Secret CISO 12/23: Illinois DHS and McDonalds hit by data breaches, OpenAI fined for GDPR violations, research reveals phishing as main breach cause

Secret CISO 12/23: Illinois DHS and McDonalds hit by data breaches, OpenAI fined for GDPR violations, research reveals phishing as main breach cause

Hello Secret CISO readers, In today's issue, we're diving into the world of data breaches and cybersecurity. We're starting off with a conversation with a self-proclaimed data breach watchdog and activist, who shares insights into the current state of data breaches and leaks. Next, we're looking at the best cybersecurity practices in a post-NPD breach world, as shared by Damon Fleury, the Chief Product Officer of SpyCloud. We'll also discuss the recent phishing attack on the Illinois Department of Human Services that impacted 1.1 million customers.

We'll also touch on the most-read stories of 2024, including the data breach at Change Healthcare's network by the BlackCat/ALPHV ransomware group. In addition, we'll discuss the potential data breach that put McDonald's delivery customers at risk. We'll also delve into the role of phishing and social engineering in data breaches, as shared by cybersecurity specialist Isaiah G. Ogun. Plus, we'll discuss the recent fine imposed on OpenAI by Italy's Privacy Watchdog for violations in collecting users' personal data. Lastly, we'll look at the state of security in 2024, major cyber-attacks that shook India this year, and the impact of data security in tax and advisory services.

Stay tuned for these stories and more in today's issue of Secret CISO.

Data Breaches

  1. Illinois Department of Human Services Phishing Attack: A phishing attack on the Illinois Department of Human Services has impacted 1.1 million customers, exposing sensitive data. The incident was determined to be a reportable data breach on May 3, 2024. Source: HIPAA Journal
  2. Change Healthcare Data Breach: On Feb. 11, 2024, an affiliate of the BlackCat/ALPHV ransomware group breached Change Healthcare's network, spending nine days within the system. The breach was one of the most-read stories of 2024. Source: Fierce Healthcare
  3. McDonalds Delivery Customers Data Breach: McDonalds delivery customers were put at risk by a potential data breach discovered in June 2024. The vulnerabilities were fixed by September, and no threat actors are believed to have exploited the flaw. Source: TechRadar
  4. BU Framingham Heart Study Participants Data Breach: Hackers obtained the data of Boston University's Framingham Heart Study participants. Other data breaches were also announced by Rumpke Consolidated Companies, OrthopedicsNY, and IU Health. Source: The HIPAA Journal
  5. Irish DPC Fines Meta €251m Over 2018 Data Breach: The Irish Data Protection Commission has fined Meta €251m over a 2018 data breach that affected 3 million EU users. The company had notified the authority about the data security incident and promptly took corrective measures. Source: TEISS

Security Research

  1. FG Commits N180bn to Agric Varsities, Research Institutes in 2025: The Federal Ministry of Agriculture and Food Security in Nigeria has proposed a budget of N180bn for the development of Federal Universities of Agriculture and research institutes in 2025. This move is aimed at enhancing food security and agricultural research in the country. Source: Punch Newspapers
  2. Phishing Campaign Targets YouTube Creators with Fake Deals: CloudSEK's Threat Intelligence Research Team has discovered a phishing campaign that targets YouTube creators with fake sponsorship deals. The attackers exploit the creators' desire for brand partnerships to steal sensitive information. Source: SecurityBrief Asia
  3. U.S. and Australia Seek Countermeasures Against China's Critical Material Ban: A report citing a researcher from Taiwan's Institute of National Defense and Security Research reveals that the U.S. and Australia are seeking countermeasures against China's ban on critical materials. China is the world's largest supplier of these materials, and the ban could have significant global impacts. Source: TrendForce
  4. Bluesky Clouded by Scammers as Social Platform's Popularity Grows: Cybersecurity firm Sophos has reported an increase in scam activities on the social platform Bluesky as its popularity grows. The company is encouraging security researchers to help identify and mitigate these threats. Source: PYMNTS.com
  5. Teens Using VPN to Cheat in Gorilla Tag are Unknowingly Selling Their Internet Connections: Security researchers have found that teenagers using VPNs to cheat in the game Gorilla Tag are unknowingly selling their internet connections. These proxy IP addresses have been linked to various cybercrimes, including DDoS attacks, phishing scams, and malicious botnets. Source: TechSpot

