At a glance.

  • Robert Half confirms customer data breach.
  • RansomHouse gang gloats over attack on Shoprite. 
  • BlackCat demands millions from University of Pisa.

Robert Half confirms customer data breach.

US human resources consulting firm Robert Half has disclosed a cyberattack targeting the accounts of RobertHalf.com users. SecurityWeek explains that the hackers infiltrated the site between April 26 and May 16, and the data of over one thousand individuals were compromised. A notification letter sent to impacted users states, “Upon detection, we required you to reset your account password, and we took steps to strengthen authentication controls for the website.” The compromised data include name, address, Social Security number, wage and tax information, and the last four digits of bank account numbers. Though the company did not disclose how the attack occurred, the company’s focus on resetting passwords indicates a possible credential stuffing operation. 

RansomHouse gang gloats over attack on Shoprite. 

My Broadband reports that Shoprite, Africa’s largest supermarket chain, was the victim of a cyberattack earlier this month, and the RansomHouse ransomware gang is taking credit. Shoprite confirmed a week ago that the incident compromised customer data in the countries of Eswatini, Namibia and Zambia, and the compromised data “included names and ID numbers but no financial information or bank account numbers.” TechCrunch reports that hackers on RansomHouse’s telegram channel claim to have obtained 600 gigabytes of Shoprite data. ITWeb reports that RansomHouse, which says its M.O. is to prey on companies with weak security, described Shoprite’s data as particularly unsecure. “Truth is, it’s been quite some time since we encountered something THAT outrageous: their staff was keeping enormous amounts of personal data in plain text/raw photos packed in archived files, completely unprotected,” a message read. They also indicated they’ve contacted Shoprite to negotiate the return of the data, threatening to publish it if their demands aren’t met, but claim the chain has not responded, instead just focusing on resetting account passwords. The supermarket has not confirmed or denied this claim, stating, “The Group (Shoprite) is not aware of any misuse or publication of customer data that may have been acquired, however, web monitoring relating to the incident continues … there is a possibility that the impacted customer data may be used by the unauthorized party.”

BlackCat demands millions from University of Pisa.

The BlackCat ransomware group has added Italy’s University of Pisa to its list of victims. On June 11 BlackCat posted the message, “Let’s play, the university goes to sleep, the mafia wakes up?” The threat actors demanded a $4.5 million ransom, which they threatened to increase to $5 million if it was not received by June 16. The university has not disclosed whether the demands were met. Cyber Security Hub notes that the attack occurred the same week that Microsoft published a warning about BlackCat ransomware, advising organizations to focus on preventing end-to-end attack chain by more closely monitoring external access and detecting and updating vulnerable Exchange servers in their environment.