Connect with us

Malware

Massive Data Breach: Ransomware Attack Impacts 27,000 Individuals in September Cyber Heist

Stanford University has disclosed a ransomware attack that occurred in September, resulting in the theft of personal data belonging to 27,000 individuals. The university is working with cybersecurity experts to address the situation and is offering one year of free identity theft protection services to affected individuals.

Published

on

Stone arches framing a view of Stanford University's historic building under a clear sky at dusk, unaware of the looming threat of a data breach.

A recent ransomware attack at Stanford University resulted in the theft of personal information of 27,000 individuals within its Department of Public Safety (SUDPS) network. The university discovered the attack on September 27 and confirmed that the attackers did not gain access to other systems outside the SUDPS network.

A Timeline of the Attack

The investigation revealed that unauthorized individuals gained access to the SUDPS network between May 12 and September 27. According to data breach notifications filed with Maine’s Attorney General, the attackers stole documents containing personally identifiable information (PII) belonging to 27,000 individuals. The compromised information included dates of birth, Social Security numbers, government IDs, passport numbers, driver’s license numbers, and other data collected by the Department of Public Safety.

For a small number of individuals, the stolen information also included biometric data, health/medical information, email addresses with passwords, usernames with passwords, security questions and answers, digital signatures, and credit card information with security codes.

Akira Ransomware Gang Claims Responsibility

While Stanford University has not attributed the September incident to a specific ransomware operation, the Akira ransomware gang claimed the attack in October. They stated that they stole 430Gb of files from the university’s systems and have since published the stolen data on their dark web leak site, making it available for download via BitTorrent.

The Akira ransomware operation emerged in March and quickly gained notoriety by targeting victims across various industry verticals. By June, the Akira ransomware operators had developed and deployed a Linux encryptor to target VMware ESXi virtual machines widely used in enterprise environments. We’ve seen ransom demands ranging from $200,000 to millions of dollars, depending on the size of the breached organization.

Stanford’s History of Data Breaches

This isn’t the first time Stanford University has dealt with a data breach. In February, the university disclosed another data breach after the Department of Economics Ph.D. program admission information was exposed online between December and January. This followed an April 2021 data breach when the Clop ransomware leaked documents stolen from Stanford School of Medicine’s Accellion File Transfer Appliance (FTA) platform.

Protect Yourself and Your Organization

Cybersecurity incidents like these are a sobering reminder of the importance of protecting your personal information and your organization’s data. It’s crucial to invest in robust cybersecurity measures, maintain regular backups, and educate employees about the dangers of phishing and other cyber threats.

We at IT Services are committed to helping you stay informed about the latest cybersecurity trends and best practices. Whether you’re an individual or a business owner, we’re here to provide you with the information and tools you need to stay safe in the digital world. Contact us to learn more and keep coming back for the latest updates and advice.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Malware

Massive Roblox Vendor Data Breach: Dev Conference Attendee Info Shockingly Exposed

A Roblox vendor data breach has exposed personal information of Roblox Developers Conference attendees. The breach, discovered on November 8, exposed names, billing addresses, and order details of customers, but no financial data. Roblox has since terminated the vendor’s contract and is taking steps to prevent future breaches.

Published

on

Imagine you’re a dedicated developer, excited to attend a prestigious conference to connect with peers and learn about innovative tools in your field. You register, book your flight, and eagerly await the event. Now imagine the disappointment and concern you’d feel if you discovered your personal information had been exposed due to a data breach. Unfortunately, this scenario recently became reality for attendees of the Roblox Developer Conference.

Roblox, a wildly popular online gaming and game creation platform, boasts over 200 million active users, many of whom are young developers eager to design, create, and share games with their community. Each year, the company holds a Roblox Developer Conference (RDC) to provide networking opportunities and learning experiences for these talented individuals.

However, a notice published recently revealed that FNTech, the vendor responsible for handling registration for the conference, suffered a data breach. Unauthorized access to its systems led to the exposure of personal information belonging to attendees of the 2022, 2023, and 2024 RDC events.

What was exposed, and who is affected?

The data breach resulted in the theft of attendees’ full names, email addresses, and IP addresses. According to the data breach notification service Have I Been Pwned (HIBP), 10,386 unique email addresses were exposed. Of these, 63% (6,500) had not been exposed in previous breaches.

Worryingly, this isn’t the first time Roblox developers have been targeted. In July 2023, HIBP added information about nearly 4,000 Roblox developer accounts to its database. These individuals, also RDC attendees, had their data leaked on a hacker forum following a 2021 breach that impacted attendees from 2017 to 2020.

Understanding the risks and taking action

While the recent breach doesn’t directly put Roblox developers in immediate danger, it does increase the likelihood of targeted phishing attacks. Armed with their personal information, cybercriminals could easily craft convincing messages designed to trick developers into revealing even more sensitive data.

In response to the breach, Roblox has taken steps to prevent similar incidents in the future. However, this isn’t the first time the platform and its users have faced security threats. In November 2022, over 200,000 users installed a malicious Chrome extension called SearchBlox, which contained code designed to steal Roblox account credentials.

Don’t let this happen to you!

As an IT Services company specializing in cybersecurity, we understand how devastating data breaches can be, not only to businesses but also to individuals like the RDC attendees. Don’t leave your security to chance—reach out to us for expert advice and support to keep your data safe and secure.

Together, we can help prevent cyberattacks and protect your personal information from falling into the wrong hands. And remember, always stay vigilant and be cautious of any suspicious emails or messages, no matter how convincing they may seem.

Contact us today to learn more about our cybersecurity services, and keep coming back for the latest news and insights in the world of online safety.

