblem Health, Humana and UnitedHealth kept an eye out for personal breach notifications in the mail. The agency advised the clients to accept any free credit and identity monitoring services that may be offered by this insurance.
“The Department of Insurance takes any breach of personal information very seriously. We will continue to do our part by conducting further investigations to fully understand what happened, how it happened and what data was affected. Our goal is to minimize the negative effects and prevent similar incidents from happening in the future,” commented Insurance Commissioner Trinidad Navarro.
Consequences of Akron cyber incident
by fox8.com – 28 January, 2019
The city of Akron is still dealing with the effects of a cyberattack that took place a week ago. The attempt to access city funds happened last Tuesday, but there is no evidence that any personal information of taxpayers or residents was accessed.
The FBI, the Ohio State Highway Patrol and the National Guard started an investigation. “(They) placed the City of Akron in a strong defensible position to begin proper remediation of the virus. The remediation process will evolve and remain constantly fluid, and it will ultimately require some city business systems to be taken offline temporarily,” the city officials commented.
As a result of the incident, credit card payments are currently unavailable in certain city departments, such as recreation, building and tax; late fees and penalties will not be assessed for customers who are unable to access the payment systems, as well as utilities that will not be shut off for non-payment until the process is working again. As for other issues that arose after the incident, the online 311 portal is unavailable; city employees do not have access to emails.
Altran Technologies hit by a ransomware
by SC Media – 30 January, 2019
Altran Technologies, a French engineering research and consulting firm, informed that a cyberattack affected its operations in certain European countries.
According to the company’s officials, the organization immediately shut down its IT network and all applications. Altran Technologies has probably fallen victim to a ransomware program, also known as LockerGoga; experts concluded that a particular malware sample found on VirusTotal was responsible for the attack. “We have mobilized leading global third-party technical experts and forensics, and the investigation we have conducted with them has not identified any stolen data nor instances of a propagation of the incident to our clients. Our recovery plan is unfolding as expected and our technical teams are fully mobilized,” the company stated in the press release.