The web portal of a Medical Marijuana facility in Nevada was breached compromising employee information.
What type of information? Social security numbers and dates of birth of individuals with medical marijuana agent cards, such as employees and owners of medical marijuana establishments
What happened? A flaw in the state’s website portal made the data accessible on the site.
What was the response? The entire portal has been taken down by the state’s Division of Public Behavioural Health (DPBH) and the DPBH IT staff are working with State IT staff to investigate the breach. Those affected are being contacted and advised on appropriate further action.
Students and staff records in a Michigan State University database has been accessed by unauthorized third party
How many victims? 400,000 records of 449 students and staff.
What type of information? Names, social security numbers, MSU identification numbers, and in some cases, date of birth of faculty, staff and students who were employed by MSU between 1970 and Nov. 13, 2016, and students who attended MSU between 1991 and 2016.
What happened? Michigan State University announced last Friday that a server and a database containing the breached information was accessed by an unauthorized third party on November 13. The database was taken offline in less than 24 hours but the attacker accessed records of 449 individuals.
What was the response? MSU’s IT team immediately determined the cause and nature of the breach and the MSU Police Department is working with federal law enforcement to investigate the crime. The university already notified affected parties and has offered them two years of identity theft protection, fraud recovery credit card monitoring for free. They also ensured that the database did not contain passwords, financial, acadmeic, contact, gift or health information, according to SC Magazine.
Friend Finder Networks, the company that operates Adultfriendfinder.com and cams.com which was affected by a breach of 3.5 million users information in May, 2015 has been breached again.
How many victims? This time 339 million users including 15 million users whose accounts were deleted but their data were still held by the company.
What type of information? Usernames, email address, date of the last visit, password, last IP address used, browser information, and VIP membership status
What happened? LeakedSource.com speculates that the breach was carried out through the use of an exploit for a Local File inclusion vulnerability which was publicly revealed last month. Passwords were found in unencrypted format or SHA 1 hashed which are both insecure. 99% of the hashed passwords have already been cracked. The team has decided not to make this particular data set searchable by the general public for now.
What was the response? Friend Finder Networks has not confirmed the breach but they said the Local File inclusion vulnerability which was allegedly exploited has been fixed.
Quote: “It goes without saying that systems, software and processes should be regularly reviewed as previously accepted risk levels may no longer suffice.” – David Kennerley, director of threat research at Webroot, to SC Media.
1.3 million personal and medical records leaked in Australia’s biggest data breach
How many victims? 1.28 million records
What type of information? Personal and medical information such name, gender, physical and email address, phone number, date of birth, blood type and country of birth. It also contains sensitive data such as whether someone has engaged in high-risk sexual behaviour.
What happened? An anonymous source found 1.74GB file containing 1.28 million donor records going back to 2010 on a publicly accessible website and notified Troy Hunt. The discovery was made via a scan of IP address built to search for publicly exposed web servers that returned directory listings containing .sql files.
What was the response? The Australian Red Cross has said that it had made contact with the Australian Cyber Security Centre and the Australian Federal Police and notified the Office of the Australian Information Commissioner of the data breach. “We are deeply disappointed this could happen. We take full responsibility for this mistake and apologise unreservedly,” said Jim Birch, chair and Shelly Park, chief executive of the Blood Service. “We would like to assure you we are doing everything in our power to not only right this but to prevent it from happening again.”
Quote: “With sensitive data often passing between multiple companies during partnerships and sales, it’s essential that organisations have a data-centric security strategy in place to ensure that data is secure wherever it goes,” Steve Murphy Senior CP EMEA, Informatica told SCMagazineUK.com
Web hosting service Weebly has confirmed a major data breach reported by LeakedSources.com.
How many victims? 43.4 million accounts
What type of information? Usernames, Email addresses, Passwords and IP addresses. Fortunately, the passwords were heavily encrypted.
What happened? LeakedSource.com acquired the stolen Weebly data from an anonymous source and reports that they were stolen from the company’s main database in February 2016.
What was the response? Weebly has responded by resetting passwords and sending out breach notification emails. In a company statement sent to SCMagazine, the company noted: “Weebly recently became aware that an unauthorized party obtained email addresses and/or usernames, IP addresses and encrypted (bcrypt hashed) passwords for a large number of customers,” It went further to say “At this point we do not have evidence of any customer website being improperly accessed. We do not store any full credit card numbers on Weebly servers, and at this time we’re not aware that any credit card information that can be used for fraudulent charges was part of this incident.” The statement went further to say: “Our security team, with support from outside security consultants, is working to protect our customers and to enhance our network protections. This includes initiating password resets, implementing new password requirements and a new dashboard that gives customers an overview of recent log-in history of their Weebly account to track account activity,”
Quote: “This mega breach affects not only tens of millions of users but tens of millions of websites and with Weebly being one of the most popular hosting platforms in the world, this breach could have been far more disastrous in the wrong hands had they not strongly hashed passwords,” – LeakedSource.com’s blog post.
The Hutchinson Community Foundation in Kansas was hit with a data breach and ransomware attack.
How many victims? Nearly 5,500
What type of information? Personal and financial information.
What happened? On September 19, officials at the foundation found ransomware on the foundation’s network server after clicking on a file and finding its contents encrypted. Upon further investigation they found that intruders had done more than infect their files with ransomware and had actually made it into the foundation’s systems.
What was the response? The foundation didn’t pay the ransom and was able to restore all of their data from backup files however; officials said the data breach could have allowed attackers to access the databases and files on its servers and declared the incident a breach. Not all of the donor records contained sensitive information, but those who had their financial information and other sensitive data stored on the compromised serves are being notified of the incident and will be offered up to a year of free identity monitoring services. Continue reading
Personal information including usernames, passwords, e-mail address, gender, date of birth, country of residence and photos, as well as sexual preferences of over 1.5 million online dating users were found in an unsecured MongoDB database by MacKeeper researchers accessible on the internet. The data was found to belong to a New Zealand based company that runs haveafling.mobi, haveafling.co.nz, haveanaffair.co.nz, haveanaffair.mobi, hookupdating.mobi and the mobile application “Hook Up Dating.
In response to MacKeeper’s notification to the company, they claimed that the database is mostly dummy data used to test migrating data from SQL to MongoDB. The researchers are not okay with this claim considering the massive number of accounts.
Also, a one by one analysis of a random selection of more than 300 records shared with ZDNet proves otherwise.
The company is taking the leak lightly claiming that only the researchers had accessed the data. They did not invalidate the affected passwords and only notified users to change their password because they were upgrading their system for security reasons.