Nestle has been targeted again by a different hacking group.
10 April 2022A total of 8 breaches
were found and analysed resulting in 8,350,259 leaked accounts
containing a total of 11 different data types
. The breaches found publicly and freely available included DatPiff, Royal Enfield, Turnover IT, Systematica Consulting and AKPR. Sign in to view the full
BreachAware
Breach Index which includes, where available, reference articles relating to
each breach.
SPOTLIGHT
When searching for publicly available compromised data, there are numerous sites that just re-post old data and come across as quite 'scary' but fortunately our researchers have learnt and gained experience over time on what is real and what is surfing the hactivist wave.
We did have a record set last week with the researchers noting a domain that was registered on the 26th March but was compromised before the 30th! Under four days! There were some unique elements about it as it was a Russian domain but it demonstrated the amount of increased activity going on in the 'cyber battle' due to the invasion of Ukraine.
Nestle has been targeted again, a very small breach by a different hacking group, but that is two weeks in a row now for Nestle. Their supply chain is truly global and far reaching.
Virtual MacOSX details with VNS login credentials were also posted on a popular underground forum. Virtual MacOSX, also known as vmOSX, is a Canadian web hosting service.
One of the best sources of rich data types for cyber criminals is recruitment companies and we noticed a well known French portal for companies looking for freelance IT and IS Specialists, dumped on a forum. These sort of data breaches go beyond the usual data types exposed (email address, password and username), they include the likes of dates of birth, account information, payment types, physical location, phone numbers, experience, etc. Those data types offer opportunities for account takeover, phishing, spam and fraud.
For organisations the risks could extend to threat of misdirection, ransomware and vulnerability exposure. Combined the impact to your people’s wellbeing, finance and employment could be considerable with a direct impact to your organisation.
DATA CATEGORIES DISCOVERED
Financial Data, Contact Data, Socia-Demographic Data, Locational Data, Technical Data, Social Relationships Data, Usage Data.