InfoSec Round-Up: April 30th

Play Video

Stolen Police Data, Train Cyber-Attack & Music Market Breach

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

DC Police Data Stolen

Washington DC’s Metropolitan Police Department has had a reported 250GB of unencrypted files stolen as part of a ransomware attack. Data which attackers are threatening to release.

Thought to have originally occurred on the 19th of April, attackers claim to have stolen a plethora of information relating to ongoing operations, disciplinary records and files related to gangs operating within the DC area.

Via their data leak website, the criminal syndicate has stated that should the law enforcement organisation not begin negotiations with them within three days, they intend to start contacting criminal gangs with information relating to police informants.

Babuk, the Russian-speaking gang behind the attack, is a relatively new threat actor, and although their operations were only first discovered in January of 2021, they are thought to have already launched at least five attacks against large enterprises.

Speaking to the attack, the Washington DC's police department has stated, “[we are] aware of unauthorised access on our server”. Adding, “While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter.”

Music Marketplace Data Breach

The world’s largest online music marketplace, Reverb.com, has exposed the personal details of millions of customers, including those belonging to Jimmy Chamberlin of The Smashing Pumpkins and Alessandro Cortini of Nine Inch Nails.

The website, which is dedicated to selling new, used, and vintage musical equipment, has notified customers that names, phone number and email addresses are amongst the data exposed because of an unsecured Elasticsearch server.

Containing more than 5.6 million records, the exposed database was discovered by a security researcher at the beginning of this month; though by the time the researcher had linked the data back to Reverb, the database had already been secured.

While it is not known whether the information had been accessed by any malicious actors, the exposed data would have allowed cyber criminals to launch amongst other attacks, targeted phishing campaigns against the website’s customers.

Regarding his discovery, researcher Volodymyr "Bob" Diachenko noted, “At first, it wasn't immediately clear who owns this and what type of data it [was], so I put it on a shelf.”

Adding, “The fact that customer shop IDs were exposed is troublesome as these can be used to make fraudulent correspondence look legitimate.”

Merseyrail Attack

Railway company Merseyrail has confirmed that it has fallen victim to a cyber attack in which the director’s Office 365 account was compromised.

Providing train services across sixty-eight stations around the Liverpool City region, Merseyrail has reportedly been hit with a ransomware attack, as part of which the email account of company director Andy Heather was taken over by the attackers.

From the account, multiple emails were sent to various journalists and stakeholders announcing the attack, presumably as part of the ransomware syndicate’s method of extortion.

Having confirmed the cyber-attack the day after the emails were sent, Merseyrail has formally released little in the way of details, though the ‘Lockbit’ gang, who claims to be behind the attack, suggested that a recent company outage was in fact a ransomware attack in which employee and customer data was stolen.

With the UK’s data watchdog having been informed, a Merseyrail spokesperson has simply stated, “Merseyrail was recently subject to a cyber-attack.” Adding, “This does not affect the operation of our services, which will continue to run as advertised.”

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.

Security Awareness for your Organisation

Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.

Featured

InfoSec Round-up: April 23rd

InfoSec Round-up: April 23rd - Hut Six

TikTok Data Lawsuit, Apple Attack & Spy Warning - Infosec Round-Up April 23rd

The importance of an email security policy

Why Organisations Need an Email Security Policy

An email security policy is a document describing how an organisation's email system should, and most importantly, should not be used.

Infosec Round-Up: April 16th

Infosec Round-Up: April 16th - Hut Six

Nuclear Cyber Attack, Capcom Hack & Ransomware Food Shortage - Infosec Round-Up April 16th

Preventing Human Error in Information Security

Human Error in Information Security

When Human Error is found in information security, it is often avoidable errors that allow much larger consequential problems to arise.

InfoSec Round-Up April 9th

InfoSec Round-Up: April 9th - Hut Six

Facebook Leak, Booking.com Fined & University Attacks - Infosec Round-Up April 9th

Security Awareness - Return on Investment

Investing in Information Security Awareness Training

Investing in Information Security Awareness Training - educating people against cyber threats should be considered essential for any organisation operating in 2021

InfoSec Round-Up: March 26th

InfoSec Round-Up: March 26th - Hut Six

Inside Attacker, FOREX Data Leak & NCSC Warning - InfoSec Round-Up March 26th

InfoSec Round-Up: March 19th

InfoSec Round-Up: March 19th - Hut Six

MoD Security, $4.2B Cybercrime Loss & Hacker Teen Sentenced - InfoSec Round-Up March 19th

Microsoft Teams Security

How Secure is Microsoft Teams?

How Secure is Microsoft Teams? Information Security blog by Information Security Awareness solution provider Hut Six Security

Enterprise Data Regulation

Best Ways To Ensure Enterprise Data Regulation

Best Ways To Ensure Enterprise Data Regulation guest blog by technivorz.com and information security awareness solution Hut Six Security.