Weekly Cybersecurity Report | Week 39, 2024

As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.

Weekly Cybersecurity Report | Week 39, 2024

Information security updates and events from the past week 

1 – The British police announced today (Thursday) that they are investigating a cybersecurity attack that hit 19 train stations throughout the kingdom, including some of the largest stations there. 

Among others, the list includes London Bridge station, Houston station in the capital city, Manchester Piccadilly and Edinburgh Waverley. As part of the cyber attack, passengers who tried to connect to the Wi-Fi network received messages that, according to the police, were Islamophobic. 

https://www.bbc.com/news/articles/cr75znv47xpo 

According to the police, the cybersecurity attack occurred yesterday afternoon, and access to the Wi-Fi services was cut off after one of the passengers complained about the messages they received. The messages opened with the title “Europe, we love you”, and then, according to reports, a list of terrorist attacks was attached to them. The content of the messages was censored by the British media. 

“The British Traffic Police is investigating the incident,” said the Network Rail company that is responsible for the operation of the tracks and train stations in Great Britain. She emphasized that Wi-Fi services are provided by another company – Telent, where they published a separate announcement in which they stated that the hacking was made possible through a “legitimate administrative account”, and that the issue is being examined as part of the opened criminal investigation. Internet services on the trains have been shut down for the time being due to the cyber-attack, and it is expected that they will be restored by the beginning of next week. (Ynet) 

2 – In the city of Arkansas in Kansas, it is reported that the operation of the municipal systems that handle the drinking water has been converted to manual operation due to a cybersecurity attack. 

The municipality does not specify the type of attack and claims that the water quality was not impaired due to the attack. 

3 – Franklin County, Kansas, experiences a ransomware attack that compromises sensitive data of nearly 30,000 residents 

The breach occurred on May 19, 2024, and was not discovered until August 29, 2024. 

According to the report, the attack started through a weakness in an external system. 

Franklin County has taken steps to notify affected individuals and is also providing identity theft protection services to those affected by the breach. 

4 – Money transfer giant MoneyGram has confirmed it suffered a cybersecurity attack after dealing with system outages and customer complaints about a lack of service. 

Media release “MoneyGram recently identified a cybersecurity issue affecting some of our systems.” 

It is the second largest money transfer company in the world, behind Western Union, processing over 120 million transactions annually from tens of millions of users. 

MoneyGram is an American payment and money transfer company with 350,000 branches in 200 countries through the app and website. 

5 – MC2 data leak exposes more than 100 million data of US citizens 

Researchers have uncovered a massive data breach at MC2 Data, a background check company. 

A background check is part of an industry that collects and analyzes data from various public sources to create comprehensive profiles that are used by employers, landlords and other entities for decision making. 

These profiles include criminal records, employment history and personal contact information. 

The company left a database containing 2.2TB of data unsecured and accessible to anyone on the Internet. 

6 – Uber Eats data breach exposes more than 280,000 transactions 

Food delivery service Uber suffered a data breach this month that exposed more than 283,000 records. 

 The attacker, under the alias “888”, claims the dataset includes information such as order details and financial transactions. 

The disclosed data reportedly contains fields such as “store name”, “order ID”, “order supplier”, “checkout reference”, “type” and time stamps related to order placement and fulfillment. Financial data, including “subtotals”, “shipping fee”, “tax”, “tip” and “total payable”. 

7 – Hertz, a car rental company, accidentally disclosed over 60,000 customer insurance claim reports. 

This breach raised serious concerns about the company’s data security practices and left customers questioning the safety of their personal information. 

The violation was discovered when a customer received an unexpected email from Hertz regarding the registration of the vehicle he rented and a damage report on the vehicle 

Hertz released a statement acknowledging the breach and assuring customers that it is taking steps to improve its security measures and has also contacted affected customers to inform them of the incident and provide guidelines for protecting their personal information. 

8 – Data of 3,191 congressional employees leaked on the dark web 

The personal information of some 3,191 congressional staffers was leaked to the dark web, according to a new study by Internet security firm Proton and Constella Intelligence. The leaked data includes passwords, IP addresses and social media information. 

The Washington Times first reported that investigators found more than 1,800 passwords used by congressional staffers available on the dark web. 

Nearly 1 in 5 congressional staffers have disclosed personal information on the dark web. Nearly 300 staff members’ data was compromised across more than 10 different incidents. 

The congressional staffers’ data came from a variety of sources, including social media, dating apps and adult websites. 

The experts reported on the case of a single employee to whom 31 passwords were exposed. The human factor is the root cause of the leaks, staff members used their official email addresses to sign up for third-party services that were later compromised. 

9 – Cybersecurity attack on the water plant in Kansas 

Arkansas City, a small city in Cowley County, Kansas, was forced to put its water treatment facility into manual operations over the weekend to contain a cyberattack that was detected Sunday morning. 

City officials notified the relevant authorities of the incident, and Homeland Security agents and the FBI began an investigation, as reported in local media. 

City Manager Randy Fraser confirmed that the water supply is secure and that the cyber-attack did not affect water treatment operations. 

“Despite the incident, the water supply remains completely safe, and there has been no disruption to service,” Fraser said in a statement released over the weekend. 

10 – AutoCanada says a ransomware attack “may” affect employee data 

AutoCanada is warning that employee data may have been exposed in an August cyberattack claimed by the Hunters International ransomware gang. 

Although the company says it hasn’t detected any scam campaigns targeting affected people, it is s1ending messages to alert people to potential risks. 

In mid-August, the car dealership revealed that it had to disable specific internal IT systems to contain a cyber-attack, which led to operational disruptions. 

 

The attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.