Continue Reading

Malware

Shopify Debunks Hacking Claims, Exposes Stolen Data Connection to Third-Party App

Shopify has denied being hacked after suspicious emails were sent to customers, blaming a third-party app for the data breach. The firm’s investigation revealed that the app had accessed and stolen data from Shopify’s API, but the incident was not a security breach of the platform itself.

Published

on

Shopify, the popular e-commerce platform, has recently denied experiencing a data breach after a threat actor started selling customer data that they claimed to have stolen from Shopify’s network. But, don’t worry, it’s not as bad as it seems.

What Shopify had to say

According to Shopify, the company’s systems have not suffered a security incident. They told us, “The data loss reported was caused by a third-party app. The app developer intends to notify affected customers.

This statement comes after a threat actor, known as ‘888’, began selling data they claimed was stolen from Shopify back in 2024.

Selling alleged Shopify data on a hacking forum
Selling alleged Shopify data on a hacking forum
Source: IT Services

What’s in the data?

The threat actor shared data samples that include a person’s Shopify ID, first name, last name, email, mobile number, order count, total spent, email subscription, email subscription date, SMS subscription, and SMS subscription date. While this information is significant, it’s important to remember that Shopify itself wasn’t directly breached.

Unfortunately, Shopify did not provide any further information about the app from which this customer’s data was stolen.

A history of data leaks

The threat actor, 888, has been linked to previous data sales or leaks allegedly involving companies like Credit Suisse, Shell, Heineken, Accenture India, and Unicef.

It’s also worth noting that in 2020, Shopify disclosed that two “rogue members” of its support team accessed customer transactional records of about 200 merchants. While this is concerning, it’s essential to recognize the proactive steps the company has taken to address security issues.


Stay informed and protect your data

While this particular incident doesn’t seem to be a direct breach of Shopify’s systems, it’s still a reminder to stay vigilant when it comes to our data. Make sure to stay informed about potential threats and take the necessary steps to protect your personal information.

If you’re interested in learning more about cybersecurity and how to keep your data safe, don’t hesitate to contact us and keep coming back for more valuable information.

Continue Reading

Malware

Hackers Expose Supposed Taylor Swift Tickets, Intensify Ticketmaster Blackmail with Power Word

Hackers have leaked alleged Taylor Swift concert tickets and intensified their extortion efforts against Ticketmaster. The group, known as REvil, is demanding a $10 million ransom for the stolen data and threatening to reveal more.

Published

on

Imagine being a die-hard Taylor Swift fan, eagerly awaiting her next concert, and then finding out that your ticket information has been compromised. Well, that’s precisely what happened to a large number of fans recently when hackers leaked the barcode data of 166,000 Taylor Swift Eras Tour tickets. The hackers have warned that more events will be leaked if a $2 million extortion demand isn’t met.

Back in May, a notorious threat actor named ShinyHunters started selling data on 560 million Ticketmaster customers for $500,000. Ticketmaster later confirmed the data breach, stating it was from their account on Snowflake, a cloud-based data warehousing company they use to store databases, process data, and perform analytics.

By April, threat actors had begun downloading Snowflake databases of at least 165 organizations using credentials stolen by information-stealing malware. They then blackmailed these companies, demanding payment to prevent the data from being leaked or sold to other threat actors. Companies known to have had data stolen from their Snowflake accounts include Neiman Marcus, Los Angeles Unified School District, Advance Auto Parts, Pure Storage, and Satander.

When Concert Dreams Turn into Nightmares

Today, a threat actor known as Sp1d3rHunters has leaked what they claim is the ticket data for 166,000 Taylor Swift Eras Tour barcodes used to gain entry on various concert dates.

Sp1d3rHunters, previously named Sp1d3r, is the threat actor behind the sale of data stolen from Snowflake accounts, publicly extorting the various companies for payments. The extortion demand, shared by threat intel service HackManac, reads, “Pay us $2million USD or we leak all 680M of your users’ information and 30 million more event barcodes, including more Taylor Swift events, P!nk, Sting, Sporting events F1 Formula Racing, MLB, NFL, and thousands more events.”

The post claims the barcode data is for upcoming Taylor Swift concerts in Miami, New Orleans, and Indianapolis. It includes a small sample of the alleged barcode data, containing the value used to create a scannable barcode, seat information, the face value of tickets, and other information. The threat actor even shared details on how to turn this data into a scannable barcode.

While the barcode data wasn’t part of the initial leak of stolen Ticketmaster data samples released by the threat actors in May, some of the newly leaked data can be found in the older leaks, including the hashed credit card and sales order information for the tickets.

The group behind these attacks is ShinyHunters, which has been responsible for many data breaches over the years. These include leaking the data for 386 million user records from 18 companies in 2020, an AT&T breach impacting 70 million customers, and most recently, the leaking of 33 million phone numbers used with the Authy multi-factor authentication app.

Update: Ticketmaster has informed us that unique barcodes are updated every few seconds, so the stolen tickets cannot be used. “Ticketmaster’s SafeTix technology protects tickets by automatically refreshing a new and unique barcode every few seconds so it cannot be stolen or copied,” Ticketmaster told us. “This is just one of many fraud protections we implement to keep tickets safe and secure.” They also confirmed that they did not engage in any ransom negotiations with the threat actors, disputing ShinyHunter’s claims that they were offered $1 million to delete the data.

Protect Yourself and Stay Informed

This incident is just one example of how vulnerable our personal data can be in the digital age. To stay informed about cybersecurity threats and how to protect yourself, make sure to keep coming back to our IT Services page. Our team of experts is dedicated to helping you stay one step ahead of cybercriminals. Don’t let hackers ruin your concert experience or compromise your personal information. Stay informed and stay safe.

Continue Reading

Trending

Copyright © 2023 IT Services Network.