Secret CISO 4/4: AT&T and US Cancer Center Data Breaches, SurveyLama and Bradford-Scott Data Leaks, Research on Email Security Flaws and HTTP/2 Vulnerability

Secret CISO 4/4: AT&T and US Cancer Center Data Breaches, SurveyLama and Bradford-Scott Data Leaks, Research on Email Security Flaws and HTTP/2 Vulnerability

Welcome to today's issue of Secret CISO, where we delve into the latest cybersecurity happenings. Today, we're focusing on a series of data breaches that have left millions of customers exposed. AT&T, a communications giant, is under fire for allegedly ignoring a data breach that affected over 70 million customers. Meanwhile, the US Cancer Center is dealing with a data breach that impacted 800,000 individuals, compromising their personal and health information. SurveyLama, a survey rewards platform, is also resetting passwords after a data breach impacted users' personal information. Bradford-Scott Data, LLC is notifying customers that their personal information, including names and Social Security numbers, were potentially involved in a data breach. In the healthcare sector, a cyberattack at Benefit Management Corp. resulted in a data breach affecting certain Osaic patients. Otolaryngology Associates also reported a data breach affecting almost 317,000 patients. In the tech world, a massive data breach has leaked the personal data of around 73 million current and former AT&T customers on the Dark Web. Cybercriminals have also stolen the data of around 700,000 Apotheka pharmacy customers. On the legislative front, some Tennessee lawmakers are pushing to make it harder to sue companies for data leaks, following a series of data breaches in Tennessee-based health care companies. In the wake of these data leaks, we'll also be discussing how to make your passwords stronger and the importance of data protection and privacy solutions. Stay tuned for more updates and insights from the world of cybersecurity.

Data Breaches

  1. AT&T Exposes Data of Millions of Customers: AT&T is facing class-action lawsuits for allegedly ignoring a data breach that exposed the data of over 70 million customers. The breach has led to significant public backlash and legal implications for the telecommunications giant. Source: Spiceworks
  2. US Cancer Center Data Breach Impacting 800,000: A data breach at the City of Hope cancer center exposed the personal and health information of 800,000 individuals. The breach occurred between September 19 and October 12, 2023, and was carried out by an unauthorized third-party. Source: SecurityWeek
  3. SurveyLama Data Breach Impacts 4.4 Million Users: Survey rewards platform SurveyLama experienced a data breach impacting the personal information of 4.4 million users. In response to the breach, the company has reset all user passwords. Source: SecurityWeek
  4. Bradford-Scott Data, LLC Data Breach: Bradford-Scott Data, LLC is notifying customers that their personal information, including names and Social Security numbers, were potentially involved in a data breach. The company has not disclosed the total number of affected customers. Source: PR Newswire
  5. Data Breach Leaks Personal Data Of Millions On Dark Web: A massive data breach has leaked the personal data of approximately 73 million current and former AT&T customers on the dark web. The leaked information includes addresses among other personal details. Source: TechRound

Security Research

  1. "A Vigilante Hacker Took Down North Korea's Internet. Now He's Taking Off His Mask": A US hacker and security researcher known as Caceres has revealed his identity after successfully disrupting North Korea's internet. His actions highlight the potential for individual actors to impact national security. Source: Wired.
  2. "Preventing Security Breaches Is Top of Mind: 59% of Enterprises Are Investing to Improve": A report by Modus Create reveals that 59% of enterprises are investing in improving their security measures to prevent breaches. This indicates a growing awareness and prioritization of cybersecurity in the business sector. Source: Yahoo Finance.
  3. "Climate change impacts terrorist activity": A study published in the Journal of Applied Security Research suggests a correlation between climate change and increased terrorist activity. This research underscores the need for a multidisciplinary approach to security, incorporating environmental factors. Source: ScienceDaily.
  4. "Exclusive: Critical Security Flaws Found In Email Top 4—Apple, Gmail, Outlook & Yahoo": Major security flaws have been discovered in top email services including Apple, Gmail, Outlook, and Yahoo. These vulnerabilities expose millions of users to potential cyberattacks, highlighting the importance of ongoing security research and updates. Source: Forbes.
  5. "New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks": A new vulnerability in the HTTP/2 protocol has been discovered, which could be exploited for DoS attacks. This research emphasizes the need for constant vigilance and updating of web protocols to maintain security. Source: The Hacker News.

Top CVEs

  1. CVE-2023-35812: An issue was discovered in the Amazon Linux packages of OpenSSH 7.4 for Amazon Linux 1 and 2, due to an incomplete fix for CVE-2019-6111. The fix only covered cases where an absolute path is passed to scp. When a relative path is used, there is no verification that the name of a file received by the client matches the file requested. Fixed packages are available. Source: CVE-2023-35812
  2. CVE-2024-27972: A 'Command Injection' vulnerability in Very Good Plugins WP Fusion Lite allows Command Injection. This issue affects WP Fusion Lite. Source: CVE-2024-27972
  3. CVE-2024-27191: A 'Code Injection' vulnerability in Inpersttion Slivery Extender allows Code Injection. This issue affects Slivery Extender. Source: CVE-2024-27191
  4. CVE-2024-2758: Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests. Source: CVE-2024-2758
  5. CVE-2024-2653: amphp/http will collect CONTINUATION frames in an unbounded buffer and will not check a limit until it has received the set END_HEADERS flag, resulting in an OOM. Source: CVE-2024-2653

Final Words

And that's a wrap for today's edition of Secret CISO. As we've seen, data breaches continue to be a major concern for businesses of all sizes. From AT&T's massive data leak affecting millions of customers to the US Cancer Center's breach impacting 800,000 individuals, it's clear that no organization is immune to these threats. But remember, knowledge is power. By staying informed about these incidents, we can better prepare and protect our own systems. So, don't keep this valuable information to yourself. Share Secret CISO with your colleagues and friends, and help them stay one step ahead of the cyber threats. Stay safe, stay informed, and see you in the next edition of Secret CISO.

Read more

Secret CISO 12/10: Unprecedented Data Breaches at HealthAlliance, Irish University, and Highgate Hotels; Deloitte and Cipla Deny Hacks; Research Reveals OpenWrt Vulnerability and Arctic Security Shifts

Secret CISO 12/10: Unprecedented Data Breaches at HealthAlliance, Irish University, and Highgate Hotels; Deloitte and Cipla Deny Hacks; Research Reveals OpenWrt Vulnerability and Arctic Security Shifts

Good morning, Secret CISO readers! Today's newsletter is packed with critical updates from the cybersecurity world. We're seeing a concerning trend of firms failing to grasp the financial impact of cyber breaches, with HealthAlliance paying a hefty $550,000 for neglecting a known vulnerability. In Ireland,

By Secret CISO