HACK TUESDAY WEEK 23 - 29 OCTOBER 2024 [5axry1★] (12)

←← 掲示板一覧に戻る ← スレッド一覧に戻る

HACK TUESDAY WEEK 23 – 29 OCTOBER 2024
214 CYBERATTACKS ACROSS 33 COUNTRIES

・The most active threat actors this week are RansomHub and Bashe (formerly APT73), each claiming responsibility for 16 attacks.
・The United States is the most affected country, accounting for 35% of the victims, followed by Mexico with 7%
・The Education sector is the most impacted, representing 13% of the claimed targets, followed by the Manufacturing with 12%
・Overall, the claimed compromised data amounts to approximately 59.535 terabytes.

16/10/2024 – Gakushuin Women’s College 🇯🇵
19/09/2024 – Holly’s Corporation 🇯🇵
16/10/2024 – KidZania (KCJ GROUP Inc.) 🇯🇵
29/10/2024 – Nintendo customers 🇯🇵
04/02/2024 – Slow Village Co., Ltd 🇯🇵

🚨Data Breach Alert ‼

🇯🇵Japan - Slow Village Co., Ltd (スローヴィレッジ)

Slow Village Co., Ltd.'s online shop suffered a data breach caused by a third-party attacker who exploited a vulnerability in the payment system.

As a result, the personal data of 32,345 customers was leaked, including potentially 4,494 credit card records. The breach occurred between February 4, 2021, and May 28, 2024. The attacker manipulated the payment application, and there were also 23,466 random number combinations entered into the credit card input field, although none were successfully processed.

https://x.com/H4ckManac/status/1849315526272512304

なるほど

🚨CryptoMiner Malware ‼

🇯🇵Japan - Demaecan (株式会社出前館)

On October 25, 2024, at approximately 8:00 PM, the delivery service “Demae-can” experienced a system outage due to high server load, leading to a temporary service suspension. Although the service was initially restored, another outage occurred on October 26 at 2:30 PM. This time, the disruption was traced to a cryptocurrency mining malware known as “RedTail.”

After identifying and removing the malware, the system underwent additional checks to ensure security, which prolonged the recovery process.

https://x.com/H4ckManac/status/1851263006824436045

日本語でおｋ

キッザニア Webサイトに不正アクセス、利用者の個人情報が流出した可能性
https://s.netsecurity.ne.jp/article/2024/10/30/51838.html

🚨Data Breach ‼

🇯🇵Japan - Karel Čapek

The official online store of Karel Čapek Tea Shop experienced unauthorized access, resulting in the potential leakage of 103,289 customers' personal information and 58,407 credit card records.

The breach was attributed to a vulnerability in the website’s system that allowed third-party access, leading to tampering with the payment application.

The affected data spans registrations and transactions made from April 26, 2020, to May 21, 2024. The leaked information includes names, addresses, phone numbers, email addresses, login credentials, and complete credit card details.

https://x.com/H4ckManac/status/1851498739766046976

🚨Data Breach Update ‼

🇯🇵Japan - Sharp Corporation (シャープ株式会社)

Sharp's official online store, "COCORO STORE," and its food delivery service, "HEALSIO Deli," suffered a data breach due to unauthorized access, compromising personal data.

Detected on July 22, 2024, the attack exploited a software vulnerability, leading to site tampering and exposing user information. Approximately 5,836 customers were affected, with 4,257 cases involving the exposure of sensitive credit card information (cardholder names, numbers, expiration dates, and security codes). An additional 1,376 users had personal data exposed without credit card details.

https://x.com/H4ckManac/status/1851529178627080421

🚨Ransomware ‼

🇯🇵Japan - Taketa City 竹田市

On October 24, the servers of Betsudai Kosan Co., Ltd, contracted by the city of Taketa for public housing management, suffered a ransomware attack, potentially leading to a data leak of personal information held by the company.
This attack affected tenants of public housing complexes Alba Daikancho and Alba Sakuramachi.

Taketa City has requested a detailed report from Betsudai Kosan and will provide updates as more information becomes available.

https://x.com/H4ckManac/status/1851641060692300228

🚨Data Breach Alert ‼

🇯🇵Japan - Equinix

A threat actor known as "mommy" recently claimed to have sold access to Equinix Japan's network, which had been up for sale since yesterday afternoon.

Equinix Japan, the Japanese branch of the global digital infrastructure company Equinix, specializes in data centers and interconnections, facilitating secure business connections worldwide.

The access reportedly included root access to a firewall server, allowing potential lateral movement across the network. The potential loot from the compromised network comprises a wide array of databases, including Oracle, MySQL, MongoDB, and Snowflake, among others.

https://x.com/H4ckManac/status/1851857866270851276

🚨Data Breach ‼

🇯🇵Japan- Shimogamo Saryo (株式会社下鴨茶寮)

Shimagamo Saryo Online Shop reported a data breach involving unauthorized access to personal and credit card information.

On July 18, 2024, it was disclosed that the online shop had suffered unauthorized access, potentially compromising 19,235 customers' personal data and 16,682 customers' credit card details. The breach occurred due to a vulnerability in the old system used by the shop before May 13, 2024.

Compromised information includes names, addresses, birth dates, and credit card details (cardholder name, number, expiration date, and security code) for purchases made between June 12, 2021, and May 13, 2024.

https://x.com/H4ckManac/status/1851870515423494349

🚨Ransomware ‼

🇯🇵Japan - Oita City (大分市)

The designated management company for city-operated housing, Betsudai Kosan Co., Ltd, experienced a ransomware attack on October 24, 2024, affecting its servers and related devices.

The attack likely led to the exfiltration of data, including personal information of city housing residents, applicants, and their guarantors or representatives.

On October 25, Betsudai Kosan confirmed that data involving residents, former residents, and applicants under its management was potentially leaked.

https://x.com/H4ckManac/status/1851872679378264279