Daily Digest (10/16)

Barnes and Noble Warns Customers of Cyber Attack; European Police, FBI Bust Cybercrime Money-Laundering Ring; Hackers Renew Hacking Attacks on Universities; Almost 2000 Robinhood Market Accounts Exposed in Breach. Click “Continue reading” below.

Barnes and Noble Warns Customers of Cyber Attack 

Barnes & Noble has contacted customers via email to warn that its network was breached by hackers and sensitive information about shoppers may have been accessed.

Barnes & Noble said that it became aware of the attack on Oct.10th.

“It is with the greatest regret we inform you that we were made aware on October 10, 2020 that Barnes & Noble had been the victim of a cybersecurity attack, which resulted in unauthorized and unlawful access to certain Barnes & Noble corporate systems,” Barnes & Noble stated in a press release.

The company stated that there was personal information stored on the compromised servers – including customers’ email addresses, billing and shipping addresses and telephone numbers, Tripwire reports. 

The company claims it has no evidence that personal data was exposed by the security breach but  it “cannot at this stage rule out the possibility”.

Source (all external links): 

European Police, FBI Bust Cybercrime Money-Laundering Ring

European and American officials arrested 20 people in several countries for allegedly participating in an international ring that laundered millions of euros through malware schemes, The Associated Press reported Thursday.

More than 40 homes were searched by agents in Spain, Italy, Bulgaria and Latvia in the international police operation “2BaGoldMule” led by Portuguese investigators and the FBI, the AP reports.  

The operation was under the umbrella of Europol. 

The international ring “QQAAZZ” allegedly laundered cybercriminals’ stolen funds, transferring them between hundreds of bank accounts held in banks across the world, officials told AP. The ring laundered money stolen from victims in the U.S. and European countries and included citizens of Russia, Latvia, Georgia, Bulgaria, Romania, and Belgium, according to the U.S. Justice Department. 

“This operation has shown that through this cooperation we can collectively tackle the global nature of cybercrime. This is the only way forward,” said Carlos Cabreiro, director of Portugal’s National Unit for Fighting Cybercrime, told AP. 

Source:

Hackers Renew Hacking Attacks on Universities 

Iranian hackers with a history of attacking academic institutions have launched a new series of phishing campaigns, security firm Malwarebytes said Wednesday.

The attacks were timed to coincide with the start of the new academic year, ZDNet reports.

Known as “phishing emails,” the attacks contained links to a website posing as the university portal or an associated app, such as the university library, and collected the victim’s login credentials when used. 

The attacks were all orchestrated by the same group, known in cyber-security circles as Silent Librarian, Malwarebytes claims. 

In 2018, members of the group were indicted for a string of attacks on universities, dating back to 2013, ZDNet reports. 

Source: 

Almost 2000 Robinhood Market Accounts Exposed in Breach

An estimated 2,000 Robinhood Markets accounts were compromised in a hacking spree that siphoned off consumer funds, according to an unidentified individual with knowledge of an internal review.

The company claimed on Oct. 9 that a small number of customers had been struck by cyber-criminals who breached personal email accounts outside of Robinhood, an assertion that some of the victims acknowledge and others reject, Bloomberg reports. 

The attacks unleashed several complaints on social media as the company does not have a customer service phone number. 

“We always respond to customers reporting fraudulent or suspicious activity and work as quickly as possible to complete investigations,” the company said in an emailed statement to Bloomberg. 

“The security of Robinhood customer accounts is a top priority and something we take very seriously.”

Source: 

– DPN Staff