MongoDB warns breach of internal systems exposed customer contact info

Trending 2 months ago

Infosec successful brief MongoDB connected Saturday issued an alert informing of "a information incident involving unauthorized entree to definite MongoDB firm systems, which includes vulnerability of customer relationship metadata and interaction information."

At nan clip of posting, nan NoSQL pioneer advised it was "not alert of immoderate vulnerability to nan information that customers shop successful MongoDB Atlas." Atlas is nan provider's multi-cloud database-as-a-service offering.

MongoDB nevertheless recommended customers "be vigilant for societal engineering and phishing attacks, activate phishing-resistant multi-factor authentication (MFA), and regularly rotate their MongoDB Atlas passwords."

That proposal appears to person been heeded: an update to MongoDB's advisory warned customers of "a spike successful login attempts resulting successful issues for customers attempting to log successful to Atlas and our Support Portal." That spike was unrelated to nan information incident, and customers were asked to "try again successful a fewer minutes if you are still having problem logging in." – Simon Sharwood

Critical vulnerabilities: The not-patch-Tuesday list

As is usually nan lawsuit this clip of month, nan astir pressing vulnerabilities of caller days were revealed/patched successful Patch Tuesday releases. That said, there's still a fewer captious vulnerabilities to mention successful nan ICS world – they've gotta person a spot time too, right?

  • CVSS 9.8 – So galore CVEs: Siemens SIMATIC S7-1500 CPU PLCs person a whopping 404 vulnerabilities successful each versions of their package anterior to 3.1.0 that tin lead to accusation disclosure, tampering and DoS. Best spot ASAP.
  • CVSS 9.8 – CVE-2023-6448: Unitronics Vision Series PLCs moving VisiLogic anterior to v9.9.00 are each coded pinch default administrator passwords, which could fto an attacker return power pinch ease.
  • CVSS 9.1 – Multiple CVEs: Siemens SCALANCE M-800 and S615 family ICS switches incorporate a number of vulnerabilities that could let an attacker to inject codification aliases spawn a strategy guidelines shell.
  • CVSS 8.1 – Multiple CVEs: Siemens's SINEC business web guidance package contains a number of vulnerabilities that could let an attacker to trigger DoS, intercept credentials and escalate privileges.

Cancer patients talented vacation information ransom letters

Patients astatine Seattle's Fred Hutchinson Cancer Center person begun receiving ransom letters demanding $50 to support information exposed successful a November information breach from being sold connected nan acheronian web.

The breach, which Hutchinson acknowledged publically connected December 1, warned that nan facility's objective web was breached by an chartless attacker.

The comparatively caller Hunters International ransomware pack has since claimed responsibility, claimed it stole 533GB of files from nan Cancer Center, and added nan org to its list of victims.

Hunters world besides claimed work for hacking systems belonging to a US integrative surgeon's session and leaking diligent photographs to extort a ransom costs successful October.

Seattle news sources reported past week that galore patients person received ransom letters pinch "some beautiful circumstantial information" successful them, according to 1 patient. Hutchinson's page addressing nan breach doesn't bespeak what information was compromised, but nan ransom notes sent to patients bespeak names, societal information numbers, addresses, telephone numbers, aesculapian history, laboratory results and security accusation were stolen.

  • 23andMe responds to breach pinch caller suit-limiting personification terms
  • EU lawmakers finalize cyber information rules that panicked unfastened root devs
  • Leader of pro-Russia DDoS unit Killnet 'unmasked' by Russian authorities media
  • Your password hygiene remains atrocious, says NordPass

What's worse than getting teeth pulled? Getting your dental information stolen

US dental security group Delta Dental has waited a while to fess up to being a unfortunate of attacks connected MOVEit. Consider this your notice: If you're a Delta diligent there's a bully chance your information - including financial relationship numbers, credit/debit paper numbers and PINs - were lifted on pinch astir 7 cardinal different patients.

Delta past week informed nan Maine Attorney General that it was different unfortunate of nan MOVEit record transportation app attack. While only 3 Mainers were affected, 6,928,932 folks astir nan US had their information lifted.

Delta said it didn't spot nan breach until July, and said that, on pinch nan aforementioned financial information, drivers licence numbers, societal information numbers, addresses, wellness security info and wellness accusation was besides lifted.

As has been nan lawsuit successful different breaches, including MOVEit leaks, Delta is offering free in installments monitoring services and a sincere apology to nan millions of group who are only now being notified that they request to deliberation astir changing their PINs aliases getting caller in installments cards.

According to nan latest updates from antimalware vendor Emsisoft, which has monitored nan MOVEit massacre, Delta and different recently-admitted breaches person brought nan full number of organizational victims to 2,686, pinch astir 91 cardinal individuals having been affected. ®