Bitglass Security Spotlight: Ransomware and Other Forms of Cyberthreats Infiltrate Various Enterprises
Here are the top stories of recent weeks:
- Ransomware attack made Campari Group go offline
- Notorious ransomware group is shutting-down
- A cannabis website has unencrypted user records exposed
- An Online Gold Seller was hacked to steal customers’ credit cards
- US toymaker discloses a ransomware attack that crippled business functions
Ransomware attack made Campari Group go offline
A ransomware attack has taken down a large part of the IT network of the famed Italian beverage vendor, Campari Group. This cyberattack took place on November 1, and while the websites, email servers, and phone lines are still down, it’s appeared that the company has chosen not to pay the ransom. Instead, Campari has started to restore the encrypted systems, working on a “progressive restart in safety conditions.” and moved in to isolate impacted systems so that the incident would not have any significant impact on its financial results.
Notorious ransomware group is shutting-down
Maze, the group which for the past year has published a large amount of stolen internal documents and files from Cognizant, Chubb, Tesla, Visser, and other large enterprises. Although they are considered to be one of the most notorious ransomware groups, they published an announcement on its dark web website saying “The project is closed”. Ransomware experts, however, believe otherwise.
A cannabis website has unencrypted user records exposed
GrowDiaries, a community website where cannabis growers can share updates and journals has exposed more than 3.4 million user records without any protection. The files consisted of about 1.4 million records with email and IP addresses, plus 2 million records containing posts and hashed account passwords using MD5 — which could easily be cracked by an attacker. GrowDiaries never acknowledged the incident and has not responded to information requests.
An Online Gold Seller was hacked to steal customers’ credit cards
JM Bullion’s a precious metal online-retailer has disclosed a data breach after their website was hacked with malicious scripts on February 18, 2020 to steal customers’ credit card information.
The breach caused any submitted payment information to be sent to a remote server under the attacker’s control. The malicious code wasn’t removed from the website until July 17, 2020. JM Bullion notified law enforcement, all impacted credit card brands, and all customers. The victims of this attack must now monitor their credit card statements for fraudulent activity.
US toymaker discloses a ransomware attack that crippled business functions
Mattel the US toymaker revealed that it suffered a ransomware attack on July 28, 2020. The attack resulted in the successful encryption of some of Mattel’s systems. When the company detected the attack, it began its response protocols and measures to stop the threat and restore impacted systems. Mattel stated that ransomware groups have been trying to steal data for more than a year. However, the company said that the July ransomware did not breach any sensitive business data.
To learn about secured access service edge (SASE) and how they can protect your enterprise from data leakage, malware, and more, download the Top SASE Use Cases below.
*** This is a Security Bloggers Network syndicated blog from Bitglass Blog authored by Will Houcheime. Read the original post at: https://www.bitglass.com/blog/bitglass-security-spotlight-ransomware-and-other-forms-of-cyberthreats-infiltrate-various-enterprises