Last week, officials for Air Canada released a statement regarding a security incident that briefly impacted one of their internal networks and compromised some sensitive employee records. During the investigation, Air Canada staff were able to confirm that neither their flight operations systems nor any customer information were affected by this breach, though the threat actors behind the incident are still unclear.
Xenomorph malware campaign targets global financial institutions
Over a year after Xenomorph malware became known, a new campaign has been identified that has focused on US banks and has also expanded its reach to include several European countries as well. It is also believed that the threat actors responsible for Xenomorph have either begun collaborating with other info stealers or that they have started operating as a malware-as-a-service and are bundling with other malware families to increase their impact.
3.4 million individuals affected by MOVEit hack on Ontario’s child registry
It was recently announced that the Better Outcomes Registry & Network (BORN) healthcare organization in Ontario, Canada had been affected by the Cl0p ransomware group’s MOVEit hack earlier this year and had compromised sensitive patient information on 3.4 million individuals. BORN officials became aware of the breach on May 31st and confirmed that sensitive information on service users from January 2010 to May 2023 had been exfiltrated by the threat actors.
Rhysida ransomware group claims attack on Kuwait Ministry of Finance
The threat actors behind the Rhysida ransomware group have recently posted a significant amount of stolen information to their dark web leak site, and claim it was from their September 18th attack on Kuwait’s Ministry of Finance. While the investigation is still ongoing, some officials from the Ministry have confirmed that payroll and salary systems were unaffected, as they are on a different server, and that their security measures were quick to detect the intrusion and shutdown additional connected servers to prevent further spreading. If this attack is confirmed as Rhysida, it would be the 44th organization to fall victim to their attacks in 2023.
MOVEit hack compromises educational non-profit, National Student Clearinghouse
One of the largest educational non-profit organizations, National Student Clearinghouse (NSC), has confirmed that they had fallen victim to the MOVEit data transfer hack in May of this year. Their internal investigation didn’t identify the impact of the breach until 3 weeks later and determined that a significant amount of personally identifiable information (PII) had been exfiltrated through the breach and affected students from NSC’s 25,000 affiliated educational institutions.
