The Instructure/Canvas data breach that has dominated cybersecurity coverage recently has reached a new stage.
Millions of students had personal data stolen, with extortion group ShinyHunters claiming credit for the data breach and applying extra pressure for their ransom demands by bothering Canvas users directly.
Which seems to have paid off. On the Instructure web page about the recent data breach, a status update dated May 11, 26 says:
“We know that concerns about the potential publication of data related to this incident remain top of mind for many customers. We understand how unsettling situations like this can be, and protecting our community remains our top priority.
With that responsibility in mind, Instructure reached an agreement with the unauthorized actor involved in this incident.”
Read more…
Source: Malwarebites Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- EternalRocks spreads seven Windows SMB exploits
May 23, 2017
Someone has stitched together seven of the Windows SMB exploits leaked by the ShadowBrokers, creating a worm that has been spreading through networks since at least the first week of May. Researcher Miroslav Stampar, a member of the Croatian government’s CERT, captured a sample of the worm last Wednesday in a Windows 7 honeypot he runs, ...
- Russian Cron Malware Operators Arrested Before Banking Malware Taken Abroad
May 23, 2017
With the help of an Android malware, Russian cyber criminals were able to steal from local bank customers and were planning to move their operation to the rest of Europe. Twenty people were arrested as law enforcement tried to kill off the “Cron” malware campaign. Russian security firm Group IB writes that the raids also thwarted ...
- Zomato Breach Exposes 17M User Records, Makes Deal with Hacker to Destroy Data
May 19, 2017
Restaurant guide Zomato has announced that it has been the victim of a data breach which saw the records of 17 million users being stolen from its database. The bad news is that 6.6 million of those are already on sale on a dark web marketplace. The good news is that the company has more ...
- More Hacking Groups Found Exploiting SMB Flaw Weeks Before WannaCry
May 19, 2017
Since the Shadow Brokers released the zero-day software vulnerabilities and hacking tools – allegedly belonged to the NSA’s elite hacking team Equation Group – several hacking groups and individual hackers have started using them in their own way. The April’s data dump was believed to be the most damaging release by the Shadow Brokers till the ...
- Available Tools Making Dent in WannaCry Encryption
May 19, 2017
Tools are beginning to emerge that can be used to start the process of recovering files encrypted by WannaCry on some Windows systems. This takes on extra urgency because today marks one week from the initial outbreak, and files encrypted during that first wave are on the clock and close to being lost forever. Adrien Guinet, of ...
- Shadow Brokers teases more Windows exploits and cyberespionage data
May 16, 2017
A group of hackers that previously leaked alleged U.S. National Security Agency exploits claims to have even more attack tools in its possession and plans to release them in a new subscription-based service. The group also has intelligence gathered by the NSA on foreign banks and ballistic missile programs, it said. The Shadow Brokers was responsible for leaking ...