Belgian and German MasterCard data breach




European unit of MasterCard Inc.’ has formally informed  Belgian and German's Data Protection regulators about a data breach from the company's Priceless Specials loyalty program.

Customers data are available on the internet include, names, payment card numbers, email addresses, home addresses, phone numbers, gender, and dates of birth.

The card company alerted the watchdog about the breach on Aug. 19 and said the episode would have affected thousands of people, “a significant portion” of them would be from Germany.

After the discovery of data leak, Mastercard suspended Priceless Specials Germany and took down its website. The message posted on the website says:  "This issue has no connection to MasterCard's payment network."

"We have received a lot of questions and complaints since the announcement of this incident, we want to reassure users: we have contacted MasterCard in order to get additional information, and are following this case closely together with the Hessian data protection authority and all the other possible concerned authorities," says David Stevens, Chairman of the Belgian Data Protection Authority.

According to Heise Media reports Excel spreadsheets containing data of 90,000 and 84,000 rows that were distributed on the internet.

"On August 21, 2019, we became aware that the second file of personal information was published on the Internet. We are working to remove them as well."

Lake County government shuts down servers after ransomware attack

After the massive cyberattack in Texas, officials from Lake County, Illinois revealed on Friday, August 23 that the county has been hit by a cyberattack that forced the shutdown of email service and several internal applications.

The officials also mentioned that the breach came in the form of ransomware, which is a type of malware that prevents users from accessing their system or personal files and demands a ransom payment in order to regain access.

Mark Pearman, director of county's information technology office said that on Thursday, August 22, the IT staff was installing cybersecurity software on 3,000 individual employee laptops and working on the process to remove the ransomware malware from 40 county servers.

The ransomware attack was first noticed by systems administrators on Thursday and to prevent it the IT staff started taking encrypted and unencrypted servers off the network.

However, the official clarified that there was no evidence of data theft from county servers and restoring the systems will take the entire week and more information about the attack will be known by Monday, August 26.

As reported, the IT department is working with the county's cybersecurity contractor, Crowdstrike to conduct a damage assessment. This process includes scanning of all the servers, almost 3,000 computers to determine those infected by the ransomware.

Almost a month ago, LaPorte County, Indiana also suffered a similar breach and the authorities paid a ransom of $132,000 worth of Bitcoins to the hackers to restore the access to affected systems.

Another ransomware hit 22 Texas town governments and recently Louisiana was also forced to declare a state of emergency after some of its school districts' networks were hacked. Now, Texas' 22 town government has become the victim of ransomware.

After all these events, National Guard Chief Gen Joseph Lengyel called the events a "cyber storm." He also mentioned that these multi-state cyber attack reiterates the need for more standardized policies and training for cyber units across the force.

Instagram Users Fall Victim To yet another Phishing Campaign



Instagram user's become victims of a new phishing campaign that utilizes login attempt warnings combined with what resembles the two-factor authentication (2FA) codes to trick potential victims into surrendering over their sensitive data by means of fake sites.

It is believed that they use the 2FA to make the scam increasingly 'believable' and  alongside this they resort to phishing with the assistance of a wide scope of social engineering techniques, just as messages intended to seem as though they're sent by somebody they know or an authentic association.

Here, particularly the attackers utilize fake Instagram login alerts stating that somebody tried to sign in to the target's account, and thusly requesting that they affirm their identity by means of a sign-in page linked within the message.

In order to abstain from raising any suspicions these messages are intended to look as close as conceivable to what official messages might appear coming from Instagram.

Once on the target is redirected to the phisher's landing page, they see a perfectly cloned Instagram login page verified with a legitimate HTTPS certificate and displaying a green padlock to ease any questions regarding whether it's the genuine one or not.


To avoid from falling for an Instagram phishing trick like this one, the users are prescribed to never enter their sign-in certifications if the page requesting that they sign in does not belong to the instagram.com site.

Anyway in the event that the user has had their Instagram credentials stolen in such an attack or had their account hacked but in some way or another can still access it, at that point they should initially check if their right email address and phone number are still associated with the account.

Following this they it is advised that they change the account's password by adhering to specific guidelines given by Instagram.

Be that as it may, assuming unfortunately, that the user has lost access to their account after it being hacked, they can utilize these guidelines or instructions to report the incident to Instagram's security, which will then accordingly re-establish it subsequent to confirming the user's identity through a picture or the email address or phone number you signed up with and the type of device you used at the time of sign up."


The guards at the Ukrainian nuclear power plant mined cryptocurrency and divulged state secrets


The attackers used the resources of the South Ukrainian nuclear power plant for mining digital currency. The Security Service of Ukraine (SBU) stopped the activity of criminals.

Agents of the SBU, checking objects of the nuclear power plant, found computer equipment, illegally connected to the systems for mining. On July 10, the employees of the Department searched and seized the media converter, fiber optic and part of the network cable.

It’s important to note that information about the physical protection of the station, which is a state secret, leaked to the network due to the unauthorized placement of computer equipment in the territory of a nuclear power plant.

Specialists of the Security Service of Ukraine have information according to which members of the National Guard of Ukraine may be involved in illegal mining. The SBU has achieved the initiation of criminal proceedings against them.

It is an interesting fact that recently it became known that in Ukraine the authority that controls the quality of equipment for the South Ukrainian nuclear power plant since 1992 will be eliminated. Employees of the structure carried out examinations, as well as participated in tests of the equipment.

The decision was made after the evaluation of the enterprise. The work of the center was deemed ineffective.

However, it can be assumed that this is due to the fact that someone was mining cryptocurrency on the territory of the South Ukrainian nuclear power plant.

In addition, this week the police discovered an underground farm for the production of cryptocurrency in Ingushetia. Its owners were engaged in illegal and unaccounted electricity consumption. During the inspection of this room, law enforcement officers found that more than 1.5 thousand devices for receiving crypto currency, a laptop, two system units, a video recorder of a video surveillance system, as well as two transformer points with a capacity of 1.6 thousand kW each were connected to the power supply system without appropriate documentation.

Recall that in May 2018 it became known that the police in the Ukrainian city Rovno were mining cryptocurrency directly at the workplace. Since Ukraine does not have legislation regulating the circulation and mining of cryptocurrencies, an investigation was conducted into the theft of electricity.

This was not the first case of using the official position for cryptocurrency mining. In September 2017, Crimean government officials were fired for mining bitcoins in the workplace, and on February 2018 it became known that employees of the Ministry of Finance of Kazakhstan used office computers and department servers for cryptocurrency mining.


Indian Healthcare Website Hacked, stolen data for sale





US-based cyber-security firm FireEye discovered a hack into a leading Indian healthcare website, stealing more than 68 lakh data of both doctors and patients.

The FireEye did not name the website but said that the cybercriminals mostly from China are selling the stolen data in web portals around the world.

"In February, a bad actor that goes by the name "fallensky519" stole 6,800,000 records associated with an India-based healthcare website that contains patient information and personally identifiable information (PII), doctor information and PII and credentials," FireEye said in its report shared with IANS.

According to FireEye, in between October 1, 2018, and March 31, 2019, their intelligence team stumbled upon on multiple healthcare-associated databases which were for sale in $2,000.

"In particular, it is likely that an area of unique interest is cancer-related research, reflective of China's growing concern over increasing cancer and mortality rates, and the accompanying national health care costs," the cyber-security agency noted.

"Targetting medical research and data from studies may enable Chinese corporations to bring new drugs to market faster than Western competitors," the report claimed.