Today's Hacked!
Security Breach: 23andMe Reports Unauthorized Access to Ancestry Data of 6.9 Million Users"
- 6.9 Million Users Affected: Nearly half of 23andMe's customer base impacted.
- Stolen Data: Names, birth years, relationship labels, DNA details, ancestry reports, and locations compromised.
- Exploited Feature: Hackers used the DNA Relatives feature to access account holder and relatives' data.
- Password Reuse: Breach due to reused passwords, emphasizing the need for stronger security.
- Privacy Risks: Significant concerns about genetic data privacy and identity theft.
- User Steps: Urgent need for users to secure accounts, update passwords, and watch for misuse of their data.
- Company Action: 23andMe urged to enhance security measures to prevent future breaches.
- Reported on Techcrunch.com
Multiple States Affected by Breaches from Iran-Linked Hackers, FBI Reports
- Iran-linked Hackers: Targeted U.S. organizations, including a PA water authority, due to their use of Israeli-made control devices.
- Impact: Breach affected multiple states, disrupting utilities beyond water, highlighting vulnerabilities in critical equipment across various industries.
- Tactics: Exploited weak cybersecurity like default passwords, left a message marking Israeli devices as targets.
- IRGC Connection: "Cyber Av3ngers" linked to Iran's Revolutionary Guards targeted these devices since Nov 22.
- Concerns: Deeper network infiltration fears and calls for federal investigation due to cybersecurity lapses in crucial sectors.
- Regulatory Challenges: Criticism over inadequate cybersecurity measures in water utilities and other vital industries, despite Biden administration efforts to bolster infrastructure security.
- reported on lockhaven.com
Britain Denies Evidence of Sellafield Nuclear Site Hacking, Reports Reuters
- Reported Incident: The Guardian alleged Russia and China-linked cyber groups hacked Britain's Sellafield nuclear site.
- Government's Response: Britain denies evidence of state actor cyber attacks, citing robust monitoring systems and absence of malware.
- Sellafield Overview: Controlled by the Nuclear Decommissioning Authority, the site in northwest England has 11,000 employees.
- Office for Nuclear Regulation (ONR): No proof of state actor hacking found, but ONR notes Sellafield's current cybersecurity standards are lacking and under increased scrutiny.
- Ongoing Investigation: Specific cybersecurity issues at Sellafield are under investigation, limiting further comments.
- Guardian's Report on ONR: Suggests ONR might prosecute Sellafield individuals over cybersecurity shortcomings.
- reported on Reuters
Authorities Report: 14 South Korean Entities, Including Defense Contractors, Hacked by North"
- North Korean group Andariel hacked 14 South Korean entities, stealing 1.2 terabytes of advanced data, including defense technology and server credentials.
- The breach, ongoing for a year, was traced through a South Korean server rental company, with victims unaware until authorities intervened.
- Andariel, known for military intelligence theft, extorted 470 million won in cryptocurrency by damaging servers with ransomware.
- Investigations revealed the money's route to North Korea through a Korean resident's account linked to a former Hong Kong-based exchange employee.
- Police investigations focus on the financials and connections of the involved parties.
- reported on koreajoongangdaily.com
Comments (0)