Top CVEs

  1. CVE-2024-47864 - Home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C Buffer Overflow Vulnerability: These devices contain a buffer overflow vulnerability in the hidden debug function, allowing a remote unauthenticated attacker to gain access to the web console of the product. Source: vulners.com
  2. CVE-2024-56378 - Poppler Out-of-Bounds Read Vulnerability: Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function, potentially leading to unauthorized information disclosure or system instability. Source: vulners.com
  3. CVE-2024-12901 - FoxCMS up to 1.2 Critical Vulnerability: A critical vulnerability was found in FoxCMS up to 1.2, affecting an unknown functionality of the file /app/api/controller/Site.php of the component API Endpoint. The manipulation of the argument password leads to improper authorization, allowing remote attacks. Source: vulners.com
  4. CVE-2024-52321 - Multiple SHARP Routers Improper Authentication Vulnerability: These routers contain an improper authentication vulnerability in the configuration backup function. The product's backup files containing sensitive information may be retrieved by a remote unauthenticated attacker. Source: vulners.com
  5. CVE-2024-12897 - Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 Critical Vulnerability: A critical vulnerability was found in these devices up to 20241222, affecting an unknown part of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to path traversal, allowing remote attacks. Source: vulners.com

Sponsored by Wallarm API Security Solution

Final Words

And that's a wrap for today's edition of Secret CISO. From the conversation with the "Nam3L3ss" Watchdog to the latest data breaches and cybersecurity best practices, we hope you found this information valuable. Remember, in this digital age, staying informed is the first line of defense. If you found this newsletter helpful, please consider sharing it with your friends and colleagues.

Let's work together to create a safer digital world. Until next time, stay vigilant and keep your data secure. Remember, the world of cybersecurity is ever-evolving, and so are the threats. Stay tuned for tomorrow's edition of Secret CISO for more exclusive insights and updates. Stay safe out there!

Read more

Secret CISO 4/3: Canvas LMC and Highline Public Schools Data Breaches, Zoll and Lockton Companies Class Action, Hamilton County Government's Response, GitHub's Security Expansion, Kaspersky Patches Chrome Flaw

Secret CISO 4/3: Canvas LMC and Highline Public Schools Data Breaches, Zoll and Lockton Companies Class Action, Hamilton County Government's Response, GitHub's Security Expansion, Kaspersky Patches Chrome Flaw

Welcome to today's edition of Secret CISO, where we delve into the latest happenings in the world of cybersecurity. Today, we're unpacking a series of data breaches that have sent shockwaves across various sectors. First up, we're looking at a data breach involving a

By Secret CISO
Secret CISO 4/2: Lucid PhaaS Targets 88 Countries, Data Breaches at AOD Federal Credit Union and Lee University, Oracle Denies Massive Breach, Twitter Faces Historic Data Leak, Researchers Warn of North Korea's Cyber Tactics

Secret CISO 4/2: Lucid PhaaS Targets 88 Countries, Data Breaches at AOD Federal Credit Union and Lee University, Oracle Denies Massive Breach, Twitter Faces Historic Data Leak, Researchers Warn of North Korea's Cyber Tactics

Hello there, In today's issue of Secret CISO, we're diving into the world of data breaches and cyber security incidents that have been making headlines. First off, we're looking at the Lucid PhaaS that has hit 169 targets in 88 countries using iMessage and

By Secret CISO
Secret CISO 4/1: Oracle's Patient Data Breach, APIsec's Security Lapse, Cherokee School District and PowerSchool Data Breaches, Hi-School Pharmacy's Settlement, Security Research on WordPress and Oracle Cloud

Secret CISO 4/1: Oracle's Patient Data Breach, APIsec's Security Lapse, Cherokee School District and PowerSchool Data Breaches, Hi-School Pharmacy's Settlement, Security Research on WordPress and Oracle Cloud

Welcome to today's issue of Secret CISO, your daily dose of the most impactful cybersecurity news. Today, we're diving into a series of data breaches and security lapses that have left companies and institutions scrambling to secure their systems. First on our list is API testing

By Secret CISO