Cybersecurity news: The latest cyberattacks and data breaches
Various cyberattacks have been recorded over the past few days, with hackers acquiring valuable data from organizations, businesses, and governments.
Some of the most significant cyberattacks of recent days are those on KeyBank, InterContinental Hotels Group, and digital government infrastructure in Albania and Montenegro.
Hackers stole customers’ data
Cleveland-based KeyBank admitted that a group of hackers managed to stole customers’ data, including Social Security numbers, addresses, and account numbers of home mortgage holders at the bank.
The data breach was allegedly caused by third-party vendor Overby-Seawell, a company providing multiple corporate clients, including KeyBank, with insurance services.
“All of us at Key deeply regret that this incident occurred. Your business means a great deal to us, and keeping your personal information safe and secure is extremely important. Please let us know if you have any questions regarding the letter. Feel free to DM us,” KeyBank noted on social media. “We’re working with the vendor to confirm they are addressing the root causes of this incident to prevent a similar event from occurring in the future. We encourage you to take advantage of the services in the letter received. It provides the steps you need to take to enroll.”
So far, it is unclear how many customers were affected by the data breach.
Booking systems outage
The serious malfunctioning problems faced by the InterContinental Hotels Group (IHG), also known as IHG Hotels & Resorts, were attributed to a cyberattack by hackers. The attack affected IHG’s booking systems and mobile apps.
According to the company, parts of its technology system have been subject to unauthorized activity. “IHG has implemented its response plans, notifies relevant regulatory authorities, and is working closely with its technology suppliers. External specialists have also been engaged to investigate the incident,” said the company a couple of hours after the attack. The hackers’ identity remains unknown, and the company hasn’t clarified if or what data was stolen.
A hacking gang hits Montenegro
Montenegro blamed the criminal group called Cuba ransomware for critical cyberattacks on the government’s digital infrastructure.
“Certain services were switched off temporarily for security reasons, but the security of accounts belonging to citizens and companies and their data have not been jeopardized,” Public Administration Minister Maras Dukaj wrote on Twitter.
Due to the attack, government websites were shut down while the hackers appeared to have stolen government documents which were then leaked onto the dark web.
The Cuba ransomware group claimed responsibility for the cyberattack and said they had acquired financial documents, correspondence with bank employees, account movements, balance sheets, and tax documents.
Albania blames Iran for a cyberattacks
Albania has cut diplomatic ties with Iran and expelled the country’s embassy staff, blaming Tehran for a major cyberattack that occurred in July.
The cyberattacks had temporarily shut down various Albanian government digital services and websites. “The deep investigation put at our disposal undeniable evidence that the cyberattack against our country was orchestrated and sponsored by the Islamic Republic of Iran, which had involved four groups in the attack on Albania,” said Edi Rama, the Prime Minister of Albania in a video statement. The United States condemned the cyberattack on its NATO ally and warned Tehran that it would take action “to hold Iran accountable.”
Classified NATO documents sold on the dark web
Prosecutors said that Portuguese justice had opened an investigation into the case of classified documents sent by NATO to Portugal, which were spotted for sale online after a cyberattack targeting the general staff of the country’s armed forces.
The reaction of the Portuguese authorities came after the information published by the newspaper Diario de Noticias, according to which hundreds of secret documents sent by NATO to Portugal were found for sale on the dark web.
The theft of the documents followed a hack “perpetrated by bots programmed to detect these types of documents,” targeting the general staff of the armed forces and the military’s Intelligence services, according to the Portuguese newspaper.