It’s another busy week in the world of cybersecurity and nGuard wants to keep our advisory readers up to date. This week, nGuard is bringing you everything from the US State Department being attacked to Microsoft Power Apps leaking 38 million records.
On August 21, Fox News journalist Jacqui Heinrich reported that the U.S. State Department suffered a cyber-attack. This led to the Department of Defense Cyber Command making notifications of a possible serious breach. A spokesperson for the State Department was quoted as saying, “The department takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected. For security reasons, we are not in a position to discuss the nature or scope of any alleged cybersecurity incidents at this time.” The State Department will not likely release any details of the attack. This comes in the wake of recent attacks on Colonial Pipeline and JBS from Russia, and the Microsoft Exchange Server attacks originating from China.
Last week it was T-Mobile, this week it’s AT&T. The hacker gang, ShinyHunters, is claiming they have the data of 70 million AT&T customers personal identifiable information (PII) which includes names, phone numbers, social security numbers, dates of birth, addresses, and more. ShinyHunters are selling the data on RaidForums in small segments for $30,000 or the entire database for $1 million. AT&T has denied this information came from their systems.
The data of 38 million people was mistakenly exposed to the internet which was caused by an issue with more than 1000 Microsoft web applications. Some of the companies that were affected are American Airlines, Ford, J.B. Hunt, the Maryland Department of Health, the New York City Municipal Transportation Authority, and New York City public schools. The information leaked included COVID-19 contact tracing platforms, vaccination information, job application portals, and employee databases. The information included vaccination status, social security numbers, home addresses, and phone numbers. The flaw that allowed this leak to occur was in the Power Apps application programming interface (API) default setting which opened the information to the public. The privacy settings needed to be changed manually to prevent this from happening, but a majority of customers were not aware of this option.
On Wednesday August 25th, Apple, Amazon, Google, Microsoft and chief executives from insurance, energy and water companies were summoned to the White House to focus on improving cybersecurity. This meeting comes as recent high-profile attacks like the SolarWinds and Microsoft Exchange attacks have become more frequent. The White House wanted to address these areas of concern and determine how to best protect the 16 Critical Infrastructure sectors. Additionally, nonprofit organizations focused on computer science education and several colleges were included in the meeting to discuss efforts on how to address the gap of roughly 500,000 vacant U.S. cybersecurity jobs.