The Month in Hacks: April 2018

Chrome users tricked by fake ad blockers, Panera Bread vulnerability exposed, and 130k Finnish citizens have their credentials compromised. It's all this and more in The Month in Hacks.

130,000 Finnish Citizens' Login Data Compromised

In the third-largest data breach in the country's history, Finnish officials stated that over 130,000 Finnish citizens have had their credentials compromised in a data breach. Hackers targeted a site run by the New Business Center in Helsinki and stole user's login usernames and passwords, which were stored in plain-text format.After learning of the breach, the company immediately took down the affected website. Customers' personal data, like names and addresses, were not affected in the hack, but users are encouraged to change their password as soon as possible to prevent further malicious activity.

Careem Data Breach Affects 14 Million Users

Careem, a ride-hailing company from Dubai, announced that the personal data of 14 million users was compromised in a hack. While the hackers didn't access passwords or credit card numbers, user's names, email addresses, phone numbers, and trip history were likely accessed. The same details for 558,000 drivers were also affected.While the company discovered the breach in January, they didn't make the details public until April. In that time, the company claims to have strengthened its security measures and response plan to protect its users going forward.

[24] Releases Customer Credit Card Information in Hack

[24], a service that provides online and mobile chat services for customers, told its clients that an “illegal intrusion” occurred between September and October 2017. The service was used by Best Buy, Sears, and Delta Airlines at the time.The extent of affected data isn't known, but it's likely that some credit card information was compromised during the hack. Best Buy said in a blog post that “only a fraction of our overall online customer population could have been caught up in this [24] incident, whether or not they used the chat function.” [24] claims that it is confident that the platform is secure.

20 Million Chrome Users Affected by Malicious Ad Blockers

Researchers have discovered five malicious Ad Blocker extensions in the Google Play store that allow hackers to view and change all the websites you visit in Chrome. The five fake ad blockers were designed to look like legitimate blockers and were downloaded by over 20 million people as a result.Any Chrome user who recently downloaded AdRemover for Google Chrome, uBlock Plus, [Fake] Adblock Pro, HD for YouTube, or Webutation is likely at risk. While Google has since removed the fake extensions from the store, it's recommended that anyone who may have downloaded a malicious extension remove it from their browser immediately.

Internet Routers Vulnerable to Roaming Mantis Trojan

A new trojan, dubbed Roaming Mantis, has been revealed by researchers at Kaspersky Lab. Hackers have been changing DNS settings on vulnerable routers, which then direct users to fake versions of websites they try to visit. Once users land on the fake site, they are prompted to update to the latest version of Chrome, which downloads a trojan Chrome app.Once the fake app is downloaded, hackers can collect a device's account information, view and send SMS messages, record audio, control external stores, manipulate file systems, and more. The malware has already been detected 6,000 times in the wild, mostly in South Korea, China, Bangladesh, and Japan.

Data Breach Targets Panera Bread's Online Customers

Panera Bread's website,, may have compromised the data of over a million of the chain's customers, including names, email addresses, home addresses, birthdays, and the last four digits of credit cards. The data was stored on the site in plain text, which means that it is very easy to download and crawl the data.Security researchers originally informed Panera of the leaked information in August 2017, but the company didn't address the issue until April 2018. The company took down the website and claimed to have resolved the issue, but researchers say that the flaw hasn't been fixed. The company has not provided information to its customers about how to protect their data after the leak.

Credit Card Information of Five Million Lord & Taylor and Saks Fifth Avenue Customers Revealed

Over five million debit and credit cards used at Lord & Taylor and Saks Fifth Avenue have been compromised in an April hack. Most of the compromised cards were obtained from stores in New York and New Jersey, although customers across the country are at risk. Hacking syndicate JokerStash has been releasing the compromised credit card details for sale in small increments.Hudson Bay, who owns both brands, say that the hack began last May. It assured customers that they wouldn't be liable for fraudulent purchases made on the card. At the time of publishing, the company has not yet discovered how hackers were able to obtain the credit card information.

Nintendo Switch Discovered Processor Chip Vulnerability

Hackers have discovered a method of accessing the Nintendo Switch's console system through a processor chip bug. This access allows hackers to jailbreak devices, download malware, and pirate software. The exploit also affects Google's Pixel C tablet and the Nvidia Shield.Since the bug is in the processor chip, Nintendo can't simply release a firmware update. Instead, they would have to recall 14 million affected devices, or fix the bug and release more secured Switches moving forward. While the company hasn't publicly acknowledged the bug, it's been hinted that they only plan to fix the bug in devices released in the future.

Talk To An Expert

Interested in learning about how TeleSign's identity and engagement solutions can prevent fraud while fostering secure and global growth for your business? Let's chat.