[ad_1]
According to security researchers, the data breach at Capital One could be the "tip of the iceberg" and affect other large companies.
The Israeli security firm CyberInt said that Vodafone, Ford, Michigan State University and the Ohio Department of Transportation could also be victims of the same data breach, according to which more than 106 million applications for credit and files were stolen from a cloud server managed by Capital One by an alleged hacker. Paige Thompson, a Seattle resident who was arrested by the FBI earlier this week.
It follows previous Forbes reports and security journalist Brian Krebs stating that Capital One may not have been the only company affected, pointing to "one of the world's largest telecommunications providers, an Ohio government agency and a large American university, "according to Slack. messages sent by the suspected hacker.
The same messages were published in a CyberInt report released Wednesday. "Other names can be deduced from file names," says the report, including Apperian, Infoblox, and Wakoopa.
Loose messages from the alleged hacker. (Image: CyberInt / provided)
The Justice Department said Thompson could face additional charges – suggesting that other companies may have been involved.
We contacted several of the people named by CyberInt with mixed results. Only the Ohio Transportation Department confirmed that data had been stolen and that he was working with the FBI. "At this point, however, we can confirm that the information contained in the referenced file contained only publicly available data and that no private information was stored there," spokeswoman Erica said. Hawkins.
Ford spokeswoman Monique Brentley told TechCrunch that she "was investigating the situation to determine if Ford's information was involved."
Vodafone spokesman Adam Liversage said the telecommunications giant was "unaware" of his stolen data during Capital One's violation.
And a spokesman for Michigan State University said that he was receiving "hundreds of threats and attacks on our system" and that it was "hard to know if anybody of these was recently the alleged hacker of the situation in Capital One.
"Our teams are studying but we have no information to share at the moment," spokeswoman Emily Guerrant said.
The hacking of Capital One is the biggest data breach this year. The data was stolen from a storage compartment based on Amazon Web Services, which included more than 140,000 social security numbers and over one million numbers from social insurance in Canada, as well as data sources. other personal information.
Capital One stated that it learned the infringement through the intermediary of a third party who would have read the allegations of the alleged hacker and would boast about these thefts.
Security researcher John Wethington told TechCrunch that, according to public information – including the Slack channel, the alleged hacker was a member – it is likely that other companies were robbed of data.
"Based on the information gathered from publicly available information on the accounts of suspected hackers Github and Gitlab as well as public information from Slack channel, it is clear that organizations such as Ford, Vodafone and others are potentially victims of what appears to be mbadive piracy of sensitive data. Spree, he said.
At the time of writing, Thompson faces five years in prison and a fine of up to $ 250,000.
Source link
