Follow ISA Cybersecurity on LinkedIn for the latest cybersecurity news
Facebook data breach impacts almost 3.5 million Canadian users
Canadians on Facebook should be aware, they may be one of almost 3.5 million users whose personal information such as their name, location, email address, phone number, gender, occupation, city, etc., was posted on a cybercrime forum for free on April 3, 2021.
Worldwide, 533 million Facebook users from 106 countries have been impacted. Facebook users should know that this data could be used by hackers to impersonate them and commit fraud. The information was collected by hackers back in 2019 by exploiting a vulnerability that has now been fixed. The recent posting of this entire data set means more hackers have access to this information and can use it to commit various forms of cybercrime.
According to the article by Aaron Holmes, “Insider reviewed a sample of the leaked data and verified several records by matching known Facebook users’ phone numbers with the IDs listed in the data set.” They also “verified records by testing email addresses from the data set in Facebook’s password reset feature, which can be used to partially reveal a user’s phone number.”
Facebook users should stay vigilant and seek advice if they are unsure about cybersecurity best practices.
Home Hardware’s corporate data hit by ransomware
The Ontario-based hardware retailer was subjected to a ransomware attack back in February, and the perpetrators threatened to release the copied data on April 2.
Howard Solomon’s article on Itworldcanada.com, which broke the news, included a quote from Jessica Kuepfer, Home Hardware Stores Ltd.’s Director of Communications, saying, “An unauthorized third-party was able to access parts of our corporate data… Based on our investigation, it appears that attack has not impacted dealer retail systems or any consumer transaction or payment data.”
Solomon’s article notes there is no information from Kuepfer on the exact amount of money requested by the DarkSide ransomware group.
In just two years, Cybercrime has risen by 55% in the U.S.
A staggering $4.3 billion was lost due to cybercrime in the U.S. in 2020 alone. With a 55% increase in cybercrime in just two years, this number is likely to grow.
According to a Stockapps.com article by Jastra Kranjec, “In 2015, the total financial damage caused by cybercrimes in the United States hit $1bn for the first time, but that was just the start of its massive growth…Last year, almost 792,000 complaints were logged by the FBI’s Internet Crime Complaint Center (IC3)…”
Kranjec notes, schemes that compromised business email addresses were the costliest at $1.8 billion and accounted for 40% of the total cybercrime losses. In addition to stolen money, cybercrime costs include:
+ Damage and destruction of data
+ Theft of intellectual property, personal and financial data
+ Post-attack disruption to the normal course of business
+ Restoration of hacked data and systems
+ Reputational harm
Based on these figures, it is not surprising that cyberterrorism is now seen as the biggest potential threat the U.S. will face over the next decade.
Kansas hacker who threatened public drinking water has been charged
At 22 years old, Wyatt A. Travnichek, of Ellsworth County, Kansas, has been charged by the U.S. Department of Justice with one count of tampering with a public water system and one count of reckless damage to a protected computer during unauthorized access. An article by Ravie Lakshmanan reported that Travnichek “is said to have broken into a protected computer system belonging to the county’s Post-Rock Rural Water District, using it to shut down the cleaning and disinfecting processes at the facility.”
Information on whether the attack was successful and how it was detected is still not available, but Travnichek faces up to 25 years in federal prison and a fine of up to $500,000 USD.