Hackers Steal Info on 1M Survey Participants, Target Microsoft Operating Systems and Online Shoppers

In case you missed our coverage this week in ThreatWatch, Nextgov’s regularly updated index of cyber breaches:

1M Survey Participants' Info Stolen in Washington State University Safe Theft

A burglar made off with a USB drive with the sensitive information of about 1 million Washington State University survey participants, though it’s unclear whether the data was the target.

In April, university officials discovered a safe was stolen from an off-site storage facility; the USB drive was inside. The drive stored backup files for the university’s Social & Economic Sciences Research Center, which designs social science surveys and evaluations on topics like academic success and employment rates, The Spokesman-Review reported.

The drive housed personal information such as Social Security numbers and, in some instances, personal health information from people it surveyed at school districts, community colleges and other customers, the WSU’s alert said.

The center’s past customers include federal agencies, such as the Agriculture Department, the National Institutes of Health, the National Park Service and others, according to its website.

The university is notifying potential victims by mail, set up a dedicated call center and launched a review of the IT operations.

DHS, FBI Warn of Tools Used By North Korean Hacking Group

The Homeland Security Department and FBI issued a joint technical alert Tuesday, detailing the tools and botnet infrastructure associated with cyber actors of the North Korean government.

The agencies refer to malicious activity by the North Korean government as Hidden Cobra, though other security firms have called it the Lazarus Group and the Guardians of Peace. The alert states the actors are targeting media, aerospace, financial and critical infrastructure sectors in the U.S. and around globally with a malware called DeltaCharlie that manages its distributed denial-of-service infrastructure.

Hidden Cobra often targets older, unsupported Microsoft operating systems and Adobe Flash vulnerabilities. The group sometimes steals data while other attacks are disruptive, the alert states.

The alert includes indicators of compromise, malware descriptions, network signatures, and host-based rules to detect activity and urges any organization that does to let DHS’ National Cybersecurity and Communications Integration Center or the FBI's Cyber Watch.

GameStop Confirms Payment Info Breach for Online Shoppers

GameStop recently notified customers their personal information and payment methods may have been compromised in a data breach the gaming retailer previously acknowledged in April.

An undisclosed number of customers received mailed notifications in June, warning them the company’s online shop may have been breached, Threatpost reported. In addition to the payment card numbers, expiration dates and verification numbers, information, customers’ names and addresses may have been stolen between Aug. 10, 2016 and Feb. 9, 2017.

GameStop acknowledged a third-party notified it of the breach. In April, GameStop told Krebs On Security it was investigating reports that payment information from its site was for sale on a website.