Cyber breaches abound in 2019

Cyber breaches abound in 2019

News of high-profile cyber breaches has been uncharacteristically subdued in recent quarters.

Is this a harbinger of a worse hacking landscape in 2019?

The answer is unequivocally yes. No question, cyber breaches have been a gigantic thorn in the global economy for years. But expect them to be even more rampant in this new year 2019 as chronically improving malware will be deployed more aggressively on more fronts. Also  data-driven businesses simultaneously move into the “target zone” of cyber attacks.

On the cybersecurity side, a growing number of experts believe that multi-factor authentication will become the standard for all online businesses.

Here are links to some articles that can hopefully help you to handle your cyber security better:

Cybersecurity 101: Why you need to use a password manager

Cybersecurity 101: Five simple security guides for protecting your privacy


  1. Tomi Engdahl says:

    Russia’s Secret Intelligence Agency Hacked: ‘Largest Data Breach In Its History’

    Red faces in Moscow this weekend, with the news that hackers have successfully targeted FSB—Russia’s Federal Security Service. The hackers managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world. The data was passed to mainstream media outlets for publishing.

  2. Tomi Engdahl says:

    Russian FSB Intel Agency Contractor Hacked, Secret Projects Exposed

    A contractor for the Russian Federal Security Service (FSB) has been hacked and secret projects that were being developed for the intelligence agency were leaked to Russian Media.

    In addition, BBC Russia reports that the hackers stole 7.5TB of data from the contractor’s network. This data includes information about numerous non-public projects that were being developed by Sytech on behalf of the Russian government and its intelligence agency.

  3. Tomi Engdahl says:

    The latest example of exposed corporate passwords found in public GitHub repositories seems to be security company and SSL certificate issuer Comodo.

    “Seeing as they’re a security company and give out SSL certificates, you’d think that the security of their own environment would come first above all else,”

  4. Tomi Engdahl says:

    Capital One Data Breach Hits 100 Million; Ex-Amazon Worker Is Charged as Hacker

    The breach at Capital One, which led to charges against a software engineer in Seattle, was one of the largest-ever thefts of bank data.
    The breach at Capital One, which led to charges against a software engineer in Seattle, was one of the largest-ever thefts of bank data.

    A software engineer in Seattle hacked into a server holding customer information for Capital One and obtained the personal data of over 100 million people, federal prosecutors said on Monday, in one of the largest thefts of data from a bank.

    The suspect, Paige Thompson, 33, left a trail online for investigators to follow as she boasted about the hacking, according to court documents in Seattle, where she was arrested and charged with one count of computer fraud and abuse.

    Ms. Thompson, who formerly worked for Amazon Web Services, which hosted the Capital One database that was breached,

    The F.B.I. noticed her activity on Meetup and used it to trace her other online activities, eventually linking her to posts describing the data theft on Twitter and the Slack messaging service.

  5. Tomi Engdahl says:

    Capital One data breach: 1 arrested, tens of millions of customers affected

    hacker gained access to personal information from more than 100 million Capitol One credit applications, the bank said Monday as federal authorities arrested a suspect

    The hacker got information, including credit scores and balances, plus the Social Security numbers of about 140,000 customers, the bank said. It will offer free credit monitoring services to those affected.

    Capital One, based in McLean, Virginia, said Monday it found out about the vulnerability in its system July 19 and immediately sought help from law enforcement to catch the perpetrator.

    According to the FBI complaint, someone emailed the bank two days before that notifying it that leaked data had appeared on the code-hosting site GitHub

    Capital One said it believes it is unlikely that the information was used for fraud, but it will continue to investigate. The data breach affected about 100 million people in the U.S. and 6 million in Canada.

  6. Tomi Engdahl says:

    LAPD Police Officers’ Personal Information Stolen in Data Breach

    A suspected hacker claimed he or she had stolen the personal information of about 2,500 LAPD officers, trainees, and recruits, along with approximately 17,500 police officer applicants, in what may be a large breach of data held by the city of Los Angeles’ Personnel Department.

    The city’s Information Technology Agency said it was contacted last week by someone who claimed to have accessed and downloaded the data, and the person offered some example files

    The LAPD told officers in the message they should monitor their personal financial accounts, get copies of their credit reports, and file a complaint with the Federal Trade Commission.

  7. Tomi Engdahl says:

    Cyberattack On LAPD Confirmed: Data Breach Impacts Thousands Of Officers

    The Los Angeles Police Department has confirmed that it has been hacked, with the personal information of at least 20,000 people exposed.

