Mother of all breaches reveals 26 billion records: what we know so far
Cyber News: A monumental data leak, known as the Mother of all Breaches (MOAB), containing 12 terabytes and over 26 billion records, is possibly the largest to date. It includes data from platforms like LinkedIn, Twitter, Weibo, and Tencent. This leak compiles thousands of previous breaches into a searchable database, likely containing previously unpublished information. The MOAB is considered highly dangerous due to the potential for identity theft, phishing, and targeted cyberattacks.The leaked data, which spans 3,800 folders, indicates a comprehensive collection effort by an unknown entity, possibly for malicious purposes. The scale of the leak surpasses previous breaches, with significant consumer impact expected due to password reuse and the risk of sophisticated attacks. Users are urged to enhance their cyber security measures, including using strong passwords and enabling multi-factor authentication, to mitigate the risks posed by this unprecedented data leak.
Microsoft Executives’ Emails Hacked by Group Tied to Russian Intelligence
NY Times ($): A Russian intelligence-backed hacking group, known as Midnight Blizzard and other nicknames like Cozy Bear, breached Microsoft’s systems in late November, gaining access to senior executives’ emails. Microsoft, which identified the intrusion in mid-January, revealed that the hackers targeted emails from its leadership and key departments, extracting emails and attachments. This group has a history of high-profile cyberattacks, including the 2015 Democratic National Committee hack and the extensive SolarWinds breach in 2020. The recent attack employed a basic tactic called password spraying, exploiting an old testing system account to access corporate emails. Despite this breach, Microsoft assured there’s no evidence of the hackers accessing customer data, production systems, source code, or AI systems. The company has notified law enforcement and is collaborating with them.
SEC Says SIM Swap to Blame for Breached X Account
Dark Reading: Following up from last week, the SEC confirmed a SIM-swapping cyberattack compromised its X account, leading to a temporary spike in Bitcoin value. This attack, where hackers take control of a phone number linked to an account, occurred after SEC staff had disabled multi-factor authentication (MFA) due to access issues. The breach has sparked calls for investigations by federal agencies including the SEC Inspector General, FBI, DoJ, and CISA. Defending against SIM swapping is challenging, as it involves exploiting publicly exposed APIs and carriers’ policies that facilitate easy network switching for consumers, making it simpler for attackers to identify and target specific phone numbers.
The global financial services industry has witnessed a 137% increase in Vendor Email Compromise (VEC) attacks over the last year. (source)
12 years ago, South Carolina disclosed a data breach affecting everyone who had filed a tax return since 1998. The breach was later determined to involve 3.8 million electronic tax filers and 700,000 businesses – and began with a spear phishing email. (source)
Charlies is a 14 year cyber security expert. He started his career in the U.S. armed forces and then transitioned into commercial roles. A security engineer by training, he's well-versed in tool deployment and administration.
Ellen bring a decade of GRC expertise to the TalPoint community. She's knowledgeable on a variety of frameworks and employs a methodical approach to compliance. She's available for needs assessments, gap assessments, internal audits, and for certain frameworks running independent 3rd party audits.
Zachary bring a 20+ year career in risk management to the TalPoint community. He's worked across healthcare, finance, and supply chain manufacturing. His broad experience offers both a holistic view of risk as well as a common sense approach to risk management.