Advantex Weekly Threat Report – April 8th, 2019

A round-up of the latest cybersecurity threats and vulnerabilities online.

In this weeks ‘Advantex Weekly Threat Report’, we reveal all on Toyota’s second data breach in a matter of weeks, how Cisco closed 75 illegal Facebook groups, and how Ticketmaster is caught up in a £5 million data lawsuit.

This report is aggregated from recent open source reports online.

 


 

Toyota’s Second Data Breach Affects Millions Of Drivers

Toyota is in the headlines for all the wrong reasons at present as it announced it had been hacked for a second time in just a matter of weeks.

The Japanese car manufacturer, famous for making the Toyota car and its more luxury model, Lexus has fallen short to a cyber attack that could affect up to 3.1 million of its customers.

The breach is reported to have affected customer data, with hackers gaining unauthorised access to their network and accessed personal data.

Toyota has since confirmed the data accessed doesn’t include credit card/payment details but is still investigating what has been breached.

 


 

Facebook Closes Groups That Offered Phishing Services

Researchers at global technology conglomerate, Cisco uncover 74 Facebook groups that were being used for illicit activity by hundreds of thousands of users across the globe.

A number of Facebook groups with almost 400,000 users have been removed after cybersecurity experts found they were being used to sell hacked personal data, offer email phishing services and various other illegal services.

Whilst most cybercriminals choose the dark web to trade data and illicit services, researchers at security company Cisco Talos identified that around 385,000 Facebook users were found to be members of 74 groups focused in highly suspicious and illegal activity.

Alarmingly, some of the groups had been in operation since 2011, gaining thousands upon thousands of members.

Not only are the groups easily found and accessible to anyone, but like any group, the recommended algorithm was also still in place, recommending other illegal groups once a user had joined.

A Facebook spokesperson has since stated:

“These Groups violated our policies against spam and financial fraud and we removed them. We know we need to be more vigilant and we’re investing heavily to fight this type of activity”

Cisco Talos has committed its expertise and will continue to work with Facebook to identify and take down any new suspicious and illegal groups as they emerge.

 


 

Ticketmaster in £5m Lawsuit over UK Data Breach

A UK law firm is taking serious action and suing Ticketmaster for up to £5m following a security breach in 2018 that led to numerous “fraudulent transactions”.

In June 2018, up to 40,000 users of the popular ticketing service in the UK may have been affected by a serious security breach that not only put personal details at risk, but payment and card details were accessed, and in this instance, actually used to make fraudulent transactions.

Widnes law firm, Hayes Connor issued a claim at Liverpool High Court on the 3rd of April on behalf of 650 claimants for up to £5m, stating a majority of claimants suffered multiple fraudulent transactions and that they endured significant stress.

Mobile app and online-only bank, Monzo claimed to have spotted the breach months prior, notifying Ticketmaster to the security breach on 12 April – after the new GDPR regulations were put in place.

Ticketmaster hasn’t confirmed exactly how many people were affected, but given the company was told about the breach 2 months prior to any action – the fine shouldn’t come as a surprise to anyone.

The only way to protect your staff and customers’ data is to implement a concrete cybersecurity solution in place, preventing any form of attack online.

 


 

Don’t get caught out, protect your users, data, and technology!

Send us your details below and get a FREE Cybersecurity Consultation!.

We’ll carry out a FREE no-obligation consultation at your business and examine your existing infrastructure and security network(s). As well as examine what you’re currently doing, we will advise on how you can best protect your data – and help prepare you and your business for the imminent threat of a cyberattack.

Don’t take the risk, get in touch today!