Cyber Incident Log w/e 17/02/2017

130
business continuity case study

Private sector must join battle against cyber-attacks, says Hammond

Hacking attacks on the government and businesses are increasing in their frequency, severity and sophistication, Philip Hammond, the chancellor, has said.

UK hit by 188 high-level cyber-attacks in three months

In advance of the formal opening of the National Cyber Security Centre (NCSC) by the Queen and the Duke of Edinburgh, Hammond said companies needed to sharpen their approach as the threat of hacking attacks “increases and intensifies”.

 

Columbia Sportswear is investigating a cyber attack

Columbia Sportswear Co. is investigating an attack on one of its e-commerce sites.

CEO Tim Boyle told analysts on Columbia’s fourth quarter 2016 earnings call that there was an unspecified cyber attack on its prAna brand’s online store. Columbia Sportswear acquired prAna in May 2014 for $190 million in cash

 

Dozens Of Cyber Attacks Against Global Banks Linked To Lazarus Hacker Group

 Banks in 31 countries have been attacked by an aggressive malware campaign from the infamous Lazarus cyber-criminal gang, according to threat data from Symantec.

The spate of attacks became known when a Polish bank discovered unknown malware running on a clutch of its computers bearing indicators of compromise seen with malware used to attack other financial institutions, telecoms and Internet firms across the globe.

 

Danish telecoms group 3 gets ‘blackmail’ threat over data breach

Danish telecoms company 3 said on Monday one or more hackers had stolen data from around 3,600 of its customers and attempted to get the company, owned by CK Hutchison Holdings Ltd and Investor AB, to pay “millions” to not publish it.

The company, which has around 1.2 million customers in total, said it would not “negotiate with criminals” and has handed over the case to the police.

 

An investigation into a bitcoin exchange and a data breach at JPMorgan is headed to trial

NEW YORK (Reuters) – A Florida software engineer and a New Jersey pastor are expected on Monday to face trial in a case stemming from an investigation into a bitcoin exchange and a data breach at JPMorgan Chase & Co.

 

Arby’s probes possible data breach of 355K credit cards

Arby’s has announced that credit card data for more than 355,000 customers was included in a possible security breach that was accessed via malware on cash registers.

 

Multiple businesses evacuated after crash damages gas line

Multiple businesses evacuated in Kansas City after a vehicle reportedly crashed into a laundromat, damaging a gas line.

 

Sports Direct hacked last year,  staff still not informed of details

The UK’s largest sports retail business was the subject of a digital break-in during September, when an attacker exploited public vulnerabilities affecting the unpatched version of the DNN platform that Sports Direct was using to run a staff portal.

 Sportswear retailer investigates data breach

 Columbia Sportswear’s prAna brand has become the industry’s latest cyber-breach victim

 

 Southern Rail ticket kiosks allegedly open to cyber-attack

Information kiosks used by Southern Rail in stations with fewer staff are wide-open to cyber-attacks, according to a security researcher.

He says that there are significant issues with the certificate upload process of the machines, which could lead to uploading of a compromised certificate for criminal activities, adding that it highlights a relaxed use of escalated privileges.

Yahoo: Data Breach Could Impact Verizon Deal

Yahoo Inc. (YHOO), which has been reeling from two data breaches that impacted more than 1.5 billion customer accounts and has placed its deal with Verizon Communications Inc. (VZ) in doubt, disclosed late Wednesday yet another potential hit.

 

Yahoo Data Breach caused by “fake” cookies

In a round of announcements on Feb. 15, Yahoo notified account owners who may have possibly been affected by the massive data breach in 2015 and 2016 that counterfeit cookies were used by malicious state-sponsored hackers to access accounts.