Back to top

Hacks, Attacks and Breaches: 7/22/2020 to 7/28/2020

Suzanne Gassman

Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.

The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.

United States – CaptainU

Exploit: Unsecured Database
CaptainU: College Recruiter 

Risk to Small Business: Cybersecurity researchers recently uncovered an unsecured Amazon S3 (Simple Storage Service) bucket containing nearly 1 million records of sensitive high school student academic information. The exposed data included GPA, ACT, SAT, and PSAT scores, unofficial transcripts, student IDs, students’ and parents’ names, email addresses, home addresses, and phone numbers – plus pictures and videos of students’ athletic achievements, messages from students to coaches, and other recruitment materials. The files are still available.

How it Could Affect Your Business: Handling sensitive data, especially for children, creates an extra level of responsibility. Companies that fail at taking that seriously will inevitably lose business. This incident also opens CaptainU up to regulatory scrutiny and lawsuits.

United States – CouchSurfing

Exploit: Unsecured Database
CouchSurfing: Crowdsourced Hospitality 

Risk to Small Business: The San Francisco based housing and hospitality service is investigating a security breach that was recently discovered when hackers began selling the details of 17 million users on Telegram channels and hacking forums, with some priced at $700 USD. User details such as user IDs, real names, email addresses, and CouchSurfing account settings, were for sale, although no passwords or financial data were reported as available. The pilfered information is now available on RAID Forum, the go-to place for buying and selling stolen databases on the public internet.

How it Could Affect Your Business: Unprotected databases are always trouble. Although no passwords were listed as compromised in this attack, these incidents often raise a company’s risk of credential compromise if a staffer has recycled their password or signed up for a service using their business email.

United States – Garmin

Exploit: Ransomware
Garmin: Navigation Hardware and Software Provider

Risk to Small Business: Garmin has had a difficult and damaging week. A ransomware attack wreaked havoc on its operations and manufacturing capability, encrypting its internal network and some production systems. The company plans to deal with the mess a multi-day maintenance operation including shutting down many essential business components for restoration and security updates. Those components include its official website, the Garmin Connect user data-syncing service, Garmin’s aviation database services, and some production lines in Asia. Garmin’s call centers were also impacted, rendering it unable to answer calls, emails, and online chats sent by users.

How it Could Affect Your Business: Ransomware is typically the nasty payload of a phishing email. Even huge, multinational corporations can be humbled by something as small as one email, just like Twitter was last week.

United States – GEDmatch

Exploit: Unauthorized Database Access 
GEDmatch: Genealogy and Genetic Testing Service

Risk to Small Business: GEDmatch is famous for being the site used to catch and effectively prosecute the notorious Golden State Killer. But they weren’t able to secure their data effectively, because hackers were able to gain access to the company’s internal storage, obtain some user information, and change account permissions last week. About 280,000 of the 1.45 million profiles on the site had agreed to share their information with law enforcement agencies. In the recent breach, attackers scooped up information and also changed users’ settings so that all 1.45 million DNA profiles were available to law enforcement searches – twice. The hack was then compounded as information purportedly gained in the incident was used to mount a phishing attack on the clients of an Israeli partner of GEDmatch, MyHeritage. The GEDmatch site has been taken down for maintenance and recovery with no ETA on restoration.

How it Could Affect Your Business: Not only can a cybersecurity incident lead to an embarrassing and expensive breach for one company, it can also open that company’s partners up to cybercrime risks, like the phishing campaign mounted against MyHeritage users.

United States – Family Tree Maker

Exploit: Unauthorized Database Access
Family Tree Maker: Genealogy Software 

Risk to Small Business: An unsecured Elasticsearch server is to blame for Family Tree Maker’s leak of more than 25GB of user data. User information that was leaked includes email addresses, geolocation data, IP addresses, system user IDs, support messages, and technical details. The leak apparently also included technical details about the system’s backend.

How it Could Affect Your Business: An unsecured database is an unnecessary foul. Overlooking basic security measures like this is an indicator that cybersecurity best practice isn’t being enforced actively and corners are being cut by careless staffers without repercussions.