Top infosec trends in the social media spotlight this week
The Australian state of Victoria had the dubious honor of being the first organization to report a data breach in 2019, as the Premier’s Department said the details of an estimated 30,000 government workers were stolen.
According to ABC News, part of the Victorian government directory was downloaded by an unknown party. Details included employee names, work emails, job titles, and work phone numbers.
The Premier’s Department is understood to have referred the breach to police, the Australian Cyber Security Centre, and the Office of the Victorian Information Commissioner for investigation.
In hardware news, supporters of social media celebrity PewDiePie have once again taken to hacking devices in an effort to boost subscriptions to the Swedes’ YouTube channel.
Earlier this week, pranksters took control of more than 65,000 Google Chromecast devices – used to stream content to smart TVs – to display a message informing owners of how to fix the flaw, along with asking them to subscribe to the PewDiePie channel.
The stunt was orchestrated by two self-proclaimed white hats, HackerGiraffe and j3ws3r, who set up a website that tracks the number of impacted devices.
At the time of writing, more than more than 65,000 Chromecast units had been forced to play content, and some 8,200 devices had been renamed to ‘HACKED_SUB2PEWDS_#’.
With 79.7 million subscribers, PewDiePie is the world’s most popular YouTube channel, although Indian music label and movie studio T-Series has been edging towards taking the top spot.
The #CastHack campaign – which took advantage of a router setting that makes smart devices publicly viewable on the internet – comes a month after HackerGiraffe successfully forced 50,000 printers to reel off messages in support of PewDiePie.
As internet-watchers wait to see the outcome of the PewDiePie vs. T-Series subscription battle, it all appeared to be too much for the propaganda perpetrator, who took to Pastebin to announce his retirement from the world of hardware hacking.
Elsewhere, BlankMediaGames (BMG) has reported a data breach impacting players of its browser-based game, Town of Salem.
Breach indexing firm DeHashed was first on the case, with a security write-up from the company indicating that the server hack involved more than 7.6 million accounts.
According to DeHashed, the stolen data includes Town of Salem usernames, email addresses, hashed passwords, IP addresses, and forum activity.
In a subsequent blog post, BMG said no payment card information was compromised, as this is handled by third-party providers.
“Sorry that this happened, no game creator ever wants to be in this situation and having it happen over the holiday break when everyone was away was terrible timing,” a company representative stated.
And finally, 2019 got off to a less than ideal start for Apple, as the Cupertino-based tech giant issued a profit warning.
In a letter to investors this week, CEO Tim Cook said the company was cutting its sales forecast for the first quarter, which ended on December 19, citing “macroeconomic and Apple-specific factors”.
The company now expects revenues of around $84 billion for the quarter, down 7.6% on previous guidance.
When it comes to security, there was little respite for Apple this week, as Objective See released its annual ‘Mac Malware of the Year Report’, which collates all new Mac-focused malware and adware of 2018.