Cyber Intelligence Weekly

Cyber Intelligence Weekly (September 4, 2022): Our Take on Three Things You Need to Know

By Dan Desko
Posted on Sep 04 / 2022

Welcome to our weekly newsletter where we share some of the major developments on the future of cybersecurity that you need to know about. Make sure to follow my LinkedIn page as well as Echelon’s LinkedIn page to receive updates on the future of cybersecurity!

To receive these and other curated updates to your inbox on a regular basis, please sign up for our email list here: https://echeloncyber.com/ciw-subscribe

Also, we are always looking for great people to join our team. If you know anyone who fits the profiles for any of our open positions, drop me a line and let me know!

Before we get started on this week’s CIW, I’d like to highlight our Cybersecurity Tabletop Exercise practice. We’ve all heard the old adage: it is not a matter of if, but when. As you prepare for when that cyber incident does occur, there's a way to ensure that you and your entire organization are well prepared with a professionally led tabletop exercise. Tabletop exercises are a proactive approach to cybersecurity that is not only a best practice, but also a necessity in today’s business climate. You'll build muscle memory to be more prepared to successfully face cyber incidents head-on. Please let us know if you’d like to perform professionally facilitated a tabletop exercise with our experts!

incident response planning

Away we go!

1. Chinese Database with Facial Recognition and License Plate Data Leaked

A recent report from TechCrunch reveals a potentially massive personal data set of Chinese nationals that has been leaked earlier this year. TechCrunch was contacted by security researcher Anurag Sen, who uncovered the exposed database on an Alibaba-hosted server in China. The database included hundreds of millions of personal records and was rapidly growing by the day. The database was supposedly fully exposed, not password protected, and could be accessed by anyone.

Chinese Database with Facial Recognition and License Plate Data Leaked

The database in question belongs to Xinai Electronics, a tech company based in Hangzhou. The company’s systems use facial recognition and are often used for things like building access, monitoring employee attendance and performance, as well as license plate recognition for automated parking garage systems. Essentially, the data they hold is highly sensitive from a privacy perspective.

While this sort of privacy breach in China may not seem surprising, the sheer scale of the data exposed should be a large cause for concern from a human rights perspective.

2. Nelnet Servicing Breach Exposes Data of 2.5M Student Loan Accounts

A recent report from Bleeping Computer outlines a data breach that may have exposed the data of about 2.5 million student loan borrowers serviced by Edfinancial Services as well as the Oklahoma Student Loan Authority (OSLA). The threat actors supposedly accessed their systems sometime in June and were present on those systems throughout the rest of the month and into July.

Nelnet Servicing Breach Exposes Data of 2.5M Student Loan Accounts

A sample notification letter outlining the details of the breach has been sent to the Maine Attorney General’s Office and can be found online. Per the notification letter, such personal information that was included in the breach includes name, address, email address, phone number, and Social Security Number.

Per a statement to the media, Nelnet official stated that their cybersecurity team discovered a vulnerability that they believe led to this incident and they took immediate action to secure systems and block the suspicious activity. A forensic investigation is on-going at this time.

3. Italian Oil Giant, Eni, Hit by Hackers

Per a recent report from Bloomberg, Italian oil giant, Eni, was hit recently by hackers. Per the Bloomberg article, Eni confirms that hackers gained unauthorized access to the company’s network and the company is working with authorities on the matter. According to the Bloomberg article, they cite that the Eni may have been hit by a ransomware attack.

Italian Oil Giant, Eni, Hit by Hackers

This comes on the heels of a security incident at Italy’s energy agency, Gestore dei Servizi Energetici SpA (GSE), earlier in the week. The BlackCat ransomware group took credit for the attack on GSE, claiming to have stolen more than 700 GB of data from the agency. These recent attacks have Italian officials very concerned, so much so that the National Cyber Security Agency recommended on Friday to “raise the levels of protection of digital infrastructure of energy operators, constantly updating them in line with the most recent threat information.”

These types of attacks further the need to bolster cyber defenses at critical infrastructure agencies and organizations to help ensure that these types of disruptive attacks do not occur at scale.

Thanks for reading!

About us: Echelon is a full-service cybersecurity consultancy that offers wholistic cybersecurity program building through vCISO or more specific solutions like penetration testing, red teaming, security engineering, cybersecurity compliance, and much more! Learn more about Echelon here: https://echeloncyber.com/about

Sign Up for Weekly Cyber Intelligence Delivered to Your Inbox

Sign Up
Sign up to get Cyber Intelligence Weekly in your inbox.
Latest Intelligence
Cyber Intelligence Weekly (April 21, 2024): Our Take on Three Things You Need to Know
Posted on Apr 21 / 2024
The Latest in FedRAMP Compliance: Breaking Down Red Teaming for Enhanced Security
Posted on Apr 18 / 2024
Cyber Intelligence Weekly (April 14, 2024): Our Take on Three Things You Need to Know
Posted on Apr 14 / 2024