Security News Round-Up: Over 10.5 Million MGM Guests’ Data Being Sold on Dark Web
News Round-Up – Get a Quick Rundown of What You Need to Know
Evolver’s Cyber News Round-Up looks into recent reports and journalism covering cyber threats and trends affecting all industries. You can suggest articles to us on LinkedIn and on Twitter at @EvolverInc. Visit our cybersecurity services page to learn more about cyber risk assessment and threat protection.
Over 10.5 Million MGM Guests’ Data Being Sold on Dark Web
After a massive data leak around 2017, data belonging to 10,683,188 MGM hotel guests has been listed on the Dark Web for sale this week, says Naked Security. Government officials, celebrities, and CEOs of extremely large companies were included in the data as well, with much of the details still being accurate despite them being from three years ago. Full names, phone numbers, addresses, birth dates, and emails were the types of data involved. Luckily, no payment information is a part of the incident, the article states. The sale is being held by GnosticPlayers, an attacker that has led a number of large data breaches in the past, Naked Security notes.
U.S. Combat Support Agency Was Breached in 2019, Agency Reveals
DoD agency known as the U.S. Combat Support Agency revealed that it experienced a data breach last year and began warning those affected. The agency has over 8,000 employees consisting of both civilian and military personnel, says Security Week, and the breach involved personal information such as social security numbers. The agency also operates secured communications on the behalf of the President of the United States. It has not been revealed, however, whether the breach involved a hack or whether the data was simply left unsecured in some fashion. It took place sometime between May and July of last year, according to the article.
Canadian Federal Government Exposes 144K Citizens’ Data
Over the span of the last two years, a number of Canada’s federal departments and agencies have mishandled around 144,000 citizens’ data. Across 10 of these departments and agencies, there were 7,992 breaches discovered, according to Info Security Magazine. A whopping 3,020 of these breaches came from the Canada Revenue Agency (CRA), involving 60,000 citizens. A large amount of these came from an incident involving employees of the CRA being given a hard drive by mistake, which happened to possess 11,780 citizens’ personal data in January of last year.
Major Health Company Attacked With Ransomware
NRC Health, who was attacked by ransomware on February 11th, partners with three quarters of the top 200 biggest hospital networks in the country through management of survey systems for patients. The giant has over 9,000 customers that are healthcare institutions, says Dark Reading, meaning the incident puts a massive amount of patient data at risk. NRC Health has shut down its systems to work on restoration along with notifying authorities such as the FBI to assist with the investigation. So far, it has not been made known whether or not attackers were able to access or steal any patient information, according to the article.
Major Financial Institution in South Africa Breached, 1.7 Million Affected
1.7 million past and present customers of Nedbank were affected in a recently disclosed incident, as stated by Dark Reading. A third party marketing contractor, Computer Facilities, revealed a breach had taken place. The contractor is used by Nedbank for marketing communications via email and SMS. The bank has worked to eliminate all data held by Computer Facilities related to its customers. Of the 1.7 million affected, 1.1 million are active Nedbank customers. The data exposed includes names, phone numbers, physical addresses, email addresses, and ID numbers. The investigation is still ongoing with authorities.