11-11-2021, 09:05 AM
CyberScoop Wrote:Robinhood, a popular stock-trading app, said that it has been breached by someone who accessed information on 7 million people, then sought to extort the company.
The breach on Nov. 3 provided access to 5 million email addresses and 2 million full names, with another approximately 310 having additional information like zip codes and dates of birth exposed. Around 10 more had “more extensive account details” exposed, the company announced on Monday. Robinhood has become a force in the financial market, with 18 million clients and $80 billion in assets, a summer filing stated.
“Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident,” Robinhood’s statement reads.
It’s the first notable cyber incident on the company to surface since October of 2020, when Bloomberg reported that hackers hit nearly 2,000 accounts and stole some customer funds. The year before, Robinhood said it had stored user credentials in an insecure format.
Robinhood said that after the Nov. 3 incident, it contacted law enforcement and sought the investigative help of cybersecurity firm Mandiant.
CyberScoop Wrote:European and Middle Eastern spyware and surveillance firms are marketing intrusion software to adversaries of the U.S., its intelligence allies and NATO, Atlantic Council research published Monday reveals.
Looking at more than 200 companies that attended international arms fairs in the past two decades, researchers found that 85% of companies likely selling interception or intrusion technologies marketed these capabilities to governments outside their home country — even when no intelligence relationship existed. Five companies, including Israel-based Cellebrite and Sweden-based Micro Systemation AB, marketed those capabilities to U.S. and NATO adversaries.
...
The findings coincide with an explosion of surveillance vendors attending international arms trade shows, including the heavily attended Milipol France and the U.K. -based Security and Policing Home Office.
The report underscores growing concerns about the threat that spyware companies pose to the United States and its allies. U.S. and European leaders have begun to follow human rights organizations in vocalizing opposition to firms like the NSO Group, whose spyware technology has been used by authoritarian regimes to spy on dissidents and journalists.
The data on arms fair attendance collected by researchers included U.S. contractor CyberPoint, the precursor to DarkMatter, which was the subject of U.S. law enforcement after it designed cyber capabilities for the United Arab Emirates that led to spying on U.S. citizens.
The report provides one of the broadest overviews of the intrusion and surveillance industry to date, but the researchers note that it is likely far more firms exist. They say that because they were searching in English, “the dataset woefully underreports the presence of Chinese companies in this space.”
CyberScoop Wrote:Intruders accessed patient and employee data after infiltrating health-related IT systems in a breach that’s only now coming into focus.
A security incident affecting the province of Newfoundland and Labrador, first detected Oct. 30, took down multiple health networks, leading to the cancellation of thousands of appointments, including for chemotherapy treatments. The regional Eastern Health authority, which employees 13,000 people, only Thursday announced that its email system was again functioning.
“As part of the on-going investigation into a cyberattack that impacted health care IT systems in Newfoundland and Labrador, it has been determined that some personal information and personal health information was accessed from the systems,” the provincial government said in a Nov. 9 news release. “A review is ongoing to determine if any other information is affected in the incident and further updates will be provided as appropriate.”
Hackers obtained access to 14 years’ worth of information on current and former Eastern Health patients and employees, and nine years’ worth for Labrador Grenfell Health. Patient information includes name, address, health care number, reason for visit, their doctor and birth date. Employee information may include names, addresses, contact information and Social Insurance numbers, which are similar to U.S. Social Security numbers.
Canadian government officials have not said who is suspected in the latest incident, or whether ransomware was involved.
Keep in mind that many hospitals depend on ancient or obsolete software so they will be targeted by hackers at any given time.
How can I be so sure about this? Because they might still be using an OS like Windows XP or 7 under the hood that have not been properly updated / patched to prevent them from being taken over by the latest series of computer viruses.
Right, they could have also opened a suspicious email telling them to click on a weird link. You gotta admit it is a classic, thus it might not disappear any time soon.
If they were truly unlucky, those hackers could have hijacked their VPN connection by impersonating an employee's lawful request...
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE