At a glance.
- Stalkerware also presents a third-party risk.
- Buffalo Public Schools confirm ransomware attack.
- Identity theft worries some more than physical illness or injury.
- Conti begins leaking HSE PII on the dark web.
- Update to the USAGM data incident.
Stalkerware vulnerabilities: stalker becomes stalkee (and adds third-party risk to the original victim).
Research published by Slovak security company ESET shows that Android stalkerware poses even more of a threat to privacy than expected, WeLiveSecurity reports. As the aim of stalkerware is to track the device of an individual (often a spouse or loved one) without their knowledge, it’s not all that surprising that these controversial apps expose the target’s data to intrusion. But ESET’s research detected bugs in these apps that could also compromise the stalker or even the developer. After analyzing eighty-six stalkerware apps, ESET found that fifty-eight had security issues potentially allowing an attacker to hijack the target’s device, intercept the target’s data, or even take over the stalker’s account, TechRadar explains. ESET malware analyst Lukas Stefanko hopes the research will deter stalkerware users, “since not only is it unethical, but also might result in revealing the private and intimate information of their spouses and leave them at risk of cyberattacks and fraud.”
Buffalo schools confirm March cyberattack was ransomware.
Buffalo Public Schools officials have verified that the data breach that hit the western New York school system two months ago was indeed a ransomware attack, News 4 Buffalo reports. After being kept in the dark about the details of the incident, community members are now receiving notices from Kroll, the cybersecurity firm handling the breach, explaining that the data of teachers, parents, and even vendors were compromised, including highly sensitive employee information like social security numbers and direct deposit details. “And what is more disturbing is that we have a feeling that there is a lot more information that is not included in that letter that we are probably going to discover,” Buffalo Teachers Federation President Phil Rumore stated. The Federal Bureau of Investigation is involved in the continuing investigation, and the teachers’ union is pursuing a lawsuit.
Identity theft is (worse than) a pain in the neck.
A study conducted by insurance provider Generali Global Assistance reveals that respondents are more concerned about identity theft than suffering an injury, Iris reports. After surveying seven hundred adults regarding their views on cybercrime, Generali found that 76% are worried about identity theft, more than serious injury or illness (74%), a car accident (64%) or a home robbery (56%). One in five stated they feel there’s a 75% – 100% chance they’ll experience identity theft in the next five years, and 76% expressed they need assistance from cybersecurity professionals in order to feel fully protected.
Irish HSE data leaked on dark web.
The CyberWire continues to follow the recent cyberattacks on Ireland’s government health agencies, and today Computing confirms that the hackers published stolen data on the dark web. The Financial Times says they viewed screenshots of Health Service Executive (HSE) data posted in a chat between the Conti ransomware group and an anonymous user. The conversation also included a link and password to a cache of twenty-seven files containing sensitive data like lab test results and patient correspondence. Minister for Health Stephen Donnelly stated the threat actors have published ‘heavily redacted material’ online, although the legitimacy of the files has not been confirmed.
Update to the USAGM data exposure incident.
We heard from the US Agency for Global Media (USAGM) about the breach of employee PII we mentioned two weeks ago. They had an update on the incident and their recovery:
“The Agency takes the protection of our employees’ personal information extremely seriously. As soon as the USAGM IT Security team detected the unauthorized access, it secured access to the breached email account and began its assessment of the extent and impact of the data breach. The Agency also sent an initial notification to staff about the breach.
“As soon as Acting CEO Kelu Chao moved into her position, the Agency prioritized providing additional information to staff, including ways to protect their identity and credit, and securing identity protection services for impacted personnel.
“In addition, USASGM has taken aggressive steps to prevent similar occurrences from happening in the future.”
The USAGM is the parent organization of several well-known media outlets, including the Voice of America, Radio Free Europe | Radio Liberty, the Office of Cuba Broadcasting, Radio Free Asia, and the Middle East Broadcasting Networks.