Disney Discontinues Slack After Data Breach Incident
Recently, the widely-used corporate communication platform Slack faced a significant cyberattack, resulting in the breach of terabytes of sensitive data. In response to this security incident, the Walt Disney Company, which had previously relied on Slack for its internal communications, has announced its decision to terminate its use of the platform. Disney plans to transition to a different solution by early next year, aiming to bolster the security of its communications.
Hugh Johnston, the Chief Financial Officer of Disney, confirmed this move in an interview with CNBC, stating that all employees will receive instructions to migrate to the newly selected platform, along with training sessions to familiarize them with the new system by the end of the year. This decision highlights the increasing pressure on organizations to reassess their security practices in light of evolving cyber threats.
Hacking Group Compromises X Accounts of UK Parliament and WHO Officials
In another alarming development, a hacking group has recently targeted the X (formerly known as Twitter) accounts of several officials from the British Parliament and the World Health Organization (WHO). The compromised accounts displayed promotional banners for various cryptocurrencies, suggesting an intent to generate illicit gains from their sizeable followings. Among those affected were prominent figures such as Justice Secretary Shabana Mahmood and Labour MP Chris Elmore, both of whom have regained access to their accounts.
This incident underscores the vital importance of implementing robust security measures, such as multi-factor authentication, to mitigate the risks associated with unauthorized access.
Cybercriminals Hack Indian Supreme Court’s YouTube Channel
In a serious security breach, hackers compromised the YouTube channel of the Supreme Court of India, replacing its legitimate content with advertisements for XRP, a cryptocurrency created by Ripple Labs in North America. The nature of this attack raises concerns about whether it was orchestrated as a marketing error or a deliberate hack. Since 2018, the Supreme Court has been live-streaming cases of significant public interest, making this breach particularly concerning for the integrity of its communication.
Swift action from the local government’s cyber teams led to the restoration of the channel within 50 minutes, though the incident raises questions about the security measures currently in place. Investigations are ongoing to ascertain the methods employed in the attack and identify the perpetrators.
These incidents collectively highlight a continuing trend in the cyber landscape where organizations, regardless of their stature or sector, remain vulnerable to breaches that can have severe implications. Adversary tactics such as initial access, privilege escalation, and persistence, as outlined in the MITRE ATT&CK framework, are evident in these attacks, suggesting that businesses must remain vigilant and proactive in their cybersecurity strategies to defend against evolving threats.
