Bed, Bath, & Beyond Data Breach
An official announcement made earlier this week acknowledged illicit access to customer data used in online accounts for Bed, Bath, & Beyond. While the breach didn’t affect payment card information, the retailer quickly began contacting affected customers and took steps to safeguard against future incidents.
Johannesburg Shutdown After Cyber Attack
Three months after a cyber attack hit Johannesburg, South Africa, the city is once again dealing with network outages. After a ransom note was posted to several social media outlets, city officials are still attempting to downplay the attacks by claiming they purposefully took down the sites rather than them being ransomed by hackers. In addition to the ransom note, hackers also posted screenshots proving their control over the city’s network systems and their expectation of payment.
UniCredit Financial Data Leak
Officials working for UniCredit, an Italian banking firm, announced that unauthorized access to their systems has left the sensitive information of nearly 3 million Italian exposed. Fortunately, the stolen information did not include any financial data, but did contain personally identifiable information such as names and contact details. It is unclear how hackers gained access to the data, though it appears the data may have even been taken years earlier in prior security breaches faced by the firm.
Ransomware Shuts Down New Mexico School District
Las Cruces Public Schools, a New Mexico school district, was forced to take their entire system offline following a ransomware attack. While email and other important services are still offline, students have still been attending classes as normal, though the process of fully remediating the incident has just begun. It is still unclear how the attack was initiated, but it’s the latest in a long line of educational institutions that have fallen victim to ransomware this year.
Malware Attack on Indian Power Plant
It has been confirmed that both an Indian nuclear power plant and another piece of infrastructure have fallen victim to a malware attack apparently tied to North Korean actors. Fortunately, the attacks did not allow unauthorized control of the systems, though this attack may have been only a test to determine security and response times in preparation for a larger, future attack.