FTC Takes Legal Action Against Sendit for Collecting Children’s Data

This week, the cybersecurity landscape features significant incidents, notably the FTC’s lawsuit against Sendit for unlawful children’s data collection, another breach involving Harrods, an incident affecting Allianz, and a cyberattack disrupting Asahi’s operations in Japan. WestJet has reported a data breach, while Kido Nursery faces ransom demands. Meanwhile, a VMware exploit and the resurgence of the DarkCloud infostealer are concerning trends.

See Also: Why Cyberattackers Prefer ‘Living Off the Land’

The U.S. Federal Trade Commission has initiated legal action against Iconic Hearts Holdings Inc. and its CEO, Hunter Rice, concerning the Sendit app, which is popular among teens. The FTC has accused them of unlawfully collecting personal data from minors and employing misleading practices. The app, which serves as a social “icebreaker” on platforms like Snapchat and Instagram, boasts over 25 million claimed users, predominantly teenagers.

In 2022 alone, 116,000 U.S. users under 13 were reported registered on the platform, a clear violation of the Children’s Online Privacy Protection Act. The agency’s complaint highlights the unauthorized collection of personal details, including phone numbers and photos, without obtaining parental consent.

Additionally, the FTC alleges that Sendit misled users by generating fake anonymous messages and falsely advertising a premium membership that purportedly revealed the identities of message senders, often delivering generic or misleading responses instead.

Harrods’ Breach Exposes 430,000 Records

UK luxury retail giant Harrods announced a significant data breach linked to a third-party supplier, compromising the personal data of approximately 430,000 online customers. The breach uncovered on September 29 did not expose passwords or financial details but did reveal names, contact information, and loyalty program data.

Harrods identified this incident as a standalone event and asserts no connection to a previous cyberattack attributed to Scattered Spider affecting various retailers in May. The company noted the hackers attempted to initiate direct contact, hinting at extortion efforts, which Harrods declined to engage with, echoing the counterproductive nature of negotiating with cybercriminals.

Allianz Life Insurance Company reported a data breach affecting its 1.4 million U.S. customers, stemming from a social engineering attack targeting a third-party CRM system. Attackers impersonated IT staff to gain unauthorized access, exposing sensitive personal information, including names and contact details. The incident was identified on July 17, with immediate notification to the FBI, and Allianz assured that its internal systems remained secure during the breach.

Asahi Group Holdings announced that a cyberattack had disrupted operations across its domestic subsidiaries, halting production in several plants. Although the investigation is ongoing, the company noted no evidence of personal or customer data breaches. This attack has affected orders, shipments, and customer service operations within Japan.

The attack’s precise nature remains under scrutiny, and Asahi, which holds nearly 40% of Japan’s beer market, has not provided a timeline for recovery. The incident signifies an escalating trend of cyber threats targeting major corporations.

WestJet Data Breach Impacting 1.2 Million Passengers

Canadian airline WestJet confirmed a data breach affecting personal data of 1.2 million customers earlier this year. Data compromised includes personal identification details and travel documents, but financial information remains secure. The breach occurred after an attacker exploited social engineering tactics to gain unauthorized access to an employee account.

An extortion attempt has emerged following a cyber breach at Kido, an international preschool chain, with hackers alleging they accessed sensitive data belonging to 8,000 children. The attackers have threatened to release this data unless a ransom is paid. Although Kido has not yet confirmed the breach publicly, municipal police have been informed and are currently investigating the claims.

Nviso Labs reported that a recently patched vulnerability in VMware products is now under exploitation by Chinese-linked threat actors. This privilege escalation flaw allows non-administrative users to elevate their access to root status within vulnerable systems. The attackers likely employed initial access techniques to exploit this vulnerability, emphasizing the critical need for timely software updates to mitigate such risks.

Attacks involving the DarkCloud infostealer have surged, targeting sensitive data through phishing campaigns. Recently, researchers identified version 4.2 during a targeted attack against a manufacturing firm. This malware can harvest various forms of sensitive information and has been disseminated through channels previously used in other cybercrime operations.

Conclusion and Implications for Businesses

The multitude of recent cyber incidents highlights the pervasive risks faced by organizations today. The adoption of robust cybersecurity measures, awareness of potential vulnerabilities, and responses aligned with frameworks like the MITRE ATT&CK can significantly reduce the likelihood of successful attacks. Organizations are urged to remain vigilant and prepared to adapt to evolving threats in the digital landscape.