In the spotlight this week:
Ransomware activity targets healthcare sector
E-commerce platform Lazada suffers data breach
Asian reservation dining platform Eatigo becomes victim to data breach
Marriott Hotels fined £18.4M for data breach that hit millions
Maze ransomware retirement
The Advisory issued on October 28 by the Cybersecurity and Infrastructure Security Agency (“CISA”), the FBI, and the Department of Health and Human Services (HHS) warns of increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. The three government agencies have noted that the notorious criminals are carrying out their attacks using TrickBot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services.
E-commerce platform Lazada has suffered a data breach that resulted in 1.1 million
RedMart accounts stolen from a legacy RedMart system that is no longer in use. The names, phone numbers, and partial credit card details were sold online.
A Lazada spokesperson stated earlier this week that the information stolen was from a RedMart-only database that had not been updated for more than 18 months. Lazada is investigating the data breach and has informed the Personal Data Protection Commission of Singapore.
Blackpanda advises all Lazada users to change their passwords, cancel the credit card used on the app, and regularly check their bank statements for suspicious transactions.
Eatigo is the latest among other e-commerce platforms to announce a data breach over the weekend. In an email to customers on the 31st of October, the restaurant reservation platform informed users that it was the subject of a data security incident involving unauthorized access to their customer database.
According to a post on an online forum purportedly selling personal data from various e-commerce sites around the world, information from 2.8 million Eatigo accounts in Singapore, Hong Kong, and Thailand are up for sale.
Blackpanda advises all Eatigo users to change their passwords tied to the account.
The UK's Information Commissioner’s Office (ICO) has fined the Marriott Hotels chain £18.4M for a major data breach that may have affected up to 339 million guests.
The hotel chain failed to put appropriate safeguards in place but has since patched its gaps and vulnerabilities. The first part of the cyber-attack happened in 2014, affecting the Starwood Hotels group, which was acquired by Marriott two years later. However, the breach was only detected in 2018. Over the four years that the breach went undetected, the attacker continued to have access to all affected systems, including the names, email addresses, phone numbers, passport numbers, arrival and departure information, VIP status, and loyalty program numbers.
The ICO report makes clear that Marriott beefed up the security of Starwood's IT systems far too late and the hackers had free rein to move around, cherry-picking the data that would sell best on criminal forums. The fine, while drastically less than the £99M the ICO had originally planned to issue, serves as a deterrent to all companies, forcing executives to conduct proper due diligence as part of the merger process.
Former major player in the ransomware game, Maze, announced its retirement earlier this week. Maze attributes its retirement to the “recklessness, indifference, laziness, and stupidity” of companies, as the world moves towards complete digitalization. Claiming that Bitcoin is just the beginning, the group asserts they will return to showcase the errors and mistakes of this shift.
Subscribe Here to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.