This Week in Data Breaches: Two Cryptocurrency Exchanges Hit by Data Breaches
Welcome to this week’s round-up of the latest data breaches, leaks, and privacy intrusions. This week: Honda operations halted in the wake of a major ransomware attack, a data breach at the Japanese cryptocurrency exchange Coincheck, and concerns about SIM-swapping attacks following a hack at Coinsquare.
Honda Operations Halted Following Major Ransomware Attack
On Tuesday, Honda operations around the globe were halted after the company was hit by a ransomware attack that affected production, sales, and development. Reports indicate that “Snake” ransomware was most likely used to encrypt files and hold them for ransom. The attack affected the company’s ability to access internal systems and impacted production outside of Japan, including operations in the UK, United States, Turkey, and Italy.
"Honda can confirm that a cyber-attack has taken place on the Honda network. Work is being undertaken to minimize the impact and to restore full functionality of production, sales and development activities,” Honda said in a statement.
Snake ransomware is usually used to target industrial control systems. Once inside a network, Snake ransomware can wreak havoc and shut down systems until the ransom is paid. According to the company, there have been no signs of data being compromised and production has resumed at most plants.
At this time Honda Customer Service and Honda Financial Services are experiencing technical difficulties and are unavailable. We are working to resolve the issue as quickly as possible. We apologize for the inconvenience and thank you for your patience and understanding.
— Honda Automobile Customer Service (@HondaCustSvc) June 8, 2020
Ransomware attacks have grown ubiquitous, plaguing cities, hospitals, and businesses and forcing victims to dole out thousands of dollars in ransom, usually paid out in cryptocurrency. In January, Travelex, the world’s largest foreign exchange bureau, was held ransom for $6 million by hackers in an attack that shut down all of its airport exchange kiosks. A few months earlier, a coordinated ransomware attack in Texas took down IT systems across almost two dozen towns.
Customers Exposed in Coincheck Data Breach
Coincheck, a large Japanese cryptocurrency exchange, has suffered a data breach. Hackers gained unauthorized access to the company’s domain registration account and then used that access to send emails to customers asking for information. Some 200 customers replied to the fraudulent emails, exposing their names, addresses, phone numbers, and ID documents, information that can be used to commit identity fraud.
In effect, the breach served as the basis for a sophisticated phishing attack. “Due to this event, a third party who made unauthorized access...fraudulently sent some emails from our customers during the period from May 31 to June 1, 2020...we have also asked the domain registration service operator to investigate, and we will promptly inform you when new information is discovered in the future,” the company said in a statement. Although no customer funds were impacted, Coincheck has suspended crypto remittances indefinitely.
This isn’t the first time that Coincheck has been hacked. In January 2018, 500 million NEM tokens were stolen from the exchange. Following the hack, Japan’s financial regulator, the Financial Services Agency, ordered Coincheck to improve its security practices and the company eventually repaid all affected customers.
Stolen Coinsquare Data Being Used for SIM-Swapping Attacks
According to a report by Motherboard, hackers who stole data from Coinsquare are planning on performing SIM-swapping attacks using the information. The stolen data includes over 5,000 email addresses, phone numbers, and home addresses stolen from Coinsquare, a Canadian cryptocurrency exchange.
Coinsquare maintains that the information was stolen from a third-party, not directly from the exchange itself. Regardless of how the data was exposed, it now poses a risk to customers. Reports of SIM-swapping attacks have become increasingly common, from a string of Instagram account takeovers to a handful of victims who have had their checking accounts drained. SIM-swapping is used by identity thieves and fraudsters to take control of phone numbers in order to gain unauthorized access to accounts that use SMS-based two-factor authentication.
How does it work? First, a fraudster contacts a mobile carrier’s customer support and tricks them into transferring someone else’s phone number to a SIM-card that they control. This allows the attacker to intercept two-factor authentication codes and gain unauthorized access to the victim’s online accounts. Once they have access to important accounts, they can steal more personal data or money.
To learn how to protect yourself from SIM-swapping attacks, check out our guide to protecting your phone from hackers.
Check out more of our in-depth security and privacy guides:
Bloom: Your Data, Your Credit, Your Privacy
At Bloom, we are giving you the tools to take back control of your data all in one simple app. No more centralized data storage. No more selling off your data to the highest bidder. Bloom enables you to own, control, and protect your data using the latest advancements in blockchain technology.
It’s time to take back control of your data and unlock the power of a secure identity today. Download the Bloom mobile app to build a digital identity, monitor your credit, and get free data breach alerts with Radar!