Monthly Round Up for the month of December 2024

Deloitte UK Reportedly Cyberattacked for 1 TB of Sensitive Data by Ransomware Group

The Brain Cipher Ransomware group has reportedly claimed responsibility for a cyberattack on Deloitte UK. They allege that they have exfiltrated over 1 terabyte of data. This breach, if confirmed, could have serious implications for Deloitte’s clients and its professional reputation. However, Deloitte has not confirmed the breach, leaving the claim unverified. The group claims to have accessed more than 1 terabyte of compressed data. They also claim to have stolen sensitive client information and internal documents. Deloitte has yet to confirm the incident publicly. This situation underscores the critical need for robust cybersecurity measures in today’s digital landscape.

AWS launches a new service to tackle cybersecurity incidents

Amazon Web Services (AWS) has launched an incident response service with automated features. This service helps organizations manage security events, including data breaches and ransomware attacks. Introducing the new service, AWS said that its Security Incident Response automates the preliminary assessment and investigation of security findings. These findings come from Amazon GuardDuty, the company’s threat detection service, alongside third-party threat detection tools. It also provides 24/7 access to security experts from the AWS Customer Incident Response Team.

Telecom hit by massive cyberattack … over 400 000 files ‘leaked’ 

On 11 December 2024, Telecom Namibia fell victim to a ransomware attack. A group known as Hunters International allegedly orchestrated this attack. This ransomware-as-a-service operation exfiltrated an estimated 626.3GB of data, comprising 492,633 files. Yesterday, Communications Regulatory Authority of Namibia (Cran) CEO Emilia Nghikembua said they take cybersecurity very seriously. “Through the Namibia Cyber Security Incident Response Team (NAM-CSIRT), Cran promptly responded upon identifying the attack. They continue to support the affected operator in mitigating its impact,” she added.

Volkswagen Data Breach: 800,000 Electric Car Owners’ Data Leaked

Volkswagen has inadvertently exposed the personal information of 800,000 electric vehicle owners, including their location data and contact details.

The breach occurred due to a misconfiguration in the systems of Cariad, VW’s software subsidiary. As a result, sensitive data stored on Amazon Cloud was publicly accessible for months.

The exposed information included precise GPS data. This data allowed for the creation of detailed movement profiles of the vehicles and their owners.

This breach compromised the privacy of everyday citizens. It also affected high-profile individuals such as politicians, business leaders, and law enforcement officers.

The breach was discovered by the Chaos Computer Club (CCC), a German hacker group known for its ethical hacking practices. The CCC promptly informed Volkswagen of the vulnerability. This allowed the company to address the issue. They acted before it could be exploited maliciously.

This incident underscores the growing concerns over data privacy in the automotive industry, where connected vehicles are becoming increasingly common.

Ransomware attack on Rhode Island health system exposes data of hundreds of thousands

Rhode Island is grappling with the fallout of a significant ransomware attack that has compromised the personal information of hundreds of thousands of residents enrolled in the state’s health and social services programs. Officials confirmed the attack on the RIBridges system—the state’s central platform for benefits like Medicaid and SNAP—after hackers infiltrated the system on December 5, planting malicious software and threatening to release sensitive data unless a ransom is paid.

Governor Dan McKee, addressing the media, called the attack “alarming” and urged residents to take immediate precautions to protect their information. Compromised data includes Social Security numbers, banking details, addresses and dates of birth. “This breach is a stark reminder of the vulnerabilities in government IT systems,” McKee said. “We are working with Deloitte and law enforcement to contain the damage and restore public trust.”

RBI Imposes Rs51.40 Lakh Penalty on 5 Cooperative Banks

Reserve Bank of India (RBI) has imposed a penalty of Rs51.40 lakh on five cooperative banks for non-compliance with the directions issued by the banking regulator. The highest penalty of Rs36.40 lakh has been imposed on Punjab Gramin Bank.

Other banks penalised by RBI include Yavatmal Urban Cooperative Bank Ltd from Maharashtra. Other penalised banks are Kaithal Central Cooperative Bank Ltd from Haryana and Prime Cooperative Bank Ltd from Gujarat. Kolikata Mahila Cooperative Bank Ltd from West Bengal was also penalised.

These directions include limiting customers’ liability in unauthorised electronic banking transactions. They also involve implementing a basic cybersecurity framework for (UCBs). This follows a graded approach.

RBI found that the Prime Cooperative Bank failed to implement specific cybersecurity control measures as required by RBI’s prescribed framework.

SEBI Imposes INR 10 Lakh Penalty on Stockholding Services for Multiple Regulatory Violations

Market regulator Securities and Exchange Board of India (SEBI) has imposed a fine of INR 10 lakh on Stockholding Services Ltd, formerly SHCIL Services Ltd. This is due to several violations of the SEBI (Stock Brokers) Regulations and related circulars. 

Stockholding Services also failed to ensure accurate reporting of its cybersecurity framework, particularly in relation to the details of the chief information security officer (CISO) required by CERT-In. Although the firm claimed compliance, it was found to have violated SEBI circulars related to cybersecurity.

Link Intime India Fined INR 1 Lakh for Cybersecurity Lapses

Market regulator Securities and Exchange Board of India (SEBI) has imposed a penalty of INR 1 lakh on Link Intime India Pvt Ltd, a registrar to an issue and share transfer agent (RTA), for failing to comply with cybersecurity regulations. 

SEBI’s inspection revealed significant lapses in cybersecurity compliance, including 62 unresolved vulnerabilities identified in a vulnerability assessment and penetration testing (VAPT) audit. These vulnerabilities, comprising nine critical and 17 high-risk issues, were not addressed within the mandated three-month period.