Security News Survey – June 14, 2019

This week, we look at data breaches affecting Customs and Border Protection and Evite, as well as cyber attacks on two U.S. cities’ operations.

Headlines this week were rife with revelations about more data breaches and cyber attacks, reiterating that attacks are becoming more targeted and that proactive security is crucial. Let’s take a look at a few news items that caught our eye.

Customs and Border Patrol reveals data breach compromising license plate and traveler photos

This week, U.S. Customs and Border Protection (CBP) revealed that a data breach has compromised photos of individuals crossing U.S. borders over a period of a month and a half. According to reports, the breach resulted from a cyber attack against an unnamed subcontractor, who had received copies of the license plate and traveler photos “without CBP’s authorization or knowledge.” CBP insists that the subcontractor violated security and privacy protocols that were stipulated in the company’s contract. CBP claims their own network was not affected by the breach, and that fewer than 100,000 travelers were impacted. The breach did not compromise any other sensitive information such as passport or travel document photographs.

Evite data breach affects 10 million users

Online invitation and social planning service Evite confirmed a data breach this week affecting ten million user records. A hacker that goes by the name Gnosticplayers obtained data from Evite and five other companies—Canva, ShareThis, GyfCat, UnderArmor, and ShareThis—and put the data up for sale on the dark web in April. The Evite data that was compromised included users’ names, email addresses, IP addresses, cleartext passwords, and more. According to ZDNet, the data was up for sale for $1,900 worth of Bitcoin. Evite has confirmed that the data breach occurred in February and that the company has been investigating the incident in conjunction with law enforcement and security experts.

Ransomware strikes Lake City, Florida

Another U.S. city has fallen victim to a ransomware attack this month. Lake City, Florida, suffered an attack at the hands of TripleThreat ransomware on June 10, shutting down its systems and leaving city officials without access to email. The city started recovery initiatives immediately. According to the city’s IT director, data recovery efforts have been “successful.” Thankfully, the attack does not appear to have impacted any vital civil services such as police, fire, or emergency operations.

Lake City is the latest in a series of U.S. cities to be hit by ransomware attacks. Lake City appears to have suffered comparatively minor impact on the city’s operations; other cities, such as Baltimore, Maryland, have not been as lucky.

Malware attack shuts down Philadelphia courts

It has also been confirmed this week that Philadelphia’s online court systems suffered a malware attack that forced the city’s attorneys to turn to manual processes. A small number of computers appeared to have been infected by the malware, and most of the court’s system was shut down as a precaution. The shutdown meant that no one could file documents electronically, which led to more in-person paperwork and longer lines. Officials are investigating the incident but have not been able to share any details about the attack, including what type of malware was leveraged, and they have yet to establish a timeline for when the court’s systems will be back up and running.