The biggest leak in the history of Apple appeared to be the fault of a trainee
In early February 2018, an unknown person posted iBoot source code on GitHub, the code responsible for iOS trusted boot process. The leak is the largest in the history of the company and makes it easier for attackers to hack the operating system of Apple devices.
Further investigation revealed a trainee was involved in the info leakage: his friends, who are experts in jail-breaking, asked him to steal a part of the code. All of the five friends had access to the hacked information. They weren’t planning on distributing the code or using it against Apple.
However, the situation quickly got out of control: one of the friends shared the info with another person who later published the stolen part of the code. At the request of the company, the publication was removed from GitHub, but that did not prevent the code from being spread across the Web.
iBoot source code is the most valuable and is carefully protected. The company will pay off $200 000 for failures and errors found during the system boot. This is the largest remuneration which can be possibly granted within the Apple vulnerability search program.
“Besides employees, their friends might get an access to protected information. The consequences of the info breach are financially disastrous. According to the Cost of Data Breach Study, the loss of customers makes an average American company pay 4.13 million dollars. Another 1.5-million-dollar sum is spent on investigation, rehabilitation and litigation,” commented Alexei Parfentiev, SearchInform analyst.
Personal data of 12 thousand bloggers uploaded to Amazon Web Services S3 cloud storage disclosed
Data in the cloud belonging to marketing firm Octoly was exposed in early January 2018. Included in the files was a backup copy of the database with information about marketing operations in Europe and North America.
The erroneous configuration of the cloud storage appeared to be the cause of the incident. As a result, the personal data of 12,000 bloggers promoting the products of such brands as Dior, Estée Lauder, Lancôme and Blizzard Entertainment was exposed. In addition to the bloggers’ personal data, client company information and commercial secrets were compromised.
While the backup copy was deleted a week after the discovery, regularly updated personal data remained accessible until 1 February, 2018. UpGuard experts say according to the cybersecurity risk score scale, the Octoly data leak scored 760 out of the maximum 950 points.
“The problem is that this type of leakage is difficult to detect. It may take months before the company learns about the loss of information. An error in the cloud storage settings is just one of many risks that threaten corporate information,” emphasises Alexei Parfentiev.
Data of 10% of the country’s population exposed by the largest telecommunication company in Switzerland
Swisscom mobile network acknowledged that at in the end of 2017 the personal data of about 800 000 clients (or every tenth Swiss citizen) was compromised. The incident was discovered during a routine check.
Representatives of Swisscom announced that the violators used the access rights of a sales partner. The company also reported on changes to the IS policy: access control was improved, numerous customer data requests at one session were disallowed and two-factor authentication for partners to access the data was introduced.
“Insider’s actions, deliberate or accidental, result not only in reputation loss, but also in financial damage, and the business needs comprehensive protection. According to Gartner, today about half of the world’s companies protect their business using DLP-systems, and in two years their number will grow to 85%. A modern DLP System helps to detect leaks intercepting events in real time,” said the leading analyst at SearchInform.
Personal info of 2,300 colleagues stolen by a former employee in California
On February 15, 2018 the California Department of Fish and Wildlife sent out a message within the organisation notifying the employees of an incident involving personal data theft.
The incident was discovered in the end of 2017, and it probably took the organisation two months to conduct a proper investigation. A former employee of the department uploaded the personal data of 2,300 colleagues, as well as contractors, to his personal portable device and took it outside of the corporate network.
“According to our research, 47% of information leaks occur due to the former employees’ activity, and the statistics are alarming. The dismissed employees should be included in the risk groups to prevent the company information leakage. Special software will help control the intention of the employees on the verge of quitting,” says Alexei Parfentiev.
Illegal access to state employees’ data revealed thanks to WhatsApp
The Service and Payroll Repository of Kerala (SPARK, India) database containing personal data of Kerala state officials was compromised and confidential information exposed.
A discussion about salaries of Kerala State Civil Supplies Corporation Limited employees was conducted via a WhatsApp group. The security breach was noted after an assistant manager complained about the distribution of his salary details over the messenger.
The violation of the access to the Supplyco Employee Information and Payroll System with records of employee personal data, credit reports and other information sparked the incident.
“Messengers are popular both for personal purposes and in the workplace. IS specialists think of them as another data leakage channel as well as a useful source of information. WhatsApp drew attention to the fact that the access rights were violated. Thanks to the ability to control the communication channel and employees’ activity, it’s possible to detect such incidents before the consequences get overly oppressive,” summed up the SearchInform specialist.
For more information, go to: https://searchinform.com/threats/guideline-2/
SearchInform is the leading information security company with offices in the CIS, Europe, the Middle East and Latin America. For over a decade the company has been a technological trailblazer focusing on contemporary cybersecurity threats, protecting business and government institutions against data theft and harmful human behavior.
More than 2,000 companies across all major economic domains, from banking and retail to machinery and fighter jet manufacturers, look to SearchInform for efficient holistic information security to defend against ever-improving threats and avoid damaging security breaches and other ominous consequences.
- EQ in the Workplace | #eBizInsigights |Howard Feldman - October 16, 2019
- Actionable intelligence essential for cyber defence #eBizWires - October 16, 2019
- Synthesis joins Confluent Partner Programme | #eBizWires - October 14, 2019
- IWG explores the aspects of franchising that makes it a popular choice amongst African Investors in times of uncertainty - October 14, 2019
- Insurers need contextualised marketing| #eBizInsights - October 11, 2019
- SPARK Media hosts Michael Charton in #RWC forgotten Bokke vs New Zealand tales: An invitation | #eBizWires - October 9, 2019
- Empowering those who care for the Disabled | #eBizPayItForward| Xelda Rohrbeck - October 9, 2019
- Great Karoo Spirit gin wins big with Bossieveld Gin - October 8, 2019
- Rugby World Cup 2019…the numbers you never knew| #eBizInsights| Richard Lord - October 8, 2019
- R1.3-MILLION FIRST PLACE PRIZE FOR BEST LOCAL SOCIAL INNOVATION | #eBizPayItForward| Bridgit Evans - October 7, 2019