June’s Biggest Cyberattacks
Tokyo Olympics Cybersecurity Training Proves Less Than Secure
For a group of Olympic organizers already dealing with a full year’s pandemic delay and a ban on fans in the stands, a run-of-the-mill data breach might not have felt like quite the emergency it would have in a more normal year. Nevertheless, seeing the organizers of the Tokyo Olympics fall victim to the Fujitsu hack that has rattled Japan’s tech community is more than a little unsettling.
Tech giant Fujitsu’s cloud-based ProjectWEB platform, one of Japan’s most popular tools for file-sharing and collaborative work, was breached at the end of May and many Japanese businesses have been reeling ever since. The Summer Olympic Games were pulled into the maelstrom, ironically enough, via a cybersecurity training exercise. Data shared over ProjectWEB and subsequently stolen during that exercise included names and organizational affiliations of about 170 participants.
Considering the scope of international participants and sensitive information involved in organizing the Olympics, it should probably come as a relief that this particular hack didn’t yield more potentially harmful data. Even so, this incident underscores the vulnerability of even our most cherished global institutions—and raises the possibility of a more damaging breach next time around.
Records Exposed: Personal data of Olympic organizers
Type of Attack: Third-party software exploit
Industry: International athletics
Date of Attack: Late May 2021
Location: Tokyo, Japan
Key Takeaway: Even cybersecurity experts at one of the world’s highest-profile events are not immune to a third-party data breach. Potential third-party exploits need to be top of mind for organizations of all sizes, especially high-profile targets who could become “bragging rights” for hackers.
Carnival Cruise Passenger Data Goes Down With the Ship Again
The cruise ship industry has had an even rougher go the past couple years than most, and the latest in a rash of hacking incidents isn’t likely to change that. The fourth major cyberattack on Carnival Cruise lines in the past 15 months yielded an unknown amount of passenger data. Data stolen in this latest breach, which occurred in March but was not publicly revealed until June 16, seems to have included passport information, Social Security numbers, birth dates, addresses, and health information (including COVID status) of a significant number of passengers and employees.
While this breach is somewhat less damaging than the two ransomware attacks Carnival sustained last year, it continues a troubling pattern of cyber insecurity for the country’s largest cruise line. Carnival has taken the usual approach and contacted impacted passengers and employees about the breach, as well as set up a customer support line. The company’s stocks, meanwhile, took an immediate 3% hit in the wake of the latest attack.
Records Exposed: Personal data of cruise ship passengers and employees
Type of Attack: Unknown data breach
Industry: Travel and Leisure
Date of Attack: March 2021
Location: Miami, Florida
Key Takeaway: What’s the old saying about “fool me once”? While recent months have underlined that very few organizations are reliably safe from all forms of cyberattacks, four breaches in a little over a year indicates an industry-leading business that needs to greatly invest more of its time and money into safeguarding customer data. Especially since the cruise ship industry as a whole is already reeling from bad publicity about consumer health and safety.
Hackers Tamper With the Eyes and Ears of 3 Million Patients
In late May, the 20/20 Eye Care and Hearing Network revealed January breach of Amazon Web Services led to a staggeringly huge violation of its confidential healthcare records. In a breach that potentially impacted 3,253,822 health plan members, hackers broke into the AWS buckets of this Florida-based company that provides hearing and vision services for employee health plans.
Even more troubling than the size of the breach is its apparent maliciousness. Not only did the unknown hackers access confidential patient information—including names, Social Security numbers, and insurance data—they also deleted much of that material from 20/20 Network’s AWS S3 cloud buckets. The bad actors have not yet been identified, although a statement from the company vaguely mentioned “insider wrongdoing.”
Meanwhile, 20/20 Eye Care is being sued by at least one former patient who maintains that the company took insufficient measures to protect their personally identifiable information. The complaint also notes that 20/20 officials were apparently aware of the breach in mid-February but did not inform affected patients until May 28, which the plaintiff says constitutes a failure to give timely notice of such a potentially damaging violation.
Records Exposed: Personal data of more than 3 million vision and hearing patients, much of which was then deleted.
Type of Attack: Amazon Web Services breach
Date of Attack: January 2021
Key Takeaway: People take their confidential medical information extremely seriously. When a business that is entrusted with that information suffers a data breach, informing affected patients in a quick, transparent, and accurate fashion is imperative. As this case shows, failure to do that can cause major damage on both a financial and a reputational level.
Electronic Arts Gets Gamed by Source Code Thieves
One of the most prominent players in the world of video games suffered a major breach that left the company scrambling to safeguard its intellectual property. While it does not appear the June 10 attack put any customer data or personally identifiable information at risk, Electronic Arts (EA) did lose a good deal of valuable material. That includes source code for the company’s Frostbite engine, which powers a number of flagship game franchises such as “Battlefield” and “Star Wars” games, source code for the hugely popular “FIFA 21,” API keys for “FIFA 22,” and a number of other keys and debug tools.
It didn’t take long for the thieves to put that material up for sale on an underground hacking forum, offering about 780 GB of EA tools and data to the highest bidder. While the direct impact on EA’s business will probably be minimal, this theft sets a concerning precedent, especially since cybercriminals could use the stolen materials in future exploits of EA games and systems. One security expert has even raised the idea that the breached tools and resources could be valuable for unscrupulous competitors looking to cut into EA’s business.
Records Exposed: Source codes and tools associated with major video game franchises
Type of Attack: Unknown data breach
Industry: Video gaming
Date of Attack: June 10, 2021
Location: Redwood City, CA
Key Takeaway: Ransomware is the hottest topic and biggest threat of the moment, but old-fashioned data theft and black-market resale remains a lucrative business for hackers. Safeguarding intellectual property online needs to remain a top concern for creative organizations as they work to shore up their ransomware defenses.
Cybercriminals Beat the House at a Wisconsin Casino
In an attack deemed “beyond significant” by a spokesperson for a Wisconsin casino, cybercriminals forced a shutdown of most operations at the Menominee Casino Resort in Keshena. The June 11 hack was classified as “an attempted external attack” on the casino’s computer systems but does not appear to have impacted personally identifiable customer data.
Even so, the threat was dangerous enough to shut down much of the business’s computer systems and push casino officials to close down the hotel and gaming floor for nearly a week. When gaming services finally resumed, restaurant and bar service was available on a cash-only basis with limited menu options. Such a sophisticated attack targeted at a relatively small, tribally operated casino in a remote rural area sets a disturbing precedent for the gambling industry.
Records Exposed: Unknown, but system functions were compromised enough to shut down business functions for an extended period.
Type of Attack: Unconfirmed
Date of Attack: June 11, 2021
Location: Keshena, WI
Key Takeaway: Much like robbers targeting small-town banks in the Roaring ‘20s nearly one hundred years ago, today’s cybercriminals are increasingly aware of the ripe targets in out-of-the-way locations that may lack the advanced security systems of their larger counterparts. Organizations that deal with large amounts of data and money, no matter how remote, need to shore up their defenses against inevitable attacks.
This article was originally posted on Arcticwolf.com on July