Findings.co february data breach round up. Companies like reddit, lastpass, and godaddy made the list.

February Data Breach Round Up

Well, it’s that time of the year again! 

No, I won’t be talking about the Superbowl or Valentine’s Day, or even Groundhog Day for that matter – it’s time for our monthly roundup of data breaches. February 2023 brought us a smorgasbord of security mishaps. It seems like even the big players in the industry can’t catch a break these days. But fear not, dear reader, I’m  here to break down what happened so that your company can protect itself along with your supply chain. Grab a cup of coffee and let’s dive in!

  1. Reddit:

Reddit had a bit of a scare recently… On February 5, 2023, Reddit discovered a phishing campaign that targeted its employees. In an update from the company, they write “as we all know, the human is often the weakest part of the security chain.” In an attempt to steal credentials and second-factor tokens, an attacker sent out plausible-sounding prompts pointing Reddit employees to a website that cloned the behavior of Reddit’s intranet gateway. The attacker was then able to obtain an employee’s credentials, and in turn, was able to  access internal documents, code, and some internal dashboards and business systems. Limited contact information for company contacts and employees, as well as limited advertiser information, were exposed. In the meantime, they’re urging users to protect themselves by setting up two-factor authentication and using a password manager. Stay safe out there, Redditors!

  1. LastPass:

You’re probably thinking to yourself, “hold on  didn’t LastPass JUST announce a breach in December?” They did indeed, which I informed you all about. However, the company disclosed that there was a second incident. In a company notice, LastPass writes, “Despite high confidence in the outcomes of our investigation and actions taken in response to the first incident, the threat actor leveraged information stolen during the first incident, information available from a third-party data breach, and a vulnerability in a third-party media software package to launch a coordinated second attack. The second incident saw the threat actor quickly make use of information exfiltrated during the first incident, prior to the reset completed by our teams, to enumerate and ultimately exfiltrate data from the cloud storage resources.” In this second incident, the attacker targeted an employee. The attacker obtained access to a DevOps engineer’s LastPass vault by capturing their master password after the employee had authenticated with MFA. The attacker then exported the contents of shared folders, which contained encrypted secure notes with access and decryption keys to access AWS S3 LastPass production backups, other cloud-based storage resources, and some critical database backups.


  1. Weee!:

I  have some not-so-tasty news for you all you foodies out there. Weee!, the U.S. online grocery delivery service specializing in Asian and Hispanic foods, recently informed the public that it experienced a data breach. Unfortunately, the breach resulted in cybercriminals stealing a year’s worth of customer data, including names, addresses, email addresses, phone numbers, order numbers, and order comments (like where to leave groceries). While the company is still investigating who is behind the breach, it’s been reported that 1.1 million customer email addresses were compromised. 

  1. GoDaddy:

Uh oh! GoDaddy, the popular web hosting company, suffered a multi-year cyberattack. The company explained, “an unauthorized third party had gained access to servers in our cPanel shared hosting environment and installed malware causing the intermittent redirection of customer websites.” GoDaddy discovered the breach after customers reported that their sites were being redirected to random domains. The company says that previous breaches in November 2021 and March 2020 are linked to this multi-year campaign. Further information about this attack can be found in a 10-K filed by the company. 

  1. A10 Networks:

A10 Networks is a California-based company that specializes in producing hardware and software for application delivery, identity management, bandwidth management, and cybersecurity services. The company’s customers include a number of well-known tech companies and organizations, such as Twitter, LinkedIn, Samsung, and Uber, among others. In an 8-K filing, A10 Networks disclosed that on January 23, 2023, they identified a cyber-security incident in its corporate IT infrastructure. A sneaky gang known as Play Ransomware is claiming responsibility for this attack. After investigation, it was determined that the threat actors managed to gain access to shared drives, deployed malware, and ‘compromised’ data related to human resources, finance, and legal functions.

Companies must continue to prioritize cybersecurity and take proactive measures to protect themselves. While data breaches can be scary, being aware of what happened and taking the necessary precautions can help prevent further damage.

Let's Tackle Compliance Together

Supply Chain Risk Monitoring as a Service
Join us today
Supply Chain Risk Monitoring as a Service
Join us today
Waitlist signup

Welcome to Findings

Let's go over some details to setup your tailor-made account


Please fill your details below and click "Next" to create your account:

Payment

Feature
Startup
Business
Enterprise
Price
$10 / Month
$10 / Month
$25 / Month
VDPaaS
Alerts
Assessments
Integrated Apps
API
Join today and scan ALL YOUR VENDORS for FREE*
* FREE VENDOR SCAN for all of your vendors during your first month.
Feature
Startup
Business
Enterprise
Price
$25 / Month
$200 / Month*
Contact Us
Free vendors scan for 1 month
Findings search engine
Rapid security and compliance profile
Profile/showcase engagements per year
5
40
Unlimited
Multi/unlimited showcase use cases
Showcase compliance badge for your website
Best practice self-assessment
1 Findings or 1 BYOC
Assessment response automation
Personalizable, branded security & compliance showcase page
File/evidence repository
OKTA
DKIM
Out-of-the-box TPRM
20 vendors +
20 rating scans
50 vendors +
50 rating scans
Support
Email
Priority via Phone / Email
Internal Workflows (SO/BO)
Onboarding and customization account setup
*Price for every 40 engagements
Automate assessment response and showcase your cybersecurity posture
Supply Chain Risk Monitoring as a Service
Join us today
.
.
.
.

Thank you for signing up!

Supply Chain Risk Monitoring as a Service
Join us today
.
.
.
.

Thank you for signing up!