  8. Tomi Engdahl says:

    Education software maker Pearson says data breach affected thousands of accounts in the U.S.

    Pearson, the London-based educational software maker,said todaythat thousands of school and university accounts, mostly in the United States, were affected by a data breach.

    The Wall Street Journal reports that the data breach happened in November 2018 and Pearson was notified by the Federal Bureau of Investigation in March.

    According to Pearson, unauthorized access was gained to 13,000 school and university accounts on AIMSweb, the company’s student monitoring and assessment platform.

  9. Tomi Engdahl says:

    CIS Countries Data Theft

    Currently, there is no Personal Data protection system in CIS countries at all. The volume of illegal trade of Personally Identifiable Information is enormous.

    Nowadays, it is true that there are forums in the Russian-language segment of the Internet that are exclusively aimed at selling personal data — hacked social network accounts, passport data, mobile phone operator databases etc. I’m not talking about the so-called “Darknet” at all, it is just a fact that you can simply find it on Google not even trying to.

  10. Tomi Engdahl says:

    A Technical Analysis of the Capital One Cloud Misconfiguration Breach

    This is a technical exploration of how the Capital One breach might have occurred, based on the evidence we have from the criminal complaint

    this post is to explore a combination firewall/IAM/S3 attack to illustrate some of the dangers of cloud misconfigurations that every organization on cloud should heed.

    In order to write this, I analyzed the technical details of the FBI complaint, and then formed a hypothesis of how the attack might have taken place. I then simulated the attack in my development account, so that I could provide specific details in this post.

    There were four different elements to the attack that we know about:

    Misconfigured firewall
    Gaining access to an EC2 instance
    Getting IAM role access to S3
    S3 bucket discovery and duplication.

  11. Tomi Engdahl says:


    If you own a boat or a jetski in Illinois, you might want to do a quick credit check.

    The Department of Natural Resources collects Social Security information for all watercraft owners

    What is a horrible idea is accidentally publishing everyone’s personal information on a public website. Which is what they did.

    Well, at least they said that it won’t happen again.

  12. Tomi Engdahl says:

    “No matter what transfer mechanism you use, you end up with a conflict. The U.S. laws allow espionage against EU citizens” – Max Schrems, lawyer and privacy activist

  13. Tomi Engdahl says:

    Sites using Facebook ‘Like’ button liable for data, EU court rules

    Europe’s top court ruled Monday (30 July) that companies that embed Facebook’s “Like” button on their websites must seek users’ consent to transfer their personal data to the US social network, in line with the bloc’s data privacy laws

    According to the European Court of Justice ruling, a site that embeds the Facebook “like” icon and link on its pages also sends user data to the US web giant.

  14. Tomi Engdahl says:

    Spanish brothel chain leaves internal database exposed online

    “Men’s club” exposes data about escort girls, customer reviews, and club finances.

    The leaky server, found by Bob Diachenko of Security Discovery, is your typical case of a MongoDB database left connected to the internet without a password for the admin account.

  15. Tomi Engdahl says:

    StockX confirms it was hacked (updated)

    Attackers reportedly stole records from 6.8 million customers.

  16. Tomi Engdahl says:

    Hundreds of exposed Amazon cloud backups found leaking sensitive data

    How safe are your secrets? If you used Amazon’s Elastic Block Storage, you might want to check your settings.

    You may have heard of exposed S3 buckets — those Amazon-hosted storage servers packed with customer data but often misconfigured and inadvertently set to “public” for anyone to access. But you may not have heard about exposed EBS volumes, which poses as much, if not a greater, risk.

    These elastic block storage (EBS) volumes are the “keys to the kingdom,”

    EBS volumes store all the data for cloud applications. “They have the secret keys to your applications and they have database access to your customers’ information,”

    all too often cloud admins don’t choose the correct configuration settings, leaving EBS volumes inadvertently public and unencrypted. “That means anyone on the internet can download your hard disk and boot it up, attach it to a machine they control, and then start rifling through the disk to look for any kind of secrets,”

    Morris found dozens of volumes exposed publicly in one region alone, he said, including application keys, critical user or administrative credentials, source code and more. He found several major companies, including healthcare providers and tech companies.

    He also found VPN configurations

  17. Tomi Engdahl says:


    Apparently the policies are so relaxed, that the contractor actually shared a cache of files to Motherboard.

