Recent Cyber Security Breaches: Instacart, Canon and More

Cyber Security - Security Breaches
As a managed IT service provider it is important to us to make sure to stay in know about the latest cyber security breaches. Every few weeks we like to share our findings with you here on our blog. Please take a peek below to learn more about some of the most recent cyber attacks here and around the world.

Instacart

Grocery Shopping and Delivery Service

The Hack: Unauthorized Access to Data

Quick Summary: “In a statement posted to its website, Instacart has announced that it has suffered another data breach, less than a month after a breach that was widely reported in the media containing user account data. This time, two employees at a third-party service provider accessed accounts that they shouldn’t have, exposing customer information again.” -Kevin Lancaster

Read More Here >> Instacart discloses security incident caused by two contractors

 

Carnival Corporation (United States)

Cruise Line

The Hack: Ransomware

Quick Summary: “Carnival has released a statement noting that on August 15 attackers “accessed and encrypted a portion of one brand’s information technology systems,” and that the intruders also downloaded files from the company’s network. preliminary assessment of the incident, Carnival said it expects that the attackers gained access to some guest and employees’ personal data, but it is still investigating the incident. This is Carnival’s second breach this year after another breach was disclosed in March.” -Kevin Lancaster

Read More Here >> World’s largest cruise line operator discloses ransomware attack

 

Canva (Australia)

Digital Design Platform

The Hack: Unauthorized Systems Access

Quick Summary: “Digital design powerhouse Canva found itself in hot water this week as hackers accessed the platform and used it to facilitate spear phishing attacks. Canva unwittingly provided phishing campaigns with graphics that then made the threat actors’ attacks appear more legitimate to facilitate pilfering credentials through social engineering trickery. The problem was first noted in February but has accelerated since. The hack may be related to a significant May 2019 data breach that Canva has not confirmed but was widely reported.” -Kevin Lancaster

Read More Here >> Hackers hijack design platform to go phishing

 

Nova Scotia Health Authority (Canada)

Healthcare System

The Hack: Unauthorized Database Access

Quick Summary: “Not one but two security breaches at the Nova Scotia Health Authority have been reported as patient data was accessed by unauthorized individuals. The information was reported as “viewed”, but no details were given on how or by whom. The Nova Scotia Health Authority said it had notified the province’s Office of the Information and Privacy Commissioner.” -Kevin Lancaster

Read More Here >> Two security breaches affects health information of 211 people in Nova Scotia

 

Canon (Japan)

Optical and Imaging Products Manufacturer

The Hack: Ransomware

Quick Summary: “International equipment behemoth Canon reported in a letter to staffers that it had been the victim of a ransomware attack that Canon impacted numerous services, including Canon’s internal email, Microsoft Teams, USA website, and other essential business applications. The Maze ransomware group has claimed credit for the successful attack and disruption of Canon’s business systems. Maze operators stated that they extracted 10 terabytes of data on private databases in the attack. Canon notes that some users’ still image and video image data stored in its image.canon cloud photo platform involving the 10GB long-term storage option was missing but offered no details as to the type of images that were taken.” -Kevin Lancaster

Read More Here >> Canon confirms ransomware attack in internal memo

 

Freepik (United States)

Photo and Graphic Library

The Hack: Unauthorized Database Access (Hacking)

Quick Summary: “Photo and graphics giant Freepik the security breach occurred after hackers were able to exploit an SQL vulnerability to gain access to one of its databases storing user data. The unidentified cybercriminals gained access to usernames and passwords for the oldest accounts registered on the Freepik and Flaticon websites, impacting millions of users.” -Kevin Lancaster

Read More Here >> Free photos, graphics site Freepik discloses data breach impacting 8.3M users

To learn more about how to keep your company safe and secure, click here to explore our San Diego IT Services & IT Security plans that are offered by SDTEK.

Leave a Reply