One of the nation’s largest library groups, the Boston Public Library system, was forced to temporarily shut down several their systems after a cyberattack. In other cyber security news, Illinois patients of the DuPage Medical Group could be facing a serious breach of their medial records resulting from a July cyberattack.
Following a recent ransomware attack, Bangkok Airways has confirmed that their systems were compromised and some customer data was stolen. Unfortunately, their announcement was preceded by the LockBit ransomware group’s reveal of the stolen data on their leak site. It is believed that this attack as well as a recent attack on Ethiopian Airlines were both performed by the same group, who used the Accenture vulnerability to gain access to the affected airline’s systems.
The DuPage Medical Group (DMG) is contacting their collective 600,000 Illinois patients to inform them of a data breach that potentially leaked a significant amount of medical information. After the July cyberattack took forced the medical group to take several of their systems offline, the medical group has been busy investigating the unauthorized intrusion but only recently discovered the stolen data. DMG have offering credit and identify monitoring services to any affected patients, in hopes of catching any resulting fraud.
At the end of August, the Marketo hacker group posted 4GB of data that they claim was stolen from the Fujitsu tech company. While the number of buyers for the data trove is unknown as it is privately posted, it does appear to have generated interest from other potential threat actors. Officials are investigating whether this data is connected to a cyberattack that Fujitsu suffered back in May, though no conclusions have been made.
The Boston Public Library revealed that their systems were forced offline due to a cyberattack affecting the entire network of one of the largest publicly available library databases. While there aren’t many details known about the attack itself, officials for the library have isolated the attack and kept the affected systems offline to avoid further harm. Fortunately, the IT staff has already been able to get some systems restored and will hopefully have the remaining systems back to normal functionality soon.
Researchers discovered an unsecured Elasticsearch database containing over 134GB of information belonging to a Chinese games developer. This unsecured database could have exposed millions of users to potential fraud. Though nobody from the games developer, EskyFun Entertainment Network, responded to the researcher's initial contact, the database was promptly secured once the Hong Kong CERT organization was informed of the breach.