The Month in Hacks: October 2018

Google+ is pulled off life support, Cathay Pacific experiences turbulence and even the Girl Scouts aren't safe. Welcome to Hacktober.

Google+ Is Shutting Down After Massive Data Exposure

Google is shutting down its Google+ Social Media network following an API vulnerability that allowed third-party developers to access hundreds of thousands of users' data.

Though data was exposed, Google assured users they found no evidence that profile data was misused, or that any developer that could have had access to it was even aware of this bug.

After reviewing third-party developer access, the company also announced new privacy controls that will limit developers' access to Gmail and Android device data in addition to sunsetting Google+.

Anthem Agrees to Pay $16 million in Data Breach Privacy Settlement

Anthem has agreed to pay the US government $16 million to settle potential privacy violations stemming from a 2015 data breach.

The data breach impacted 78.8 million current and former customer records and resulted in the leak of sensitive, personal information belonging to former and active customers three years ago.

Hackers managed to infiltrate a database and covertly steal records containing client names, dates of birth, physical and email addresses, medical IDs and Social Security numbers. The attack took place over a number of weeks before being detected and shut down.

Cathay Pacific Says up to 9.4 Million Passengers Had Their Data Stolen

Major international airline Cathay Pacific revealed this month that as many as 9.4 million passengers had their records stolen in a data breach that occurred in March. Passport information, including identity card numbers, names, dates of birth, and postal addresses may all have been compromised.

The breach also included details about where each passenger had traveled, and any comments made by customer service representatives. The amount of data accessed varied among passengers. Cathay also noted that a number of expired credit card numbers were accessed.

Pentagon Discloses Card Breach

Pentagon officials said this month that the Department of Defense had suffered a security breach thanks to a third-party contractor.

An investigation is still underway, so the exact details haven't been made public, but according to an Associated Press report, a DOD official said that roughly 30,000 DOD military and civilian personnel are believed to be affected. This number is expected to grow as the Pentagon's investigation continues.

U.S. CMS Says 75,000 Individuals' Files Accessed in Data Breach

The U.S. Centers for Medicare & Medicaid Services (CMS) said this month it was responding to a data breach that exposed the files of about 75,000 individuals.

The agency said it detected anomalous activity in the Federally Facilitated Exchange's (FFE) Direct Enrollment pathway for agents and brokers.

libssh Authentication Bypass Allows Hacker Server Takeover Without Password

A ridiculously "Simple to Exploit" libssh authentication bypass flaw allows attackers to take over vulnerable servers without requiring passwords. This critical vulnerability allows attackers to connect on the server side without providing any credentials, completely bypassing the authentication step.

6,500 servers may have been affected. It is highly recommended you install the updated versions of libssh as soon as possible if you are using the server component. See where the vulnerability resides in the code in this explanation by Peter Winter-Smith.

Massive Malware Campaign, GhostDNS, Hijacks 100,000+ Home Routers

Researchers have outed a malware campaign, dubbed GhostDNS, raging since mid-August, that steals victims' website credentials. More than 100,000 home routers on more than 70 different types of routers have been hijacked by GhostDNS for the purpose of launching massive phishing attacks on unsuspecting internet users.

Code redirects DNS requests through malicious DNS servers to phishing sites mimicking landing pages and used to harvest login data to major financial institutions, ISPs, telcos, even Netflix. Around 88% of these routers are located in Brazil, where hackers are scanning the IP space for routers that require no passwords or very weak passwords.

Girl Scouts Hacked: 2,800 Members Impacted

A data breach within the Girl Scouts of Orange County, Calif. may have compromised the personal data of 2,800 members including names, addresses, insurance policy numbers and medical histories.

An official email account used by the organization was recently hacked, prompting the group to notify nearly 3,000 members who may have been affected, The Los Angeles Times reported.Until next month...stay safe out there folks!

Talk To An Expert

Interested in learning about how TeleSign's identity and engagement solutions can prevent fraud while fostering secure and global growth for your business? Let's chat.