Banco Pichincha shut down much of their online system after encountering suspicious activity on their network, though their ATMs and online banking were kept online. In other cybersecurity news, a flaw in a mobile application could have exposed the data of over 200,000 BrewDog shareholders.
Over the weekend, the IT systems for Olympus’ U.S. operations, a leading medical technology company, were taken offline to prevent further damage from a cyberattack. Officials claim that there is no indications of data loss, though this attack comes just weeks after Olympus EMEA fell victim to a ransomware attack that was attributed to the BlackMatter group. The investigation is still ongoing, with no update on when systems will be restored to normal functionality.
Following a suspected cyberattack, nearly all the core systems at the University of Sunderland, in the U.K., were forcibly taken offline. As of writing, the attack shut down their main website and classes were cancelled while the systems are being restored. Unfortunately, this attack is another in an extensive line of educational organizations being targeted as victims of cyberattacks, both for disruption and for financial gain.
Researchers discovered a serious flaw in the recently updated authentication system that BrewDog, a Scottish brewery, uses for their mobile applications. All their 200,000 shareholders could have had their information compromised. The flaw itself appears to bypass an authentication check that would confirm the identity of the user inputting the credentials but can easily be changed by appending the resulting URL. The discovered security flaw has been active for over 18 months.
Over a year after the San Juan Regional Medical Center in New Mexico suffered a data breach that saw an unknown hacker remove a significant amount of personally identifiable information, officials have finally begun contacting affected individuals. The attack occurred in early September 2020 but was first reported to authorities in June of this year. The attack compromised and leaked the data of 69,000 patients. Fortunately, the medical center properly secured their systems and are offering credit and identity monitoring for all affected individuals.
Following unusual activity in their networks, Banco Pichincha, Ecuador’s largest bank, was forced to take much of their network systems offline. Officials confirm that ATMs and online banking are still operational, though mobile apps are still down from the attack. Though it seems that no financial information has been taken, the appearance of Cobalt Strike on the bank’s network does appear to point towards a ransomware attack.