Weekly Email Security News Recap #1 [July 2022]
Making headlines in July’s first week of cybersecurity news and email security news is a data breach at the multinational hotel chain Marriott International. Another top story-making waves is that of a cyber group selling data of one billion Chinese citizens.
The beginning of the month was quite tense in the cyberworld, so dig in and find out the top news in our recap.
The week has started with an exclusive cybersecurity news story, which first emerged on the first and second of July.
A hacker’s post reportedly selling the personal data of one billion Chinese citizens on an online hacker forum began circulating on social media.
According to the hacker, the information came from the Shanghai National Police database, containing data of one billion Chinese national residents and several billion case records including:
- Mobile numbers
- National ID numbers
- Case details
The threat actor is identified as ChinaDan, who offered to sell over 23 terabytes (TB) of stolen data for nearly $195,000 (or 10 Bitcoin).
The CEO of Binance, Changpeng Zhao, tweeted that the company’s threat intelligence team found the records for sale on the dark web.
The cybercriminal provided a sample to peruse, containing 750,000 records for potential buyers.
It remains unclear how the cybercriminal could obtain the data. The hacker claims to have stolen it from a private cloud network belonging to Alibaba’s cloud computing subsidiary, Aliyun, which hosts the Shanghai National Police database.
However, Binance’s Zhao said that a government developer accidentally caused the breach, stating in his tweet, “Apparently, this exploit happened because the gov developer wrote a tech blog on CSDN and accidentally included the credentials.”
Several news platforms have contacted the Chinese government and the Shanghai Police for comments, but the authorities have so far remained silent about the incident.
While some cybersecurity experts remain suspicious of the magnitude and veracity of the hacker’s claims, the alleged data breach is still a significant concern. If it turns out to be accurate, this could be one of the largest data breaches in history.
Multinational hotel chain Marriott International has suffered its third major data breach since 2018, causing 20 GB of data loss.
On July 5th, the cybersecurity news headline broke on a website that tracks data breaches.
The purported origin of the stolen data is the BWI Airport Marriott server in Maryland, USA.
DataBreaches.net received a message from an unrecognized sender, claiming they had stolen data from Marriott hotels. The hackers remain unidentified, although they stated they sent emails to Marriott employees about the breach.
The cybercriminals say the hotel’s representatives initially communicated with them but stopped responding suddenly—supposedly when the subject of payment for the return of the stolen data came up.
Marriott representatives confirmed the breach, but they seemingly downplayed its severity, describing the stolen data as “non-sensitive internal business files.” The hackers disagree, citing “critical data” such as personally identifiable information of guests and employees.
The method of the breach was a social engineering scam. The hackers tricked a Marriott hotel associate into giving them access. A sample of the data was even shared with Databreaches.net. It included flight reservation details, info on assigned staff rooms, corporate credit card details, and airline employees’ names.
Marriott didn’t provide any further details about the data breach except that they’ve notified law enforcement, 300-400 individuals, and the appropriate data regulators.
Another week, and more proof that your cyberspace is never safe without proper security techniques. Without sufficient cybersecurity measures, even multinational enterprises and government domains are susceptible to cyberattacks.
Don’t waste time! Secure your domain; secure your business today!