Global Cyber Pulse 26th  September 2024

September 26, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

Star Health sues Telegram over a data leak by a hacker, Aadhaar data leak is under investigation by UIDAI and CERT-In, CISA issues warnings of cyber attacks targeting critical infrastructure, YouTuber BeerBiceps is hacked with channels renamed for a crypto scam, and public Wi-Fi services at Reading Station are disabled following a major cyber attack.

Stay tuned for more news updates and trends.

Star Health Sues Telegram Over Data Leak by Hacker

Star Health Insurance has initiated legal action against messaging platform Telegram after discovering that a hacker used Telegram’s chatbots to leak sensitive company data. Reports suggest that the self-proclaimed hacker released personal information and medical records of policyholders through these chatbots.

Last week, Reuters reported the breach, which involved the unauthorized distribution of confidential customer data. In response, a court in Tamil Nadu granted Star Health a temporary injunction, ordering Telegram to block chatbots or websites facilitating the dissemination of this data. Star Health labeled the incident as an “illegal hacking” operation, accusing the hacker of unauthorized access to highly sensitive information.

As of now, Telegram has not issued a public statement on the lawsuit or data breach.

Aadhaar Data Leak Under Investigation by UIDAI and CERT-In

The Unique Identification Authority of India (UIDAI) and CERT-In are currently investigating the potential leakage of Aadhaar card data from several websites. Government sources told Moneycontrol that the government is prepared to take strict action against entities responsible for exposing sensitive citizen data.

A simple Google search for “index of Aadhaar card” revealed numerous websites hosting personal Aadhaar information, including full citizen details such as name, address, and card number. One of the implicated websites, operated by Indian Aerospace and Engineering in Navi Mumbai, was still leaking data as of September 26, highlighting the ongoing nature of the breach.

Officials from UIDAI and CERT-In are assessing the extent of the breach, and the government has pledged to act against any violations uncovered during the investigation.

Public Wi-Fi Disabled at Reading Station Following Major Cyber Attack

A widespread cyber attack has disrupted public Wi-Fi services at Reading Station, part of a broader attack affecting 19 train stations across England. Passengers attempting to access the Wi-Fi were redirected to a webpage titled “We love you, Europe,” which included details of terror attacks both in the UK and internationally.

The targeted stations include major hubs such as Manchester Piccadilly, Birmingham New Street, and Glasgow Central, along with 11 stations across London. Authorities are concerned that this attack may not be isolated to train stations and could extend to other organizations, raising alarms about the security of critical infrastructure across the UK.

Investigations are ongoing, but no further details about the perpetrators or their motives have been released.

Binance Dismisses Allegations of Data Breach Affecting 13 Million Users

Cryptocurrency exchange Binance has publicly denied allegations of a data breach involving sensitive information of 13 million users. The claims originated from a dark web post by a threat actor using the pseudonym “Firebear,” who claimed to have accessed 12.8 million user records during a supposed platform compromise in August 2024.

The hacker alleged that they had stolen information such as names, email addresses, and transaction histories. However, Binance’s internal investigation found no evidence of such a breach and categorically rejected the allegations. The exchange reiterated its commitment to user security and stated that the claims were entirely baseless.

This comes amidst heightened scrutiny of security practices across major cryptocurrency platforms as they handle vast amounts of user data and financial assets.

YouTuber BeerBiceps Targeted in Hack, Channels Renamed for Crypto Scam

Prominent YouTuber Ranveer Allahbadia, also known as BeerBiceps, became the victim of a sophisticated cyber attack that resulted in the takeover of his two YouTube channels. The hackers renamed the channels to “@Elon.trump.tesla_live2024” and “@Tesla.event.trump_2024,” deleting all previous videos.

The hackers used the channels to livestream an AI-generated avatar of Elon Musk, promoting a cryptocurrency scam. Viewers were prompted to scan a QR code to invest in Bitcoin or Ethereum, with false promises of doubling their money.

The attack is part of a growing trend where hackers gain control of popular social media accounts to promote fraudulent cryptocurrency schemes, tricking viewers into investing in suspicious platforms.

CISA Warns of Cyber Attacks Targeting Critical Infrastructure

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding cyber attacks targeting critical infrastructure, specifically focusing on operational technology (OT) and industrial control system (ICS) devices. These attacks often exploit internet-exposed systems through brute force tactics or by using default credentials, making them relatively unsophisticated yet potentially damaging.

Among the sectors most impacted are water and wastewater systems, where OT devices play a crucial role in regulating water treatment processes, distribution, and pressure. CISA’s warning highlights the potential for serious disruptions to essential services, urging organizations to improve their security measures to protect these critical systems from cyber threats.

As cyber attackers increasingly target vital infrastructure, this advisory serves as a reminder of the importance of securing both hardware and software components involved in essential public services.