fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

US Cities Disclose Data Breaches After Vendor’s Ransomware Attack

US Cities Disclose Data Breaches After Vendor’s Ransomware Attack

A ransomware attack against the widely used payment processor ATFS has sparked data breach notifications from numerous cities and agencies within California and Washington.

Automatic Funds Transfer Services (AFTS) is used by many cities and agencies in Washington and other US states as a payment processor and address verification service. As the data is used for billing and verifying customers and residents is wide and varied, this attack could have a massive and widespread impact.

The attack occurred around February 3rd when a cybercrime gang known as ‘Cuba ransomware’ stole unencrypted files and deployed the ransomware.

The cyberattack has since caused significant disruption to AFTS’ business operations, making their website unavailable and impacting payment processing. When visiting their site, people are greeted with a message, stating, “The website for AFTS and all related payment processing website are unavailable due to technical issues,” as shown below.

Also Read: What Is A Governance Framework? The Importance And How It Works

Automatic Funds Transfer Services (AFTS) website

BleepingComputer discovered that the attack was conducted by a cybercrime operation known as ‘Cuba Ransomware’ after the hackers began selling AFTS’ stolen data on their data leak site.

Like other human-operated ransomware, Cuba will breach a network, spread slowly through servers while stealing network credentials and unencrypted files, and finally end the attack by deploying the ransomware to encrypt devices.

According to the data leak page, the Cuba gang claims to have stolen “financial documents, correspondence with bank employees, account movements, balance sheets, and tax documents.”

Cuba ransomware data leak page for AFTS

If the ransomware gang cannot find a buyer for the data, they will likely release it for free, allowing the data to be used by other threat actors.

Affected cities and agencies

Due to the large amount of potential data allegedly stolen by the Cuba Ransomware operation, cities utilizing AFTS as their payment processor or address verification service have begun disclosing potential data breaches.

The potential data exposed varies depending on the city or agency, but may include names, addresses, phone numbers, license plate numbers, VIN numbers, credit card information, scanned paper checks, and billing details. 

Below we have listed the cities and agencies that have released data breach notification, with more likely to follow in the future.

Also Read: Website Ownership Laws: Your Rights And What These Protect

California Department of Motor Vehicles [Data Breach Notification]:

Automatic Funds Transfer Services, Inc. (AFTS) of Seattle was the victim of a ransomware attack in early February that may have compromised information provided to AFTS by the DMV, including the last 20 months of California vehicle registration records that contain names, addresses, license plate numbers and vehicle identification numbers (VIN). AFTS does not have access to DMV customers’ Social Security numbers, birthdates, voter registration, immigration status or driver’s license information, therefore this data was not compromised.

City of Kirkland, Washington [Data Breach Notification]:

The information stored in the AFTS databases is limited to data necessary to fulfill utility billing and payment processing of paper check payments.

At this time, we have no knowledge that any personal information belonging to any Kirkland utility customers has been accessed or misused. However, AFTS is currently conducting an investigation to determine what personal information might have been accessed by the ransomware actors, if any, and will inform Kirkland of that information when it becomes available. We can confirm that ATFS’ database does not contain any of our customers’ social security numbers, dates of birth, driver’s license numbers, state ID numbers or credit card numbers.

City of Lynnwood, Washington [Data Breach Notification]:

The City of Lynnwood contracts with AFTS to mail our printed utility statements to customers. Information that is included in the mailed statements includes the customer name, address, and utility account number. Lynnwood’s information stored in the AFTS database is limited to data necessary to fulfill the printing and mailing of utility bills. Payment methods are processed by a different vendor who has not been impacted by this incident.

City of Monroe, Washington [Data Breach Notification]:

The information stored in the AFTS databases is limited to data necessary to fulfill utility billing and payment processing of paper check payments. Electronic payments are processed by a different vendor who is not impacted by the incident. Potentially breached information from the AFTS database may have included the following personal information: utility bill account number, name, address, and billing amounts. Additionally, for residents or businesses who pay their utility bills by mailing a paper check, scanned copies of their paper checks are also stored on the AFTS servers which include bank account and routing information. It is unknown at this time whether these scanned copies of checks have been illicitly extricated from the network. The databases do not contain social security numbers, birth dates, driver’s license numbers, state ID numbers or any other Personally Identifiable Information (PII). The databases do not contain any resident or commercial business credit card information.

City of Redmond, Washington [Data Breach Notification]:

Personal information may have been exposed including names and addresses of utility customers. The City of Redmond is working closely with AFTS to determine the extent of the breach and if any of the City’s information was compromised.

City of Seattle, Washington [Data Breach Notification]:

The City of Seattle has recently learned that a third-party utility billing vendor, Automatic Funds Transfer Services, Inc. (AFTS), which is used by a small number of City departments, was the victim of a ransomware attack. City departments use this vendor for commercial billing, printing, and mailing services. 

Lakewood Water District [Data Breach Notification]:

The information stored in the AFTS databases is limited to data necessary to fulfill billing and payment processing of paper check payments. Electronic payments are processed by a different vendor who is not impacted by the incident. Breached information from the AFTS database may have included the following personal information: water bill account number, name, address, and billing amounts. Additionally, for residents or businesses who pay their utility bills by mailing a paper check, scanned copies of their paper checks are also stored on the AFTS servers which include bank account and routing information. It is unknown at this time whether these scanned copies of checks have been illicitly extricated from the network.

Port of Everett [Data Breach Notification]:

We have no indication Port of Everett’s customers information has been compromised, but we wanted to make you immediately aware of the risk of potential exposure of your personal and/or credit information as soon as possible.

As more cities, agencies, and organizations disclose data breaches, we will update the above list.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us