Here are the top stories of recent weeks:
- Major Provider of Network Security Discloses Breach
- Scammers impersonate FBI agents in breach
- Data breach of passports and IDs via Azure blob storage leak
- San Francisco based car insurance startup discloses a security breach
- Children’s health insurance provider traced a data breach to its web hosting platform
Stormshield, a French cyber-security firm and a major provider of network security products and services to the French government, disclosed that a data breach allowed attackers to gain access to one of its customer support portals and steal information. They also managed to compromise parts of the source code for the Stormshield Network Security (SNS) firewall, a product certified to be used in sensitive French government networks. The company stated it’s investigating the incident with French cyber-security agency ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information), which is currently assessing the breach’s impact on government systems. The incident is currently being treated as a major security breach inside the French government, and ANSSI has put Stormshield products under observation for the duration of the investigation.
Recently, the US Federal Bureau of Investigation issued a warning about multiple versions of the government impersonation scam. Malicious actors have been actively pretending to be FBI agents and threatening targets with fines and jail time if they don’t surrender personal details or financial data. One of the victims was threatened to immediately provide financial and personal information that would allegedly help with an ongoing investigation by eliminating them as a suspect in a crime. The FBI advises reaching out to a local field office to verify the identity of agents claiming to represent the agency.
Cyber threat intelligence researcher, Bob Diachenko, found a publicly exposed Azure storage blob on November 24, 2020 that contained passports and ID scans. On researching the names present on these ID documents, Diachenko was able to identify notable journalists and media representatives along with volleyball players from various countries who had submitted their documents to the European Volleyball Confederation (CEV). On December 11, CEV’s legal department claimed that they were investigating the issue, but it was recalled within minutes from its release.
Car insurance startup, Metromile, stated that it has fixed a security flaw on its website that allowed a hacker to obtain driver license numbers. The San Francisco based insurance company said a bug on their website allowed the hacker to obtain personal data of certain individuals, including driver’s license information. Metromile declared that they took actions to contain the breach which included releasing software fixes, notifying the affected individuals, law enforcement, and insurance carriers, but the investigation is still ongoing.
The Florida Healthy Kids Corporation (FHKC) is a US provider of children’s health insurance, which was able to trace a data breach which was rooted from their web hosting platform and affected thousands of individuals. According to a press release on January 28th, FHKC claims that major vulnerabilities were found throughout a seven year period in which the web hosting vendor had failed to apply security patches to its software. The health insurance company has temporarily shut down its website and its affected databases after being notified of the incident on December 9th. FHKC advised the affected individuals (anyone who applied for or renewed insurance coverage online between November 2013 and December 2020) to sign up to fraud alerts and monitor financial statements and credit reports for suspicious activity.
To learn about secured access service edge (SASE) and how they can protect your enterprise from data leakage, malware, and more, download the Top SASE Use Cases below.
*** This is a Security Bloggers Network syndicated blog from Bitglass Blog authored by Will Houcheime. Read the original post at: https://www.bitglass.com/blog/major-provider-of-network-security-discloses-breach