Back to top

Hacks, Attacks and Breaches: 1/27/2021 to 2/2/2021

Suzanne Gassman

Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.

The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.

United States – USCellular

Exploit: Credential Compromise
US Cellular: Mobile Phone Company 

Risk to Small Business: USCellular, the fourth largest mobile network in the US, has suffered a data breach after a successful malware attack. Hackers used malicious code disguised as a routine software update to gain access to systems including its Customer Relationship Management (CRM) and client records. This is not USCellular’s first time at this rodeo – the company has had consistent information security problems.

How it Could Affect Your Business: Data like this is sought-after by cybercriminals to power phishing operations. Unfortunately for these folks, it often hangs around for years on the Dark Web, acting as fuel for future cybercrime.

United States – DSC Logistics

Exploit: Ransomware
DSC Logistics: Shipping and Freight Logistics 

Risk to Small Business: DSC logistics received an unwelcome delivery of Egregor ransomware. The attack was announced on the gang’s ransomware site. The company noted that it was successfully able to continue operations without incident. DSC has called in outside experts to investigate and declined to comment on whether any data was stolen.

How it Could Affect Your Business: Ransomware has been a plague on every industry, but freight and logistics companies have been hit especially hard in recent months.

United States – Nissan North America

Exploit:  Misconfiguration
Nissan North America: Automotive Manufacturer 

Risk to Small Business: Nissan North America recently suffered a data breach that resulted in source code for its mobile apps and internal tools turning up online. The data leak is reportedly the result of a misconfigured Git server. The source code is reported by a security researcher to pertain to Nissan NA Mobile apps, some parts of the Nissan ASIST diagnostics tool, the Dealer Business Systems and Dealer Portal, Nissan internal core mobile library, Nissan/Infiniti NCAR/ICAR services, client acquisition and retention tools, sale and market research tools and data, various marketing tools, the vehicle logistics portal and vehicle connected services.

How it Could Affect Your Business: Keeping data safe from hackers starts with keeping data secure by using strong identity and access management tools across the board and basic security protocols like multifactor authentication.