

State-sponsored hackers tend to use more sophisticated attacks to target high-value persons of interest, whereas a typical private hacking group would just go for low hanging fruit. Chimera's ability to steal PNR records from the RAM of flight booking servers is much more advanced than your standard data breach, and wouldn't have much direct financial value to the hackers. The fact that Chimera's activity went undiscovered for up to three months shows just how dangerous state-sponsored hackers
.....Read More
Exposing credentials in public Github repositories is a common developer oversight, and cybercriminals routinely scan Github for exposed credentials to steal. Last year, our research team set up a honeypot Github repos containing access credentials to some dummy AWS servers. It took hackers just one minute to find the credentials and break into our honeypot servers. So it's very likely that cybercriminals accessed the UNEP data before researchers. Developers need to scan their code for
.....Read More
Although it's not clear exactly what information was contained in the stolen data, much of it appears to be scans or copies of identification, such as passports. Those documents contain sensitive information that cybercriminals could use to target people whose data was stolen. Victims should be on the lookout for phishing emails and other messages impersonating Hackney Council or some other authority. Never click on links or attachments in an unsolicited email, and always verify the sender's
.....Read More
Every data breach is cause for concern, but we should be particularly worried about attacks on critical infrastructure. In the coming days, I hope the attacker can be identified so we know whether this was a nation-state threat actor or just an independent hacker looking for low-hanging fruit. Thankfully, People's Energy's actual service infrastructure was unaffected, and the vast majority of victims had none of their financial information stolen.
People's Energy customers should be on the
.....Read More





