Blog Post
September 29, 2022
Link: https://www.bbc.com/news/technology-62937678
Intercontinental Hotels Group (IHG) reported it was breached on September 6th, 24 hours after customers reported widespread issues with the hotel chain’s website. The alleged hackers contacted the BBC through Telegram, and said that they are a Vietnamese couple. The couple said that they accessed the company by finding that the master password for IHGs password vault was Querty1234. After gaining access, they attempted a ransomware attack which was thwarted by the company’s IT staff. As their ransomware attack was unsuccessful, the hackers performed a wiper attack, and deleted data from the company’s systems.
Once again, this simple but destructive attack shows the power of compromised or weak credentials. Through a single password, hackers were able to cause much financial and publicity damage to a large corporation.
Link: https://threatpost.com/student-loan-breach-exposes-2-5m-records/180492/
Nelnet Servicing, a servicing system and web portal provider, notified that it was breached on July 21st. As Nelnet provides services for EdFinancial and the Oklahoma Student Loan Authority (OSLA), the breach caused the exposure of 2.5 millions records held by both companies. It is unclear how Nelnet was breached - the company stated it was breached by a vulnerability, but no further details were provided. This is not the first time an Oklahoma public organization was breached.
Kovrr’s cyber incidents database includes several dozen breaches of Oklahoma public organizations, with an average breach cost of $595,000.
Instagram was fined 405M Euro by Ireland’s Data Protection Commission (DPC), after it was found that the company made the contact information of users aged between 13-17 public, including their email addresses and phone numbers. The investigation, which took two years to complete, handed Instagram the second highest GDPR fine to date. Meta, the parent company of Instagram, can appeal the fine.
Kovrrs’ cyber incidents database also includes a collection of GDPR fines, but data privacy and data breach related infringements. The average fine for these issues, for decisions made since January 2021, is 2.3M Euro, however fines vary greatly depending on the infringement, and on the size of the infringing company.
Emotet, one of the most widespread and effective botnet networks of recent years, is now using its network to download Blackcat and Quantum ransomware onto the devices of users infected with Emotet. The previous ransomware pushed by the network was Conti, which shut down in June of this year.
Kovrr’s cyber incidents database has observed 91 attacks by Blackcat and Quantum since the start of 2022, a number which is expected to greatly increase following the association with Emotet. Both actors have mainly been targeting organizations in the Education sector.
Kovrr financially quantifies cyber risk on demand. Our technology enables decision makers to seamlessly drive actionable cyber risk management decisions.
.jpg)
