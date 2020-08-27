Company Information Affected

University of Utah (US) The university disclosed that it paid ransomware attackers $457,000 to delete student and employee data which was stolen following an attack on the College of Social and Behavioral Science on July 19th, 2020. The university stated that the hackers were only able to encrypt 0.02% of the data stored on its servers. Netwalker ransomware is speculated to have been behind the attack. Unknown

Social Data (US) Comparitech researchers discovered an unsecured database with from YouTube, TikTok and Instagram. Exposed data included names, contact information, personal information, images and statistics about followers. It has since been secured. A Social Data spokesperson noted that the data was not obtained ‘surreptitiously,’ adding that the exposed data would be available to anyone, as the users themselves have set their profiles to public. 235,000,000

Instacart (US) The company disclosed a data breach incident caused by two employees at a third-party support vendor who were found to have reviewed the personal data of customers without cause. The viewed information may have included names, email addresses, telephone numbers, driver license numbers, and a thumbnail image of the driver’s license. No evidence was found to suggest that the data has been downloaded or otherwise removed from premises. 2,180

Freepik Company (Spain) Freepik Company disclosed that an SQL injection in Flaticon impacted both Freekpik and Flaticon. The attackers gained access to the email addresses of the oldest 8.3 million users, 3.77 million of whom also had the hash of their password exposed. 8,300,000

Mental Health Partners (US) Mental Health Partners (MHP) disclosed a potential data breach during which the personal information of MHP clients and employees may have been accessed and downloaded. Potentially compromised data includes names, dates of birth, Social Security numbers, passport and other ID numbers, financial account information, medical record information and more. Unknown

Rezzan Günday (Turkey) The pharmacy suffered a data breach arising from employee misconduct. Since 2019, the employee allegedly illegally copied patient data and supplied it to another pharmacy to set up illicit supply chains for medications. The data obtained by the suspect includes healthcare system ID numbers, phone numbers, medical records, employment status and affiliate healthcare institution information. Unknown

Kariyer.net (Turkey) Turkish careers website Kariyer.net became the victim of a data breach affecting 40,955 individuals and 55,149 records. A file containing login credentials and personal information, including names, phone numbers, photos and addresses, was uploaded to an unspecified public website. 40,995

Isetan Mitsukoshi and MICard (Japan) Isetan Mitsukoshi and MICard disclosed a data breach caused by unauthorised access. The breach occurred on the MICard homepage and Isetan Mitsukoshi Online Store. Exposed data for Isetan Mitsukoshi customers included names, addresses, phone numbers, email addresses, and dates of birth. Impacted customer details for MI Card customers included member names, current membership points, and expected billing amounts. 19,000

RailYatri (India) Security Detectives discovered an unsecured, publicly accessible Elasticsearch server belonging to the company. The database was destroyed by a Meow bot attack on August 12th, 2020. Exposed data included full names, ages, genders, physical addresses, email addresses and more, as well as partial credit and debit card payment logs. According to the company, the server in question was only a test server. ~700,000

Brookfield Residential Properties (US) The company confirmed that a cybersecurity incident resulted in an attacker gaining access to ‘a limited subset of files’. The company did not address claims made by DarkSide ransomware operators they had exfiltrated data from the company, which was subsequently dumped online. DataBreaches.net stated that the leaked files appear to contain employee information. Unknown

South Dakota Fusion Center (US) The FBI is currently investigating a data breach at the South Dakota Fusion Center responsible for handling emergency calls. The breach occurred on June 19th, 2020, and may have exposed names, addresses and virus status of patients. The data was stored on Netsential servers, who had disclosed a breach of their servers in June 2020. Unknown

Canpar Express (Canada) Files allegedly stolen from the courier company were leaked on the dark web. The leaked files contained a small amount of information about the company’s internal operations. FreightWaves stated that the leak appears to have come from Doppelpaymer ransomware attackers. Unknown

CryptoTrader.Tax (US) CryptoTrader.Tax suffered a data breach on April 7th, 2020, when an unauthorised actor gained access to a customer service employee’s account. The attacker managed to steal about 13,000 records containing customer data, including 1,082 unique email addresses. Customer passwords were not affected. The data has since been posted for sale on a dark web forum. ~1,082

National Western Life (US) REvil ransomware operators claim to have successfully attacked the company and exfiltrated 656GB of data. The group initially posted screenshots to their data leak site which purported to contain screenshots of database files, passports, contract agreements, and more. On August 23rd, 2020, the operators claimed that they also had access to the company’s mail and released roughly 1% of the stolen data. Unknown

Valley Health Systems (US) The operators of REvil ransomware claim to have breached Valley Health Systems and stolen data pertaining to its clients and employees. As proof of their attack, the group uploaded screenshots of folders and a small portion of the stolen data. This includes patients’ prescriptions, patient details such as names, dates of birth, gender and patient ID, and more. Unknown

Volkswagen (Germany) The operators of Conti ransomware published data supposedly stolen from a Volkswagen Group franchise based in Salzkotten, Germany. The leak contains invoices relating to workshop services or automotive part sales. Unknown

Wellington-Dufferin-Guelph Public Health (Canada) The healthcare provider disclosed a data leak incident, during which a dashboard containing confidential information was made publicly accessible on the organisation’s website between January and May 2020. The leak contained addresses and Influenza strain and symptom details for patients. The names of clients were not exposed. Unknown

Ventura Orthopedics (US) Following a data leak by Maze ransomware operators, Conti ransomware operators also added Ventura Orthopaedics to their data leak site. Leaked data, consisting of 1,850 files, exposed patient files that contained names, dates of birth, medications, and laboratory findings. The information posted on Conti News reportedly differs from that shared by Maze. Unknown