Vendor Causes Breach, Texas Supplier Hacked, Nokia Investigates Breach
Hey people! It’s a new week, and we are back with a fresh dose of cybersecurity news once again. This week, it’s all about big companies being attacked by threat actors. Now you know that no one is completely safe from cyberattacks, not even big industry names.
The sensitive data of Amazon employees was breached because of a third-party vendor. Next, a Texas oilfield supplier fell prey to a ransomware attack. Also, Nokia, the mobile manufacturing giant, has been facing the brunt of cyberattacks and is busy conducting thorough investigations.
Let’s not waste any more time and jump into the details!
Keep reading to stay cyberaware.
Third-party vendor led to employee data breach at Amazon
Amazon is currently facing a data breach where its employee data was compromised- thanks to a third-party vendor named MOVEIT. The breach happened because of a vulnerability in MOVEit (CVE-2023-34362). The vulnerability was discovered in 2023 in its file transfer software. Because of the vulnerability, hackers can conveniently bypass authentication on networks that are unpatched. This way, they can access important files illegitimately. The hackers replicated the process with Amazon and gained access to Amazon’s employee data.
Amazon has stated that the data breach happened because of the third-party property management vendor, MOVEit, and that all of Amazon’s systems are completely secure. The spokesperson at Amazon said that other customers who worked with MOVEit have also been affected by similar instances of data breaches. Amazon employee data that got compromised included sensitive details such as desk phone numbers, building locations, email addresses, and so on.
This unfortunate incident of employee data breach is a staggering reminder of supply chain vulnerabilities. Experts believe that as many as 600 MOVEit servers have fallen prey to its vulnerabilities.
Texas oilfield supplier attacked by mystery hackers
Newpark Resources recently filed a complaint against ransomware attacks with the SEC or Securities and Exchange Commission. It is an oil drilling fluids system as well as a composite matting systems provider based in Texas.
The company has yet to share further details as to how the threat actors got access to their network. Also, details on the identity of the attackers and the reason behind the attack still remain undisclosed.
Once Newpark learned about the data breach, the security response plan was implemented as soon as possible to mitigate the impact of the attack. Also, the oilfield supplier restricted access to a certain extent. The attack has resulted in limited access to specific parts of Newpark’s information systems and business applications, financial operating systems, corporate functions, and so on. On the brighter side, field operations and manufacturing processes managed to stay uninterrupted.
The point of relief is that the stolen data has not made an appearance on any leak sites yet.
Experts believe that industrial organizations are walking the tightrope whereby they are required to maintain the ultimate balance. On one hand, they will have to streamline connectivity for smooth operations. On the other hand, they will have to take care of cyber safety to prevent intruders from breaking into their networks.
A Texas oilfield supplier, Newpark Resources, was hit by mystery hackers, highlighting the critical need for email security measures like DMARC, DKIM, and SPF to protect against unauthorized access and phishing attacks.
Nokia investigating data breach but got no proof of attack yet
This Tuesday, notorious threat actor IntelBroker allegedly posted Nokia’s internal data online. The data includes internal credentials, SSH keys, and source codes. The attackers are putting up the data for sale on BreachForums for around $20,000.
The group of threat actors has claimed that it exploited a specific third-party contractor that was responsible for Nokia’s internal tool development. So far, there have been no reports about customer data breaches.
Nokia is completely aware of the claims by IntelBroker, and the mobile manufacturing giant is looking into the matter with absolute seriousness. Up until this time, Nokia has found no trace of data breach.
IntelBroker is known for its high-profile data breach incidents. They are a Serbia-based group of attackers who got active back in 2022. Since then, IntelBroker has impacted companies like Apple, Europol, General Electric, the US House of Representatives, and DARPA.
Experts believe that sooner or later, Nokia would realize that InterlBroker’s claims are absolutely true. They are concerned that if IntelBroker’s claim is true, then the stolen data would be used maliciously by other threat actors against Nokia. Hackers can use user credentials to get illegitimate access to Nokia’s networks. The nature of the data stolen would give a clear picture of the exact threats that Nokia might face in the future.
This data breach is also a bleak reminder of how even the biggest of names in the industry can be impacted by third parties. Major multinational organizations such as Bank of America, American Express, and Santander have already faced similar incidents. The third-party involvement has further complicated the situation for Nokia.