Infosec Round-Up Aug 20th

Play Video

T-Mobile Breach, Watchlist Leaked, Brazil Ransomware

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

T-Mobile Data Breach

The mobile carrier T-Mobile has announced that the personal information of over 48 million customers has been breached in a major cyber attack.

Occurring last Monday and affecting US customers, the breach came to light following reports that cyber criminals were attempting to sell the large dataset via an online marketplace. Data which the company states is personal information, and not financial.

Containing the records of around 7.8 million current customers, as well as over 40 million records of prospective or former customers, few details regarding the attack have been made public, with the company referring to it only as a “highly sophisticated cyberattack”.

Reportedly taking immediate steps to help protect the individuals at risk, the company is recommending customers change PINs, are offering additional security features, as well as providing two years of free identity protection services.

In a public statement, T-Mobile notes, “We take our customers’ protection very seriously and we will continue to work around the clock on this forensic investigation to ensure we are taking care of our customers in light of this malicious attack.”

No-Fly List Exposed

A secret terrorist watchlist containing 1.9 million records, had been discovered by a security researcher exposed on an Elasticsearch server.

With no password protection, and containing the names, citizenship, date of birth and no-fly statuses, it is uncertain where the records have come from, though its discoverer suspects it may have originated from the Federal Bureau of Investigation’s (FBI) Terrorist Screening Centre (TSC).

With the FBI “no commenting” the matter, the TSC list is used by multiple federal agencies to share counterterrorism information, including the Department of State, Defence, and the Transportation Security Authority (TSA).

Uncovered in mid-July of this year, the database was reported to the U.S Department of Homeland Security (DHS) the same day, with the server being taken down around three weeks later.

The man responsible for the discovery, Bob Diachenko noted, “In the wrong hands, this list could be used to oppress, harass, or persecute people on the list and their families… It could cause any number of personal and professional problems for innocent people whose names are included in the list.”

Brazil Government Ransomware Attack

Brazil’s Ministry of Economy has revealed a ransomware attack that has affected portions of the country’s National Treasury computer systems.

Occurring late last week, the government have stated that the attack was promptly contained following its detection and that the incident did not cause any notable damage.

Noting that they would disclose information regarding the attack in a “timely manner and with “due transparency”, it was only April when Brazil’s court system was forced to shut down due to an attack by the REvil ransomware syndicate.

In July, the Brazilian government had announced the creation of a cyberattack response network, designed to promote coordination between federal bodies and improve response time.

In a statement, the government noted: “It was evaluated that the action did not generate damage to the structuring systems of the National Treasury Secretariat, such as the Integrated System of Financial Administration (SIAFI) and those related to public debt.”

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.

Security Awareness for your Organisation

Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.


Infosec Round-Up Aug 13th

Infosec Round-Up Aug 13th - Hut Six

Apple responds to CSAM scanning criticism. Crypto hacker returns over $300 million worth of tokens. Crytek game developer confirms data leak hack.

Infosec Round-Up Aug 6th

Infosec Round-Up Aug 6th - Hut Six

Zoom to pay $86 million on privacy lawsuit. LockBit 2.0 cyber criminals recruiting insider threats. Isle of Wight schools hit with ransomware attack.

InfoSec Round-Up July 30th

InfoSec Round-Up July 30th - Hut Six

Israeli government raids NSO Group offices. Biden warns cyber breach could lead to "hot-war". Irish DoH data leak.

InfoSec Round-Up July 23th

InfoSec Round-Up July 23th - Hut Six

NSO responds to international criticism. Saudi Aramco hacked for a second time. Chinese government denies involvement with Microsoft Hack.

InfoSec Round-Up July 16th

InfoSec Round-Up July 16th - Hut Six

UK Police seize £180 million in money laundering investigation. REvil ransomware website mysteriously disappears. Iran targets British academics in phishing attack.

InfoSec Round-Up July 2nd

InfoSec Round-Up July 2nd - Hut Six

Member of public finds Ministry of Defence (MoD) documents. Salvation Army loses data in cyber attack. Denmark's Central Bank affected by SolarWinds hack.

InfoSec Round-Up June 25th

InfoSec Round-Up June 25th - Hut Six

Prolific phishing scammer arrested for 25k SMS messages. Scotland's EPA announces 4 thousand files were stolen. Security icon John McAfee found dead.

InfoSec Round-Up June 11th

InfoSec Round-Up June 11th - Hut Six

New York Time, the Guardian, Reddit and more unavailable. JBS pays $11 million ransom to attackers. FBI created fake end-to-end encrypted chat app.

InfoSec Round-Up June 4th

InfoSec Round-Up June 4th - Hut Six

Meat Supplier JBS grinds to a halt. The ICO fines Conservatives £10K. Swedish Public Health Agency hacked.

InfoSec Round-Up May 28th

InfoSec Round-Up May 28th - Hut Six

UK's ICO fines Amex £90K for marketing emails. Japanese government responds to supply chain attack. Darkside criminal gang strike again.