Major Cyber Attacks in Review: October 2022

Major cyberattacks of the last month include data leaks, security breaches, phishing attacks, and much more. Here are the top cyber incidents of October 2022.

The MyDeal Data Breach Affects 2.2M Customers, and Stolen Data is Being Sold Online 

Woolworths’ MyDeal subsidiary has reported a data breach impacting 2.2 million customers. The hacker was attempting to sell the stolen information on a hacker forum. 

MyDeal is an Australian retail marketplace that links internet customers and local retailers. 

According to the company, the hack revealed personal data like names, email addresses, phone numbers, delivery addresses, and, in some instances, birth dates. 

Toyota Discloses Data Breach Affecting 300,000 Customer 

Toyota has warned that over 300,000 customers’ personal information may have been compromised after an access key was made public on GitHub for nearly five years. 

The email addresses and customer control numbers of 296,019 users of T-Connect, a telematics service that links automobiles over a network, since July 2017, were made public, according to a statement on Toyota’s website. 

According to an examination of the data server’s access history, there is no proof that a third party accessed the data, but it “could not be completely ruled out,” the company continued. 

BKA Detected a Group That Used Phishing Scams to Steal €4 Million

The Bundeskriminalamt (BKA) of Germany detained a person (age 24) and two alleged collaborators after they were suspected of stealing €4,000,000 from online users through phishing attacks. 

The phishing emails informed their recipients of updates to the bank’s security system and instructed them to click on an embedded link to be taken to a landing page where they were required to input their login information and TAN (transaction authentication number). 

Once they had the victims’ login information and TAN code, they could access their online banking accounts and withdraw money. 

Hackers Claim to Have Stolen 1.4 TB of Data from Kingfisher Insurance in the UK 

The LockBit ransomware organization claimed the theft of 1.4 TB of Kingfisher’s data, including the personal information of its workers and clients. The firm confirmed that the threat actor had attacked its IT systems but denied that the attackers could have obtained as much information as they claimed. 

The dataset allegedly contains contacts, corporate mail archives, personal information from customers and staff of Kingfisher, as well as of a related insurance brand called First Insurance. The threat actors also published passwords for numerous management system accounts, including Workday and Access.

Threats from Medibank Hackers to Make Stolen Health Data Available 

According to a recent Sydney Morning Herald investigation, hackers claim to have data from an Australian health insurance business and have threatened to reveal the private medical information of prominent Australians if a ransom is not paid. 

The unidentified hackers claim to have 200 GB of data from Medibank, an Australian private health insurer with about 3.9 million clients in a nation of about 25 million. According to the Herald, the hackers might also have access to the customers’ credit card data. 

Ransomware Attack Targets Pharmaceutical Giant Aarti Drugs 

The BianLian ransomware organization exposed Aarti Drugs’ private information on a dark web forum. 

Data related to business and administration, such as loan applications and tax returns, was obtained from Aarti Drugs. To get the decryption key, the BianLian group demanded 20 BTC or about ₹15.8 lakh. The group’s dark website started selling 6 GB of the data.

Wynncraft Minecraft Server Hit by 2.5 Tbps DDoS Attack from the Mirai Botnet 

Cloudflare, a web infrastructure and security provider, announced this week that it has successfully stopped a 2.5 Tbps distributed denial-of-service (DDoS) attack by a Mirai botnet. 

It was targeted at the Wynncraft Minecraft server. Researcher Omer Yoachimik described the DDoS attack in Q3 2022 as a “multi-vector attack consisting of UDP and TCP floods.”

52GB of Data from Barcelona Health Centers Leaked by RansomExx 

RansomExx ransomware gang leaked a 52-gigabyte file on the dark web, which contained information stolen from the Consorci Sanitari Integral, a government organization that offers social and medical services in Barcelona. The data included identity cards and test results of patients. 

“Compromise in data confidentiality” was acknowledged by the hospital system of over 3,000 doctors and employees. 

According to the Spanish newspaper El Pas, emergency services were unaffected, but X-ray machines and other medical equipment were unavailable.

Leading Indian Power Supplier Tata Power Confirms Cyberattack 

A leading power-producing company in India, Tata Power, has confirmed becoming the victim of a cyberattack. 

“The Company has taken steps to retrieve and restore the systems. All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer-facing portals and touch points.”, the company stated. 

3 Million Patients are Affected by Health System Data Breach 

A data breach that exposed the personal information of 3 million patients is being reported by Advocate Aurora Health (AAH), a 26-hospital healthcare system in Wisconsin and Illinois. 

On the AAH websites, where users log in and enter private personal and medical data, A JavaScript tracker called Meta Pixel was misused, which led to the incident.