Blog Post

December 2023 Cyber Event Roundup

January 11, 2023

Table of Contents

Threat Actor Claims to Sell Data of 400M Twitter Users

During the last week of December, a threat actor who goes by the name “Ryushi”, claimed to be selling public and private data of 400 million Twitter users, which was scrapped in 2021, using an API vulnerability which was fixed by Twitter in 2022.

Since then, Ireland’s Data Protection Commission (DPC) notified that it "will examine Twitter's compliance with data-protection law in relation to that security issue."

In 2022 several large fines have been issued by the DPC for data and privacy violations. For example, in September 2022 Instagram was fined €405M, after it was found that the company made the contact information of users aged between 13-17 public, including their email addresses and phone numbers.

BTC.com Reports $3M Stolen in Cyber Attack

BTC.com, one of the world's largest cryptocurrency mining pools, reported that around $3M of assets were stolen from it following a cyberattack, which was detected on December 3rd 2022. The company, which is one of the largest cryptocurrency mining pools in the world, said it has managed to recover $700K of stolen client assets, while the remaining $2.3M, which are assets owned by the company, have not been recovered. No additional information about the attack method or the stolen data could be found.

Kovrr Insights: Cyber Trends

In Kovrr’s 2022 End of the Cybersecurity Year Roundup, one of the main data breach trends identified in 2022 was the growing number of successful attacks leading to cryptocurrency theft. Several 2022 cryptocurrency attacks led to theft of very large amounts, large enough to be included in the top 5 most costly data incidents of 2022. This trend is expected to continue in 2023.

Book a free demo with Kovrr's cyber risk management experts today.

Thousands of Citrix Servers Remain Vulnerable to Recently Patched Vulnerabilities

Thousands of Citrix servers remain vulnerable to two recently patched Citrix vulnerabilities, CVE-2022-27510 and CVE-2022-27518. The second vulnerability was already actively exploited by attackers when Citrix published a patch to fix it. This is another example which shows that patching vulnerabilities is not as straightforward as it seems. It is probable that some organizations do not know they are running vulnerable Citrix servers, while others are unable to patch the vulnerable servers which they are aware of.

Kovrr Insights: Industry Benchmark

Kovrr’s Cyber Incidents Database identified 19 vulnerabilities which affected Citrix products in 2022, one of which is known to be actively exploited (CVE-2022-27518).

Uber Breached, Again, Through a Third-Party Service Provider

In mid-December 2022 Uber suffered another data breach, when attackers breached an Amazon Web Services (AWS) server used by an Uber third party provider and published the stolen data on the BreachForums hacking forum.

Attackers published several samples which are claimed to be internal Uber source code, and also leaked the personal information of 77,000 Uber employees. No customer data is believed to have been compromised in the breach. A high-profile Uber breach which occurred in 2016, and exposed the data of around 57 million customers and drivers, led to the firing of CISO Joe Sullivan, and cost the company around $148M.

Guy Propper

Data Team Lead

No items found.
Industry Recognition