Week 48 Cyberattack Digest 2018 – Marriott International, Uber Middle East Airlines and others

It is Monday today, and, as always, we are ready to give you a new compilation of cyber news in our new week 48 cyber attack digest.

The biggest data loss of the last five years

by The National – 30 November 2018

International hotel group Marriott International confirmed a cyber attack and revealed that the data of about 500 million guests, including passport and credit card details, might have been compromised. The attack on the organization was called the biggest in the last five years since the attack on Yahoo in 2013, when the attackers accessed all of its three billion users. and the hotelier said Marriott was investigating “unauthorised access” of guest reservation database at its Starwood unit since 2014. The hotel group officials received an alert on September 8 from an internal security tool and found out that someone made attempts to access its Starwood guest reservation database. “Marriott recently discovered that an unauthorised party had copied and encrypted information, and took steps towards removing it,” the officials commented.

Uber fined for security failure

by Irish Examoner – 27 November 2018

As a result of a cyber attack, information of 2.7 million UK Uber customers has been exposed. The company has been fined £385,000 by a UK watchdog for failing to protect critical data. “Avoidable data security flaws” allowed malefactors access the details of the customers including full names, email addresses and phone numbers, and download them, the Information Commissioner’s Office (ICO) commented. Also, the details of almost 82,000 UK drivers including details of journeys made and how much they were paid were accessed as well during the incident in October and November 2016. “This was not only a serious failure of data security on Uber’s part, but a complete disregard for the customers and drivers whose personal information was stolen,” said ICO director of investigations Steve Eckersley, “At the time, no steps were taken to inform anyone affected by the breach, or to offer help and support. That left them vulnerable.” The affected customers and drivers were only informed about the incident when Uber made an announcement in November 2017.
Uber confirmed paying the attackers responsible $100,000 to delete the obtained data. Uber was handed a separate €600,000 fine by the data protection authority in the Netherlands as well.

Russian cyber campaign spreads malware

by ZD Net – 30 November 2018

A hacking group that presumably works on behalf of the Russian state is believed to stand behind delivering malware to targets across Europe. The criminals use Brexit as a lure for conducting cyber operations. The UK’s departure from the European Union is said to be the latest in a line of latest in a line of current affairs topics. Fancy Bear group, which is also known as APT28, Sofacy and a variety of other names uses them aiming to trick targets into downloading malware. Earlier this month, the hacking operation that is thought to have links to the Kremlin was applying phishing lures relating the recent Lion Air crash just off the coast of Indonesia. Speaking about the current campaign, the group is referred to as SNAKEMACKEREL and exploits Brexit in order to deliver trojan malware. The campaign is also believed to have targeted a number of government departments including ministries of foreign affairs, political think-tanks, and defence organisations across Europe. “The threat group is likely to be seeking access to insights on the latest political affairs, including confidential documents on national interests related to current news headlines such as Brexit,” ,” Michael Yip, security principal at Accenture Security’s iDefense Threat Intelligence commented.

Attacks on UAE and Lebanese government

by The Nation – 29 November 2018

Actually, the “Russian malware” was not the only thing targeting governmental organizations last week. In another cyber incident, Emirati government may have been compromised and the critical data has been left vulnerable to blackmail. Researchers at the Cisco Talos Intelligence Group said that UAE police and the country’s Telecommunication Regulatory Authority, which is also responsible for protection against cyber attacks, were among the victims. According to the experts, Lebanon’s finance ministry and the Lebanese carrier Middle East Airlines were also targeted. The experts also presume that the attackers first examined their victims before launching their attack as they had a special scheme that allowed them to access confidential records and emails.

The data loss of 500 million guests, attacks on a number of financial organizations – what is next? Follow us on Twitter, Facebook, and LinkedIn.

The post Week 48 Cyberattack Digest 2018 – Marriott International, Uber Middle East Airlines and others appeared first on ERPScan.