Security News Survey – January 4, 2019

This week we’ve seen millions of compromised gamers, a stolen laptop, and The Dark Overlord’s New Year's antics.

Happy New Year, readers! 2019 has barely started and we are already seeing a lot happening in the cybersecurity world. While we tried to say goodbye to 2018’s data breaches, it seems they’re still making waves for us as we enter the new year.

Let’s look at three key news items that caught our attention this week.

7.6 Million “Town of Salem” Gamers Compromised

On January 2nd, BlankMediaGames confessed to a sizable data breach that exposed personal information of 7.6 million “Town of Salem” gamers. Prior to Christmas, data breach indexing service DeHashed received a copy of the stolen data, which included usernames, email addresses, hashed passwords, IP addresses, and more. It appears no payment information was compromised. Unfortunately, DeHashed struggled to get a hold of BMG for a bit given the company’s holiday shutdown.

Details remain sparse about how the breach occurred, but it seems steps have been taken this week to remove backdoors and secure compromised servers. Looking at the compromised information, the breach could’ve been worse, but the volume of affected users is nothing to scoff at.

Stolen Laptop Compromises 15,000 of Blue Cross Blue Shield Members

Blue Cross Blue Shield of Michigan is dealing with a potential data breach that could impact up to 15,000 Medicare Advantage members—all the result of the theft of an employee’s laptop in late October 2018. According to Blue Cross, the employee’s login details may have been compromised despite the fact that the laptop is encrypted and protected by a password. Unfortunately, the type of information compromised is not inconsequential: names, addresses, dates of birth, enrollee ID numbers, medications, diagnoses, etc. Thankfully, SSNs and financial information appear to have been saved.

They’ll be monitoring for attempted logins to the employee’s laptop and accounts for the foreseeable future, no doubt (pro tip: user and entity behavioral analytics (UEBA) is a perfect tool for this type of job). Healthcare companies struggled massively with data breaches in 2018, and the damage is catching up. According to a new report by the American Journal of Managed Care, hospitals are spending 64 percent more on advertising during the two years succeeding a data breach. Data breaches are clearly not cheap.

9/11 Insurance Files Ransomed by The Dark Overlord

Hacker group The Dark Overlord (the same group who leaked an entire season of Orange is the New Black) commemorated New Year’s Eve 2019 with a bit of public extortion on Pastebin. In an apparent attempt to exploit the 9/11 conspiracy theory craze, the group threatened to release 10GB of 9/11-related files stolen from various legal firms and insurers unless an undisclosed ransom is paid. According to Motherboard, Hiscox Group—one of the claimed breachees—confirmed that an April 2018 data breach affected a law firm that previously advised the company, and that 9/11-related litigation files were impacted.

The Dark Overlord’s threats are widespread, warning any individuals or companies involved in litigation, insurance, law enforcement, property management, or politics that they may be included in the compromised documents. In true Dark Overlord fashion, the group is generously offering to redact those mentions—for a small fee, of course.

We’ll have to keep an eye on this one to see how it plays out. If nothing else, it’s a good reminder that data breaches are the (unwanted) gift that keeps on giving—even 8 months after the breach occurred.

Update 1/4/2019 at 11:15 a.m. PST: It seems The Dark Overlord wasn’t playing around. Despite several ransom payments already made to the group’s bitcoin account, The Dark Overlord released around 70MB of data in what appears to be the first of the promised five data dumps. Yikes.