Recent Cyber Security Breaches: Morgan Stanley, Dreamhost and More

cyber security

As a managed IT service provider it is important to us to make sure to stay in know about the latest cyber security breaches. Every few weeks we like to share our findings with you here on our blog. Please take a peek below to learn more about some of the most recent cyber security attacks here and around the world.

Morgan Stanley (United States)

Financial Services Firm

The Hack: Third-Party Data Breach

Quick Summary: “Morgan Stanley has reported a third-party data breach after attackers reportedly stole customer data by hacking into the Accellion FTA server of a third-party vendor. That vendor, Guidehouse, is a third-party vendor that provides account maintenance services to Morgan Stanley’s StockPlan Connect business. Guidehouse notified the investment banking company in May 2021 that attackers had accessed its Accellion FTA server. The Clop ransomware gang claimed responsibility for the original Accellion hack. ” -ID Agent

Read More Here >> Morgan Stanley reports data breach after vendor Accellion hack

 

Altus Group (Canada)

Real Estate Software

The Hack: Ransomware

Quick Summary: “Altus Group, a commercial real estate software solutions company, has announced that its data was breached. The company initially said that no data was stolen, a new ransomware group begs to differ. New cybercrime gang Hive has published samples of data allegedly stolen from Altus Group on its new dark website. The provided sample of exfiltrated files includes business data and documents, as well as Argus certificates and development files. No ransom amount has been confirmed and the incident is under investigation.” -ID Agent

Read More Here >> New ransomware group Hive leaks Altus group sample files

 

Mercedes Benz USA (United States)

Carmaker

The Hack: Third Party Risk

Quick Summary: “Mercedes-Benz USA has disclosed a data breach impacting some of its US customers. The data breach exposed PII of under 1,000 Mercedes-Benz customers and potential buyers. This breach was announced after a Mercedes-Benz vendor informed the company that the personal information of select customers was exposed due to an insufficiently secured cloud storage instance.” -ID Agent

Read More Here >> Mercedes-Benz data breach exposes SSNs, credit card numbers

 

French Connection UK (United Kingdom)

Clothing Brand

The Hack: Ransomware

Quick Summary: “United Kingdom-based clothing company French Connection UK has been hit by a major cybercrime gang: REvil. The ransomware gang was able to get away with a plethora of internal company data after taking control of the company’s back-end servers. The type of data has not been specified, but both business and employee data is at risk.” -ID Agent

Read More Here >> Cybersecurity: REvil Ransomware Gang Strikes Again, Attacks FCUK Fashion Label

 

DreamHost (United States)

WordPress Hosting Service

The Hack: Unsecured Database

Quick Summary: “A misconfigured cloud database exposed over 800 million records linked to WordPress users through hosting provider DreamHost. The 814 million records came from the firm’s managed WordPress hosting business DreamPress and appeared to date back to 2018. In this 86GB database, researchers noted admin and user information, including WordPress login location URLs, first and last names, email addresses, usernames, roles, host IP addresses, timestamps and configuration and security information, some linked to users with .gov and .edu email addresses. The database was purportedly secured within hours but the damage had already been done.” -ID Agent

Read More Here >> Cloud Database Exposes 800M+ WordPress Users’ Records

 

InfoSolutions (Sweden)

Medical IT Solutions

The Hack: Hacking

Quick Summary: “InfoSolutions, a company that provides IT services to Swedish Public Health Agency including maintaining journals and COVID-19 databases in Sweden, published a statement claiming that it detected an intrusion to a database employed by 15 of 21 Sweden’s regions. The company says that there is no indication that any information has been passed on and that the databases were locked quickly. The internal investigation is ongoing.” -ID Agent

Read More Here >> Swedish COVID-19 lab with millions of test results breached

*****

To learn more about how to keep your company safe and secure from cyber security attacks, click here to explore our San Diego IT Services & IT Security plans that are offered by SDTEK.

Leave a Reply