Weekly Cybersecurity Recap November 10
Table of Contents
- By Steven
- Nov 10, 2023
This week, a variety of cyberattacks and victims have appeared. The pilot union Allied Pilots Association (APA), representing American Airlines pilots, disclosed a ransomware attack early in the week. An active ransomware attack unfolded by Tuesday, targeting LEGO fanatic website BrickLink. Sand LifeStyle members also had exposed data following a breach in Singapore’s Marina Bay Sands resort network. Hacktivists also attacked the artificial intelligence world; the DDoS attack took some ChatGPT services down for nearly a day. It’s not all bad, though—Sumo Logic successfully defended data from a provider breach after assailants compromised account information. Read more about this week’s events below.
Allied Pilots Association
Although the investigation remains ongoing, the APA is likely the victim of a ransomware plot; the assault was purportedly severe, as employees could not make updates via the compromised website. The threat actors were able to encrypt some of the systems they accessed. It is too soon to determine the consequences of this attack; as many as 15,000 pilots may have had their information exposed. APA members are strongly encouraged to consider monitoring services and identity protective options in the coming days.
LEGO, a toy industry foundation, has a variety of fanbases; BrickLink is its closest relation, with users being able to design, sell, and buy LEGO sets. The website works like other forum ecommerce stores, where large sellers may have multiple employees creating sets for online payment. The payment options of a store are not managed by BrickLink, leaving sellers with outside solutions. Subsequently, once hackers had access to some seller accounts, they began changing prices and setting consumers up for financial traps. At this time, everyone with a BrickLink seller account or who has bought sets recently should take preventative steps.
Marina Bay Sands
The most significant data breach this week, Marina Bay Sands resort, reported the event may impact 665,000 people. According to the incident report, an unauthorized actor broke into a system housing Sands LifeStyle members’ personal information. The leak potentially included names, emails, numbers, addresses, and membership numbers/IDs. Though Sands has not yet responded to the ransom, LifeStyle members are strongly encouraged to take up defenses immediately.
SaaS analytic professional Sumo Logic defended their systems from a potentially destructive breach conducted via an AWS account. Amazon Web Service (AWS) is a provider that assists organizations with middle and backend solutions. The attack on Sumo occurred via an AWS account, which had stolen credentials. If Sumo Logic had less security, the attack might have been successful; that could have exposed clients in hundreds of industries.
The last and most shocking cyberattack this week happened Wednesday night. ChatGPT and select tools suffered widespread outages that frustrated professionals and dependents of the system. As it turns out, the outages were a symptom of a ramping-up DDoS. The attackers accessed no ChatGPT systems, but the threat actors may have attempted to reach user data. Though ChatGPT successfully defended itself from the DDoS, account holders should still consider taking preventative actions. Data breaches are a matter of “when,” not “if.”