In this week’s digest, we dive into the biggest cyber security stories, including a ransomware attack on audio giant Bose and the group behind the SolarWinds hack’s latest attack. Keep reading to find out the latest and biggest cyber security stories.
High-end audio maker Bose announced that they suffered a ransomware attack, which began in March. Bose has claimed they were able to conduct a successful incident response without paying the ransom demand. However, the attackers were able to access company data, including employee files. Dark Web monitoring had not shown any indication that the impacted employee’s data has been leaked or sold online yet.
On Wednesday, officials announced that attackers accessed the data of several Japanese agencies via Fujitsu’s “ProjectWEB” information sharing tool. By gaining unauthorized access to government systems via the tool, attackers could obtain at least 76,000 email addresses and proprietary information, including the email system settings. Since Wednesday, Fujitsu suspended its ProjectWEB portal while the attack is investigated. It is not yet clear if the incident is the result of a vulnerability exploit or a targeted supply-chain attack.
This week Canada Post confirms a data breach following a third-party supplier ransomware attack. Canada Post is the primary postal operator in Canada, serving 16.5 million Canadian residential and business addresses. Canada Post disclosed that a third-party supplier named Commport Communications suffered a ransomware attack, affecting 44 Canada Post commercial customers and 950,000 receiving customers. They do not believe that any financial information was breached.