Bitglass Security Spotlight: Cyber Attack Results in Defense Contractor Paying $500,000 Ransom

Here are the top stories of recent weeks:

• U.S. Defense Contractor Pays Threat Actors Half a Million in Ransom 
• T-Mobile Falls Pray to Second Security Breach in Six Months 
• International Airline, Cathay Pacific, Fined as Breach Exposes 9.4 Million Customers 
• Walgreens Mobile Application Leaked Users’ Sensitive Information
• A SpaceX and Tesla Parts Manufacturer Is Affected by Data Breach

U.S. Defense Contractor Pays Threat Actors Half a Million in Ransom

An electronics manufacturer with a defense contract was the recent victim of a ransomware attack that resulted in a paid ransom, upwards of $500,000. California-based Communications & Power Industries (CPI) confirmed that in mid-January it experienced a cyberattack that halted its daily operations that consist of building components for military devices and equipment, like radar, missile seekers and electronic warfare technology. According to the CPI, an internal domain administrator with the highest security clearance – clicked on a malicious link. This triggered a file-encrypting malware that spread across all CPI offices, including its on-site backups.

T-Mobile Falls Pray to Second Security Breach in Six Months 

Sponsorships Available

Sponsorships Available

Sponsorships Available

Malicious users’ gained access to T-Mobile employee email accounts, infiltrating its customer account data. The telecommunications giant stated that it believes the hackers intend on gaining access to the employee and customer data in order to steal and exploit the information. The data includes customer names, addresses, phone numbers, account numbers, rate plans and features, and billing information. In addition to the above, some user Social Security numbers, financial account information, and government identification numbers were exposed. It is too soon to tell the impact this will have on the affected customers and employees but time will tell. 

International Airline, Cathay Pacific, Fined as Breach Exposes 9.4 Million Customers

Cathay Pacific was hit with a £500,000 fine as the Information Commissioner’s Office (ICO) confirms that the breach went undetected for four years. The airline’s inability to secure its systems resulted in unauthorised access to their passengers’ personal data, including: names, passport and identity details, dates of birth, postal and email addresses, phone numbers, and historical travel information, the ICO said, issuing the fine. The airline dodged a bullet as the breach occurred before GDPR came into effect in May of 2018. This would have resulted in significantly higher ramifications for the security breach.

Walgreens Mobile Application Leaked Users’ Sensitive Information

Walgreens, the U.S. drugstore giant leaked users’ PII and PHI via one of its mobile applications. As the second-largest pharmacy chain in the country, it operates nearly 10,000 stores and employs over 230,000 employees across the nation. The bug granted certain users access to others personal data, such as: names, prescription numbers and drug names, store numbers, and shipping address where applicable. While Walgreens did not mention which application was affected by the bug, it currently has well over 2.5 million ratings in the Apple Store and more than 10 million installations on the Android app store. 

A SpaceX and Tesla Parts Manufacturer Is Affected by Data Breach

DoppelPaymer, a new kind of file-encrypting malware, first exfiltrated the company’s data and then followed up with a ransom, threatening to publish the stolen files if the ransom was not paid. Visser Precision, the Denver, Colorado-based manufacturer, makes unique parts for numerous industries – including automotive and aeronautics. The stolen files from Visor contained sensitive information pertaining to industry leaders like Tesla, SpaceX, Boeing, and defense contractor Lockheed Martin proprietary information.