Morgan Stanley recently agreed to a $6.5 million settlement with six North American states over a data breach that compromised customer information. The affected states included New York, Connecticut, Florida, Indiana, Vermont, and New Jersey. This settlement came as a result of the company’s failure to protect customer data through enhanced security measures.
The incident dates back to 2016 when Morgan Stanley outsourced some of its work environment systems to a third-party vendor, who then subcontracted the process to others. Unfortunately, the subcontractors sold the systems without deleting the customer data loaded onto them. This oversight led to a breach in the following year, when the company overlooked an encryption flaw on 42 servers containing customer information during the decommissioning process. This flaw potentially allowed unauthorized access by third parties, resulting in the compromise of customer data.
In a separate incident, Samsung Electronics notified its customers in the UK of a data breach that occurred between July 2019 and June 2020. The breach was identified in November and was attributed to a hacker exploiting a software vulnerability to gain unauthorized access to the company’s computer network. The leaked information included email addresses, postal codes, phone numbers, and names, but fortunately, no financial details were compromised. It’s important to note that this breach is unrelated to a previous incident in March 2022 when the Lapsus$ Ransomware gang hacked into the Samsung network to steal sensitive information, including the source code of Samsung Galaxy smartphones.
In another cybersecurity incident, Booking.com, an Amsterdam-based company, fell victim to a phishing attack where cybercriminals breached its servers. Fortunately, the company confirmed that no financial details were accessed by the hackers. Evidence suggests that the servers of a third-party service provider leased by Booking.com remained unaffected.
Moving from breaches in the private sector to state-sponsored cyber-attacks, Russia’s GRU Intelligence-funded threat actors targeted Denmark’s national infrastructure in what has been described as the largest cyber-attack in the country’s history. The Sandwork hacking group is suspected of taking down the infrastructure of approximately 22 Danish energy companies by exploiting a software flaw in the firewalls designed to defend against cyber threats. In response, SektorCERT released a statement affirming that the government is actively working to mitigate such risks from adversaries.
These incidents highlight the ongoing threat of cyber-attacks and the need for organizations and governments to continuously enhance their cybersecurity measures to protect sensitive information. As the digital landscape continues to evolve, it is crucial for all stakeholders to remain vigilant and proactive in addressing potential vulnerabilities to prevent future breaches.