SBN

Data Breaches for the Month July 2024

Every month, we witness a significant rise in data breaches. Over the past six months, India has experienced a surge in cyber-attacks, with 388 data breaches, 107 data leaks, and 39 ransomware incidents reported. At Strobes, we meticulously track these security events, and in this blog, we focus on the key breaches of July 2024. We’ll analyze the types of data compromised and the number of individuals affected. Explore the trends emerging from these incidents and learn how to protect your data.

1. Data Breach at Sharp Corp

Date: 30/7/2024, Source: The Asahi Shimbun

Sharp Corp. announced that unauthorized access to two of its online services potentially compromised personal information of over 100,000 customers. While no illegal use of the information has been detected, there is a possibility that credit card details were leaked. The breach affected 203 individuals who placed orders at Sharp’s Cocoro Store or Healsio Deli food delivery service between June 23 and 30. Additionally, around 26,000 users who logged into the Cocoro Store or placed orders between July 19 and 22 may have been forced to install a computer virus, compromising their credit card information. Furthermore, 75,000 individuals may have installed the virus when visiting the store during the same period. Sharp suspended both websites on July 22 and began notifying users on July 29, advising them to scan for viruses and change their passwords.

Claroty

2. XDSpy Targets Russia, Moldova in Cyberespionage Campaign

Date: 30/7/2024, Source: The Record

A cyberespionage group named XDSpy has been targeting victims in Russia and Moldova with a new malware variant. In a recent campaign, suspected to be state-sponsored, the group sent phishing emails to a Russian tech company and an organization in Transnistria, a Russian-controlled region in Moldova. The emails contained a link to an archive with a legitimate executable file, enabling the attackers to execute malicious code stealthily.

The Russian cybersecurity firm F.A.C.C.T. discovered these attacks and identified a new tool used by the hackers, called XDSpy.DSDownloader. It is unclear if the attacks resulted in data theft.

3. ServiceNow Flaws Lead to Data Breaches

Date: 30/7/2024, Source: CSO

Multiple critical vulnerabilities (CVE-2024-4879, CVE-2024-5217, CVE-2024-5178) have been discovered in the ServiceNow IT service management platform. These flaws have been actively exploited by threat actors to steal sensitive data from over 105 organizations, including government agencies and critical infrastructure providers.

The vulnerabilities allow unauthenticated attackers to execute malicious code, leading to data exfiltration and potential system compromise. Stolen data, including email addresses, hashed passwords, and other sensitive information, is being sold on the dark web.

This attack highlights the urgent need for organizations to prioritize patch management and implement robust security measures to protect against similar attacks.

Date: 19/7/2024, Source: The Register

4. WazirX Suffers Major Crypto Theft

Date: 19/7/2024, Source: The Register

Indian cryptocurrency exchange WazirX experienced a significant security breach resulting in the loss of over $230 million in digital assets. The theft was executed by exploiting a vulnerability in the exchange’s multi-signature wallet system, bypassing multiple layers of security.

The attack is believed to be orchestrated by a North Korean cybercrime group, known for targeting cryptocurrency exchanges to fund its illicit activities. Blockchain analysis firms have confirmed the movement of stolen funds and identified the attacker’s attempts to launder the proceeds.

The incident highlights the ongoing challenges faced by the cryptocurrency industry in safeguarding digital assets. It also underscores the need for robust security measures, including advanced wallet protection and stringent compliance with anti-money laundering regulations.

5. S-400 Secrets Leaked in Cyberattack

Date: 31/7/2024, Source: India Sentinel

A data breach involving sensitive information about India’s S-400 missile-defense systems has raised national security concerns. The breach originated from hacked emails of Russian military officials and revealed the specific configuration of the advanced weapon system that India purchased from Russia.

The Ukrainian hacker group CyberResistance, in collaboration with the international intelligence community InformNapalm, released the data under the name “BaumankaLeaks.” Indian defense and intelligence agencies are now assessing the damage and implementing measures to mitigate risks.

Final Words

From Microsoft’s service outage due to a cyber-attack to the exposure of India’s S-400 missile defense secrets, these incidents serve as a stark reminder of the critical need for robust cybersecurity measures. At Strobes we do continuous threat exposure management, it helps to identify end-to-end vulnerabilities and secure your data from real time cyber attacks. Protect your business and clients’ trust with strobes. Contact us today!

The post Data Breaches for the Month July 2024 appeared first on Strobes Security.

*** This is a Security Bloggers Network syndicated blog from Strobes Security authored by Likhil Chekuri. Read the original post at: https://strobes.co/blog/data-breaches-for-the-month-july-2024/

Application Security Check Up