06 October 2022

IT Happens...| Bleeping Computer

 All too often and quite frequently


✓ Almost five months ago - for an entire week between May 17 to May 31..."The information within the potentially accessed files included certain individuals' name, Social Security number, driver's license or state identification number, and passport number."..Notification letters sent to affected individuals also reveal no evidence was found that this personal info has been misused until now.

www.bleepingcomputer.com

City of Tucson discloses data breach affecting over 125,000 people

Sergiu Gatlan 
  • October 5, 2022
  • 01:21 PM
  • 7 - 8 minutes

    Tucson, Arizona

    The City of Tucson, Arizona, has disclosed a data breach affecting the personal information of more than 125,000 individuals.

    As revealed in a notice of data breach sent to affected people, an attacker breached the city's network and exfiltrated an undisclosed number of files containing sensitive information.

    The threat actors had access to the network between May 17 and May 31 and might have accessed or stolen documents containing the information of 123,513 individuals.

    TIMELINE



    "On May 29, 2022, the City learned of suspicious activity involving a user's network account credential," the data breach notification reads.

    "On August 4, 2022, the City learned that certain files may have been copied and taken from the City's network."

    The City began notifying potentially impacted individuals on September 23 that, among the sensitive personal information exposed during the incident, the attacker could have accessed the affected individuals' names and Social Security numbers.

    "On September 12, this review concluded, and the review determined that the information at issue included certain personal information," the City revealed in a separate announcement on its official website. 

    Those impacted by the data breach are advised to monitor their credit reports for any suspicious activity that could hint at incidents of identity theft and fraud involving their personal information.

    The City is providing impacted individuals with 12 months of free access to Experian credit monitoring and identity protection services, as well as guidance on defending against identity theft.

    "The City treats the security of information in its possession as an utmost priority and apologizes for any inconvenience this event may cause," the breach notification letters read.

    "As part of its ongoing commitment to the security of information within its care, the City reviewing its existing policies and procedures regarding cybersecurity and evaluating additional measures and safeguards to protect against this type of event in the future."

    Related Articles:

    LastPass says hackers had internal access for four days

    Russian retail chain 'DNS' confirms hack after data leaked online

    American Airlines learned it was breached from phishing targets

    American Airlines discloses data breach after employee email compromise

    SITA data breach affects millions of travelers from major airlines


    ✓ The biggest threat to the election process are influence operations that try to corrupt the integrity of the deliberation. Discussions or messages on social media and forums that deliver unfounded and unverified arguments and facts are typical means to changing a voter's opinion..Fair elections are the foundation of democracy, and baseless claims of electoral fraud are a threat to the principles of government system.

     “Any attempts tracked by FBI and CISA have remained localized and were blocked or successfully mitigated with minimal or no disruption to election processes,” the two agencies says in the report. . .

    www.bleepingcomputer.com

    FBI: Cyberattacks targeting election systems unlikely to affect results

    Bill Toulas
    4 - 5 minutes

    FBI: Cyberattacks targeting election systems unlikely to affect results

    The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) in a public service announcement says that cyber activity attempting to compromise election infrastructure is unlikely to cause a massive disruption or prevent voting.

    The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) assessed the associated risks over time, and neither agency has seen evidence of malicious interference having any measurable impact.

    “As of the date of this report, the FBI and CISA have no reporting to suggest cyber activity has ever prevented a registered voter from casting a ballot, compromised the integrity of any ballots cast, or affected the accuracy of voter registration information,” PSA from the FBI and CISA. . .

    The announcement further explains that election officials are empowered by a set of technological tools and strict procedural controls that greatly mitigate the likelihood of phishing, denial of service, domain spoofing, or ransomware attacks that may affect the voting process in any way.

    This includes the availability of voting systems, the confidentiality of the votes, and the integrity of the election infrastructure.

    Some of the mentioned fail-safes include provisional ballots and backup pollbooks, logic and accuracy testing on the voting systems, and conducting extensive post-election audits.

    In conclusion, the FBI and CISA state that manipulating votes in a meaningful way would be difficult to pass undetected.

    ✓ For example, CISA issued an advisory in June 2022 about vulnerabilities impacting Dominion voting systems used across the U.S. for casting in-person votes.

    Exploiting these flaws would require physical access to the devices, access to the Election Management System (EMS), or the ability to perform supply chain attacks to modify the files before the operating system images are loaded onto ImageCastX devices.

    Technical, physical, and operational controls that are in place prevent any exploitation of the discovered flaws, and so their malicious use would be limited only to spreading or amplifying exaggerated claims about the security of these machines.

    Fair elections are the foundation of democracy, and baseless claims of electoral fraud are a threat to the principles of government system.

    ✓ FBI’s announcement serves as an assertion of trust and aims to instill voters confidence in the country’s election infrastructure.


    As for what people can do to protect themselves from potential attempts of election-related fraud, the FBI has issued the following recommendations:

    • Use official state and local government portals to source information about voter registration, polling locations, voting by mail, provisional ballot process, and final election results.
    • Remain alert to election-related schemes which may attempt to impede election administration.
    • Be wary of emails or phone calls that make suspicious claims about the election process or social media posts that appear to spread inconsistent information about election-related incidents or results.
    • Do not respond to unsolicited email senders, open attachments from unknown individuals, or provide personal information via email.
    • Verify through multiple, reliable sources any reports about compromises of voter information or
    • voting systems, and avoid sharing such information via social media before checking.
    • Be cautious with websites not affiliated with local or state government that solicit voting information,
    • like voter registration information.
    • Report potential crimes—such as cyber targeting of voting systems—to your local FBI Field Office.
    • Report cyber-related incidents on election infrastructure to your local election officials and CISA (Central@CISA.gov).

    ✓ 


    Related Articles:

    FBI: Iranian hackers lurked in Albania’s govt network for 14 months

    FBI warns of Vice Society ransomware attacks on school districts

    FBI: Zeppelin ransomware may encrypt devices multiple times in attacks

    CISA: Hackers exploit critical Bitbucket Server flaw in attacks

    FBI warns of residential proxies used in credential stuffing attacks

    No comments: