Security News

Robinhood was hacked and extorted

Plus, ransomware locks up the UK Labour party and Xfinity Comcast mysteriously goes down

Commission-free stock trading company Robinhood published a blog post announcing it was the victim of a data security incident where hackers obtained 500 million email addresses, 200 million full names, and more specific personal information including names, birthdates, and zip codes of about 310 people. “Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident,” reads the blog post. The company reported that the hack was the result of a bad actor socially engineering a customer report representative. After compromising the data, the hackers then tried to extort Robinhood. 

“No company is immune to hacks. That's something that will happen sooner or later,” commented Luis Corrons, Avast Security Evangelist. “What really makes the difference is the ability to be able to detect it in a short amount of time, and therefore limit the damage caused by the intrusion. Many companies only learn about these incidents months later, which translates into massive data breaches.” Robinhood says it is currently working with authorities to resolve the matter. 

UK Labour party suffers ransomware attack

The U.K. Labour party posted a notification of data incident on its website, telling members that a cyber incident has put the personal information of its members and affiliated supporters at risk. “The full scope and impact of the incident is being urgently investigated,” the notification says. Labour has about 430,000 members. The party says its own servers were unaffected by the attack, which was instead aimed at “a third-party that handles data on our behalf.” Sources close to the incident told Sky News that it was a ransomware attack. The party says the matter is being investigated by the National Crime Agency (NCA), National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO). 

Mysterious Xfinity Comcast outage affects users across US 

Earlier this week, various Comcast customers in New Jersey, South Carolina, and areas stretching from Chicago to Philadelphia experienced intermittent service. It’s not clear how many customers were affected or what caused the intermittent outages. Customers reaching out to the company only received dial tones or error messages in response. In a tweet later, the company attributed the problem to “a network issue” that has since been addressed. According to The Verge, one Comcast spokesperson commented, “We have addressed the issue and service is now restoring for impacted customers, as we continue to investigate the root cause.” 

FBI charges Russian and Ukrainian ransomware suspects

In a global crackdown on ransomware groups, two suspects have been charged by the U.S. Department of Justice (DOJ) with committing some of the largest ransomware attacks in recent months. The DOJ charged Ukrainian Yaroslav Vasinskyi, 22, for allegedly conducting the Kaseya hack in July, which impacted 1,500 of the software supplier’s clients and clients’ clients. Vasinskyi is currently in custody with the Polish authorities. The DOJ also charged Russian national Yevgyeniy Polyanin, 28, for 3,000 attacks against U.S. government entities and private-sector companies. Polyanin is still at large. The investigation was an international effort among the U.S., Poland, Romania, Ukraine, France, Estonia, Latvia, and Germany. For more, see Ars Technica

US State Department offers $15M for DarkSide info

The U.S. Department of State is offering $10 million for information leading to the identification or location of anyone who holds a key leadership role in the DarkSide ransomware group and $5 million for information leading to the arrest or conviction in any country of anyone conspiring to participate in a DarkSide ransomware incident. Darkside was responsible for the Colonial Pipeline attack in May, which shut down a significant amount of fuel distribution to the U.S. East Coast. The department says it is part of a “whole of government effort to disrupt and dismantle transnational organized crime globally, including cybercrime.” To date, it has paid out more than $135 million in rewards. See the full press statement to learn more. 

This week’s ‘must-read’ on The Avast Blog

This week, we take a look back on the third annual CyberSec&AI Connected, Avast's international conference for AI and machine learning that welcomed cybersecurity experts from both academia and industry.