Security News Round-Up: Las Vegas Becomes Latest City Facing Cyber Attack
News Round-Up – Get a Quick Rundown of What You Need to Know
Evolver’s Cyber News Round-Up looks into recent reports and journalism covering cyber threats and trends affecting all industries. You can suggest articles to us on LinkedIn and on Twitter at @EvolverInc. Visit our cybersecurity services page to learn more about cyber risk assessment and threat protection.
Las Vegas Becomes Latest City Facing Cyber Attack
On January 7th, the first day of the Consumer Electronics Show that takes place in Las Vegas, the city was hit with a cyberattack at 4:30 in the morning. While the type of attack has not been revealed, says SC Magazine, the city’s services were disrupted for only a single day. The city revealed that the quick response of its IT team in combination with software security systems had allowed full recovery by January 8th with no major impacts. It is not believed that any information was stolen, the article states. It is unclear whether the attack has anything to do with the Consumer Electronics Show or the recent tensions between the U.S. and Iran.
Iranian Hacking Group Targets U.S. and African Websites
A group known as “Iran Cyber Security Group Hackers” successfully broke into and defaced the US Federal Depository Library Program’s (FDLP) website. The group put a new image on the website’s homepage, consisting of violent photos and a pro-Iran/anti-U.S. government message, says Hack Read. On the same day (January 4th), a group called “Shield Iran” went after Sierra Leone Commercial Bank to post images of Qasem Soleimani, who was the Iranian major general that was killed in the U.S. drone strike on January 3rd. This attack consisted of another pro-Iranian/anti-U.S. government message as well. The FDLP’s website has since been taken offline.
Website of Japanese Love Hotel Faces Data Breach
According to a recent article from Info Security Magazine, a website used for booking Japanese “love hotels” has fallen victim to a data breach. The owner of a website known as Happy Hotels, a company called Almex, has warned that emails, birth dates, genders, phone numbers, credit card information, addresses, login information, and handle names are all at risk of having been stolen. The article notes that the company warned users to change passwords, which may have been included as well. Privacy has become a major issue in the incident, with concerns of people being exposed for cheating on their partners in such establishments coming to the forefront.
LifeLabs Sued for Data Breach
Canada-based laboratory testing company known as LifeLabs is being sued for a data breach affecting 15 million customers. Information exposed is thought to include names, email addresses, logins, addresses, passwords, birth dates, lab test results, and health card numbers, according to Info Security Magazine. The company knew of the attack on October 28th, 2019, but waited until December 17th to inform consumers and had paid off the attackers to prevent them from releasing the data. Five plaintiffs filed the lawsuit for both negligence and breach of contract, says the article, seeking over $1.13 billion. The damages requested cover mental anguish, damage to credit reputation, and time wasted while also including more punitive and moral damages in addition.
Fundraising Company Closes Doors Post-Ransomware Attack
The Heritage Company, an LA-based fundraising business, has closed its doors due to the after effects of a ransomware attack that took place in October. After paying the ransom, says Info Security Magazine, the financial blow made it impossible for the company to continue operating without their systems. Over 300 employees had to be released from their positions right before Christmas, with IT still making an effort to restore the company’s systems using the key given by the attackers. Such an incident serves as a reminder of how badly cyberattacks can hurt small-to-medium sized businesses (SMB’s). According to the article, the company will still try to reopen its doors once all of the restoration is complete.
Anonymous Maze Ransomware Group Sued by Victim
After being hit with ransomware, a wire and cable producer by the name of Southwire is suing its attacker(s) despite the fact that they remain unidentified, says Bank Info Security. The lawsuit simply refers to the person(s) as “John Doe”. In addition, Southwire was able to get an Irish-hosted website that listed victims and some of their data taken down through an injunction in Ireland. Those responsible for the attack demanded $6.1 million as a ransom payment, which Southwire refused, the article notes. It is unclear whether the move will push the attackers to release more data or give up the fight.