Bits ‘n Pieces (Trozos y Piezas)
CR: CONASSIF Hacked With Chinese Characters
El Consejo Nacional de Supervisión del Sistema Financiero (CONASSIF) is involved with the Costa Rican financial system. On March 20, the Computer Security Incident Response Center (CSIRT-CR) on the website of the Ministry of Science, Innovation, Technology and Telecommunications (MICITT), issued an alert involving the website of CONASSIF after the website was found to have been defaced.
The alert states the following (translated):
“For the population’s peace of mind, the CONASSIF informed that said page does not contain information of the entities they supervise and that it is outside the infrastructure of the Central Bank of Costa Rica (BCCR), since its content is merely informative about the regulation approved by the Council.
laNacion reports some details:
“It was deactivated shortly after 9 a.m., when its content was usurped with designs written in Chinese characters, this newspaper confirmed from photographs of the screen which began to circulate in computer technician chat forums”.
A Google translation of the Chinese message on the site said, ““Use for illegal purposes, the author is not responsible for the consequences!“
There has been no update on this incident from the CSIRT-CR. The CONASSIF page says it is under maintenance and will be back in three days.
This appears to be a hack with defacement but CONASSIF hasn’t actually confirmed they were hacked. What they have said is that no personal or financial information would be involved because they don’t store any and are not connected to the national bank’s system for such data.
PA: Fabrega Molino leaked by BlackCat
Fabrega Molino is Panamanian law firm that has reportedly been hacked and leaked by BlackCat. BlackCat claims to have 113GB of files from this firm, which was added to their site on March 18. BlackCat’s post does not indicate whether they locked the victim or just exfiltrated data.
The data leak includes some documents with personal information such as passports and a will.
The firm did not reply to an inquiry from DataBreaches. Their statement on their website is lacking in any meaningful details on the type of information involved (translated)
…. we detected an isolated security incident in one of our networks, which was contained and resolved immediately by our team of cybersecurity experts.
Additionally, we inform you that we have proceeded to strengthen the protection and security measures of the Firm’s computer equipment, following the recommendations of our experts.
There is also no mention of notifying individuals or any mitigation services.
DataBreaches has received no reply to a second email inquiry sent to them about whether there was customer data stolen and leaked. DataBreaches has also asked BlackCat that question but has not received a reply.
MX: Vazquez Nava Consultores y Abogados, S.C Hit by Medusa
A Mexican firm of consultants and lawyers has been added to the Medusa leaks page with some proof of claim. Looking at the list of files, there are human resources data with personal information.
On March 20, DataBreaches sent the firm an email seeking confirmation or denial of Medusa’s claims and additional details. They have not replied and there is no statement on their website about any incident.
UPDATE: Autoridad de Acueductos y Alcantarillados Attack was by Vice Society
Last week, DataBreaches reported that AAA had confirmed a cyberattack but would not be paying any ransom because no employee or customer data had been breached.
That appears to have been inaccurate. Since then, Vice Society has added AAA to their leak site, and it is clear that there is personal data in there like passports and Social Security numbers.
Editing by Dissent