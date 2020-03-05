Company Information Affected

Total Quality Logistics (US) Total Quality Logistics is currently investigating a data breach, after attackers used its IT systems to gain access to sensitive business information. According to Corporate Communications Manager Tom Millikin, the breach is not the result of a malware or ransomware attack. Potentially compromised data includes carriers’ tax ID numbers, bank account numbers and invoice information. It has not been specified how many carriers were impacted. Unknown

BGR India Researchers at Under the Breach reported that hackers are freely sharing the MySQL database of Indian tech new sites BGR India. The data was exposed through an unsecured Amazon Simple Storage Service bucket. The leaked data includes usernames, emails and passwords. The information is stored in hashed form but could be decrypted. The BGR information being shared is part of a larger data dump which is approximately 21.5GB in size. The dump contains details for at least two other websites. The data trove contains 16 SQL dumps and at least 36,000 emails and logins. Unknown

Straffic (Israel) The Israeli marketing start-up accidentally exposed the credentials for its Elasticsearch database in plaintext on a random domain. This ultimately allowed unauthorised individuals access to their database. Straffic has since secured the database. The database contained two indexes with 140GB worth of individual’s personal information, including names, email addresses, phone numbers, email addresses, physical addresses, and gender. According to Troy Hunt, the database contained 49 million unique email addresses, 70% of which had previously been posted on Have I Been Pwned. Affected users are from Europe and the US. ~49,000,000

RailWorks Corporation (US) On January 27th, 2020, RailWorks Corporation suffered a data breach following a ransomware attack that ‘partly encrypted its servers and systems’. Data exposed in the attack included personal identifiable information belonging to that of current and former employees, their beneficiaries and dependants and independent contractors. The potentially exposed information includes names, addresses, driver license numbers, dates of birth, and more. Unknown

Walgreens (US) Walgreens stated last week that their official mobile application contained a bug that resulted in the exposure of personal information associated with some of its users. The leak was the result of an ‘internal application error’, that allowed some personal messages from Walgreens that were stored in the database to be viewed by customers using the Walgreens app. Data exposed included first and last names, prescription details, store numbers and shipping addresses. The application error was present for a week, between Thursday January 9th and Wednesday January 15th. Unknown

Visser Precision (US) The Colorado-based manufacturer confirmed a cyber attack on its systems, which security researchers say was caused by DoppelPaymer ransomware. Data belonging to the company has since been uploaded to the operators’ website, with some available for download. The data uploaded includes folders with Visser Precision customer names, including Tesla, SpaceX, Boeing, and Lockheed Martin.

Interactive Medical Systems Corporation (US) IMS was the victim of a phishing attack that potentially exposed the private data of the school’s employees. Emails within the affected email account may have been exposed to an unauthorised third party between July 19th and December 31st, 2019. According to IMS, exposed data may include first and last names, the last four digits of Social Security numbers, transaction dates and amounts, plan sponsor or employer names, and addresses. In some cases, full Social Security numbers may have been exposed, as well as email addresses, mailing addresses, dates of birth, and more. Brunswick County Schools and Lincoln County Schools employees may have been affected. <658

Kenneth Cole Productions (US) Sodinokibi ransomware operators claim to have stolen data from the fashion house Kenneth Cole Productions. Under the Breach reported that the criminals posted a download link to a file containing employee, customer, work, and financial information. The attackers are threatening to publish the company’s entire cloud data unless their ransom demands are met. The criminals claim to have more than 60,000 files containing personal data and 70,000 financial and work documents. Unknown

C3UK (UK) Security Discovery researchers identified 146 million records exposed on a non-password protected database that belonged to internet service provider C3UK, which provides free Wi-Fi connections at rail stations. The records contained internal company information and personal information. Exposed user information included names, email addresses, age ranges, device IPs, and more. The company information included IP addresses, ports, pathways, storage information, and other details. ~10,000

Simon Fraser University (Canada) On March 2nd, 2020, Simon Fraser University revealed a security incident which exposed the details of students, staff, faculty members, alumni and retirees. The university stated that the breach was caused by ransomware which ‘found a weakness in the way the information was handled’. The exposed data includes names, birthdates, external email addresses, encrypted passwords, and more. Unknown

Loqbox (UK) Loqbox informed its customers of a ‘sophisticated attack’ that targeted the company on February 20th, 2020, which may have exposed customer names, postal addresses, dates of birth, email addresses, and phone numbers. In addition, banking details of customers were also compromised. No passwords were compromised and according to Loqbox, all funds remain secure. Unknown

Prince Edward Island (Canada) Personal data of individuals has been uploaded online by the Maze ransomware operators after the Government of Prince Edward Island refused to pay the demanded ransom.The uploaded files included financial reports, bank statements and payment details from the Agri-Stability programme. Some of these documents included Social Insurance Numbers, names, contact information and business numbers. The Maze operators’ website states that the uploaded documents are a portion of a further 200GB they have stolen from the government. Unknown

Community Development Bank (US) On March 1st, 2020, DataBreaches[.]net reported that CD Bank, which is the online division of TBK Bank, was targeted by DoppelPaymer ransomware. The ransomware operators claimed that they successfully exfiltrated the bank’s data and uploaded files online as proof of the attack. Following the report, TBK Bank contacted DataBreaches and refuted the attackers’ claims. DoppelPaymer operators have since updated their leak site and clarified that they attacked the Community Development Bank in Minnesota, and not CD Bank. Unknown

Hutt Valley High School (New Zealand) On February 25th, 2020, authorities at Hutt Valley High School informed students’ parents of a cyberattack that may have impacted personal data. Potentially exposed information includes names, addresses, and student records. Unknown

University of York (UK) The University of York’s app MyUoY was taken offline twice due to reported issues after initial launches. According to Nouse, the university stated that the app had been taken offline due to issues ‘not related to attendance data or other personal data.’ An investigation by Nouse, however, found a university report stating that the app contained flaws that exposed the personal information of students and staff. This included full names, email addresses, home addresses, term-time addresses, dates of birth, and more. Unknown

Hillsboro R-3 School District (US) A data breach at the Hillsboro R-3 School district is being investigated by detectives at Jefferson County Sheriff’s Office. The incident appears to be linked to the district’s use of Google G-Suite which would link to employees’ personal photos. Unknown

T-Mobile T-Mobile issued a data breach notification, stating that a sophisticated phishing attack against their email vendor was discovered. This resulted in an unauthorised third party gaining access to employee email accounts containing employee and customer information. Potentially accessed information includes customer names, addresses, phone numbers, account numbers, rate plans and features, and billing information. Unknown