Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.
Big items to consider: 3.3 million records have been stolen from the Hello Kitty fan database. Justice department opens investigation into Uber database breach that was reportedly done by the Lyft’s technology chief. Security researcher has found that it is surprisingly easy to hack the United States power grid. Security company FireEye, has identified that APT16 has been carrying out phishing attacks on unnamed media outlets.
A database used by Hello Kitty fans has reportedly been found online after servers were hit last month. As many as 3.3 million records are said to be in the database. It’s not immediately clear where the database was leaked to, or if the database can be verified for authenticity. The breach, first reported by CSO Online, was discovered by security researcher Chris Vickery. Records in the data cache include names, encoded but easily reversible birthdays, gender, security questions and answers, and unsalted passwords using the weak SHA1 algorithm.
The Department of Justice is investigating a data leak at Uber, including whether or not employees at rival Lyft had anything to do with the incident. Popular ride-hailing service Uber revealed earlier this year that data on as many as 50,000 of its drivers had been accessed without its consent in May 2014. A subsequent Uber investigation found that an Internet address possibly associated with the leak was traced to Lyft’s technology chief Chris Lambert, Reuters reported in October based on two anonymous sources.
Security researcher Brian Wallace was on the trail of hackers who had snatched a California university’s housing files when he stumbled into a larger nightmare: Cyberattackers had opened a pathway into the networks running the United States power grid. Digital clues pointed to Iranian hackers. And Wallace found that they had already taken passwords, as well as engineering drawings of dozens of power plants, at least one with the title “Mission Critical.” The drawings were so detailed that experts say skilled attackers could have used them, along with other tools and malicious code, to knock out electricity flowing to millions of homes.
An attack on the unnamed media outlets came in the form of phishing e-mails with the subject line “DPP’s Contact Information Update,” according to research by security company FireEye Inc., which identified a Chinese state-backed group called APT16 as carrying out attacks. Hackers also infiltrated e-mails of party staff, changing security protocols and writing messages spoofing the account holders in what may have been an attempt to deliver malicious code, according to one of the victims.