Reading Time: ~2 min.

Gnosticplayers Adds 26 Million More Records for Sale

After the first 3 major data dumps, which totaled over 600
million records, the hacker known as Gnosticplayers
has released his latest cache of data, which contains at least 26 million
personal user records. These data caches hold customer information for 32
companies overall and have been obtained over just the past couple months,
making the data that much more lucrative. The hacker claims these breaches are
done simply out of frustration that security is still not being taken seriously
by many major companies from across the globe, which may explain why the price
tag for each dump is so low.

Hackers Set Off Tornado Sirens in Texas Towns

At least 30
tornado warning sirens
in two Texas towns were triggered in the
early morning hours by an unknown hacker. While officials quickly shut down the
sirens, they did so just 24 hours prior to a major storm during which they
might have needed to use these critical emergency systems. This attack is very
similar to one that affected the entire Dallas area in 2017, when hackers
successfully compromised a radio system that set off over 100 tornado sirens
across the city.

Marketing Firm Exposes 230 Million Records

Another misconfigured Amazon database,
this time belonging to Exactis, carries the blame for a data breach that could
affect at least 230 million individuals, with more data on 110 million
individual records tied to businesses. While it is still unclear exactly how
long the database was accessible, the company and an external security auditor maintain
that the data was not accessed maliciously during its time online, though the
independent researcher who first discovered the database reports that the data
may have been spotted for sale on the dark web.

Ransomware Cripples Major Aluminum Manufacturer

Norsk
Hydro
, a major Aluminum producer, suffered a ransomware attack that
successfully shut down a large portion of the company’s operations. The attack
forced the company to switch to manual operations at all of its facilities
around the world, and temporarily take down their website while they worked to
restore their systems from backups. Fortunately, the company retains backups
for their major operations, so normal production should resume within the week.

Gearbest Leaks 1.5 Million Customer Records

Following the trend of unprotected databases, researchers
recently found yet
another
one, this time belonging to Gearbest (a Chinese e-commerce
site). This database contained unencrypted personal records for over 1.5
million customers around the globe, including payment data, ID and passport
info, and even data that could compromise Gearbest itself, as URLs for an
internal software platform were also exposed. The company has since claimed
that the number of exposed records is much smaller than originally posted.
However, they also maintain that they use strong encryption on all stored data,
despite this latest evidence to the contrary. 

The post Cyber News Rundown: Hacker Exposes 26 Million Personal Records appeared first on Webroot Blog.