Keypoints
- HealthEquity data breach exposed personal information of about 4.3 million Americans due to compromised partner credentials.
- MediSecure data breach affected 12.9 million Australians, involving the loss of 6.5 terabytes of data and raising infrastructure concerns.
- WazirX crypto exchange breach resulted in over $230 million stolen via its Safe Multisig wallet, due to a payload alteration by attackers.
- Rite Aid data breach impacted about 2.2 million people with a ransom demand by the RansomHub group.
- AT&T data breach exposed call metadata for roughly 110 million customers, with the breach linked to a ShinyHunters actor and claimed ransom payment.
- Evolve Bank & Trust suffered a LockBit ransomware attack affecting 7.6 million individuals, with 24 months of monitoring offered to victims.
- Neiman Marcus data and high-profile leaks were tied to ShinyHunters/Sp1d3rHunters, with additional data exposure implications including Twilio Authy and Prudential Financial breaches.
MITRE Techniques
- [T1078] Valid Accounts – ‘Use of compromised credentials to gain unauthorized access.’
- [T1486] Data Encrypted for Impact – ‘Ransomware attacks encrypting data to demand ransom.’
- [T1041] Exfiltration – ‘Unauthorized access and extraction of sensitive data.’
- [T1003] Credential Dumping – ‘Exploitation of credentials from compromised systems.’
- [T1071] Application Layer Protocol – ‘Exploitation of unsecured API endpoints to access sensitive information.’
Indicators of Compromise
- [PII] Personal Data – HealthEquity and MediSecure contexts of exposed personal information (e.g., 4.3 million Americans; 12.9 million Australians) – HealthEquity: 4.3 million Americans’ personal information; MediSecure: 12.9 million Australians’ personal data
- [Phone Numbers] Exposure – Twilio Authy: 33 million phone numbers; AT&T metadata: phone numbers involved in calls/texts
- [Financial/SSN Data] Banking/SSNs – Evolve Bank & Trust: Social Security numbers and bank account numbers
Read more: https://socradar.io/major-cyber-attacks-in-review-july-2024/