  18. Tomi Engdahl says:

    Zack Whittaker / TechCrunch:
    Researcher finds hundreds of exposed AWS EBS snapshots leaking sensitive customer data, like VPN configurations, passwords, and in some cases government data

    Hundreds of exposed Amazon cloud backups found leaking sensitive data

  19. Tomi Engdahl says:

    3fun: Security glitch in threesome hook-up app reveals details of users in Downing Street and White House

    ‘Worst security of any dating app we’ve ever seen,’ say experts

    The app, 3fun, revealed users with locations appearing to be in No 10 in London, and the White House and the US Supreme Court in Washington DC, according to a report on cyber security firm Pen Test Partners’ website.

    Furthermore, private photographs were accessible too.

    Users of the app could restrict the app from showing their locations, but according to Pen Test Partners, the data was only filtered on the mobile app itself, not on the servers containing the data, which their experts were able to query to reveal location information.

  20. Tomi Engdahl says:

    Report: Data Breach in Biometric Security Platform Affecting Millions of Users

    Led by internet privacy researchers Noam Rotem and Ran Locar, vpnMentor’s team recently discovered a huge data breach in security platform Biostar 2.

    Biostar 2 is a web-based biometric security smart lock platform. A centralized application, it allows admins to control access to secure areas of facilities, manage user permissions, integrate with 3rd party security apps, and record activity logs.

    The app is built by Suprema, one of the world’s top 50 security manufacturers, with the highest market share in biometric access control in the EMEA region.

    Suprema recently partnered with Nedap to integrate Biostar 2 into their AEOS access control system.

    AEOS is used by over 5,700 organizations in 83 countries,

    This is a huge leak that endangers both the businesses and organizations involved, as well as their employees. Our team was able to access over 1 million fingerprint records, as well as facial recognition information. Combined with the personal details, usernames, and passwords, the potential for criminal activity and fraud is massive.

  21. Tomi Engdahl says:

    Report: Data Breach in Biometric Security Platform Affecting Millions of Users

    a huge data breach in security platform BioStar 2.

    The data leaked in the breach is of a highly sensitive nature. It includes detailed personal information of employees and unencrypted usernames and passwords, giving hackers access to user accounts and permissions at facilities using BioStar 2.

    Our team was able to access over 1 million fingerprint records, as well as facial recognition information.

    steps were taken by the company to close the breach.

    Date discovered: 5th August 2019
    Date vendors contacted: 7th August 2019
    Date of Action: 13th August, the breach was closed

    Our team was able to access over 27.8 million records, a total of 23 gigabytes of data, which included the following information:

    Access to client admin panels, dashboards, back end controls, and permissions
    Fingerprint data
    Facial recognition information and images of users
    Unencrypted usernames, passwords, and user IDs
    Records of entry and exit to secure areas
    Employee records including start dates
    Employee security levels and clearances
    Personal details, including employee home address and emails
    Businesses’ employee structures and hierarchies
    Mobile device and OS information
    One of the more surprising aspects of this leak was how unsecured the account passwords we accessed were.

  22. Tomi Engdahl says:

    Biostar security software ‘leaked a million fingerprints’

    Researchers working with cyber-security firm VPNMentor managed to access data from a security tool called Biostar 2.

  23. Tomi Engdahl says:

    New Data Breach Has Exposed Millions Of Fingerprint And Facial Recognition Records: Report

    It has been coming for some time, but now the major breach of a biometric database has actually been reported—facial recognition records, fingerprints, log data and personal information has all been found on “a publicly accessible database.” The damage is not yet clear, but the report claims that actual fingerprints and facial recognition records for millions of people have been exposed.

  24. Tomi Engdahl says:

    This data leak strikes at the heart of one of the big fears and criticism about biometrics: You can change your username and password with a couple of clicks. Your face and fingerprints are forever.

  25. Tomi Engdahl says:

    European Central Bank Breach: ECB Confirms Hack And Shuts Down Website

    The European Central Bank (ECB) has confirmed that it has suffered a breach that involved attackers injecting malware and led to a potential loss of data.

    In a statement published August 15, the ECB confirmed that “unauthorized parties” had succeeded in breaching the security of its Banks’ Integrated Reporting Dictionary (BIRD) website. The site, hosted by an external provider, appears to have been attacked in December 2018, according to a Reuters report. The breach was discovered months later as routine maintenance work was being undertaken.

    “Similar to the Capital One breach earlier this summer,” Draper continued, “this further demonstrates the exposures associated with third parties outside of a company’s security team.”


Leave a Comment

Your email address will not be published. Required fields are marked *