Whoosh data exposed. Potential leaks in RDS databases. Privacy during the WC. The attractiveness of pediatric data to cybercriminals.
With a glance.
- Cybercriminals tap into Whoosh’s data.
- Leaks found in Amazon RDS databases.
- Europe takes privacy concerns into account at the World Cup. Hackers prey on the young.
Cybercriminals tap into Whoosh’s data.
Russia’s leading urban mobility service platform, a scooter-sharing app called Whoosh, has confirmed that it experienced a data breach, Bleeping Computer reports. On Friday, a hacker began selling data he claimed was linked to 7.2 million Whoosh customers on a hacking forum. The data reportedly includes promotional codes that grant free access to the platform, partial user identification information such as email addresses and phone numbers, and partial payment card details for a subset of 1,900,000 users. While Whoosh acknowledged earlier this month that it had experienced a cyber incident, the company claimed that its IT staff had contained the attack and that no customer data had been accessed. In a statement released Tuesday, Whoosh admitted a data leak had occurred and said it is working with law enforcement to remove customer information from the dark web. A spokesperson stated: “The leak did not affect sensitive user data, such as account access, transaction information or travel details. Our security procedures also preclude the possibility of third parties gaining access to full payment data from users’ bank cards.”
Leaks found in Amazon RDS databases.
Researchers at security firm Mitiga have discovered that hundreds of databases containing personally identifiable information are exposed monthly through Amazon’s popular Relational Database Service (Amazon RDS), a Platform-as-a-Service (PaaS) offering first released in 2009. RDS -users can use RDS snapshots, an intuitive feature that helps users back up their databases. The snapshots can be shared across different AWS accounts, and Mitiga found that a number of snapshots were shared publicly for hours to weeks, either intentionally or by mistake. The researchers warn that threat actors could exploit this issue to gain access to the data in the snapshots, and the nature of the service prevents users from knowing if an unauthorized third party has accessed the data.
Europe takes privacy concerns into account at the World Cup.
The 2022 World Cup kicks off in Qatar in just a few days, and as we noted yesterday, privacy experts are advising participants to be vigilant about potential threats to their personal data. As the Register reports, two required Cup apps are of particular concern: Ehteraz, a Covid-19 tracker from Qatar’s Ministry of Public Health, and Hayya, a platform from the government’s Supreme Committee for Delivery and Legacy that controls access to the games and public transport. Analysts say the apps collect redundant user data and can be used to monitor fans’ locations. POLITICO reports that the BfDI, Germany’s data protection agency, issued a statement Tuesday advising soccer fans to install the two apps only “if absolutely necessary,” and to use a burner phone if possible. “The data processing of both apps probably goes much further than the descriptions of the notices about data protection and processing purposes in the app stores indicate,” explains the BfDI. “One of the apps collects data about whether and with which number a phone is called. The second app actively prevents the device it is installed on from going into sleep mode. It is also obvious that the data used by the apps not only remains local to the device, but is also transferred to a central server.” Norway’s data protection agency has warned that officials in Qatar could use “the extensive access the apps require” to snoop on visitors or even take control of their devices, and France’s junior digitization minister Jean-Noël Barrot tweeted a similar warning.
Hackers prey on the young.
Or at least on their data. Our youngest citizens are easily our most vulnerable, and Becker’s Health Review takes a look at why pediatric patients make attractive targets for cybercriminals. Stoddard Manikin, chief information security officer at Children’s Healthcare of Atlanta, says threat actors have targeted children’s hospitals to use data stolen from pediatric health records to apply for loans, knowing that suspicious activity on children’s accounts often goes undetected. He also noted that nation-state-backed attackers are increasingly targeting hospital research data. “Ransomware attacks against the US healthcare industry have increased tremendously in recent years. And unfortunately, we see many of our peer organizations affected on a weekly basis,” said Manikin. “When you get into hospital systems — some of them are a couple of hospitals, some of them are dozens or even hundreds — then they have no choice but to recover with high costs and high impact.”