Temu Denies Data Breach, Chinese National Indicted for Alleged Theft of US Aerospace Data: Your Cybersecurity Roundup
Temu Denies Data Breach Despite Hacker Claims
E-commerce platform Temu is under scrutiny following claims of a data breach impacting 87 million users. A threat actor on BreachForums offered a database containing customer information for sale, including usernames, IDs, IP addresses, personal details, and hashed passwords.
Temu vehemently denies the breach, stating a thorough investigation found no matching data in their systems. The company emphasizes its commitment to user security and adherence to data protection standards. Temu intends to pursue legal action against those spreading misinformation.
The threat actor maintains the breach is real and claims access to internal systems, although no proof has been provided. BleepingComputer’s investigation revealed some data may originate from a different, older breach. The threat actor has been banned from BreachForums for misrepresenting information.
Chinese National Indicted for Alleged Theft of US Aerospace Software and Source Code
A federal indictment unsealed accuses a Chinese national of conducting a multi-year spear-phishing campaign aimed at窃取 (qiè qǔ, acquiring illegally) sensitive software and source code related to aerospace engineering and computational fluid dynamics from the National Aeronautics and Space Administration (NASA), research universities, and private companies.
Song Wu, a 39-year-old formerly employed as an engineer by Aviation Industry Corporation of China (AVIC), a state-owned Chinese aerospace and defense conglomerate, is charged with 14 counts of wire fraud and 14 counts of aggravated identity theft. The indictment alleges that Wu engaged in a social engineering campaign from approximately January 2017 to December 2021.
The Department of Justice (DoJ) alleges that Wu created fraudulent email accounts impersonating US-based researchers and engineers. These emails were then used to target employees at NASA, the US Armed Forces, universities with aerospace engineering programs, and private sector companies in the aerospace industry. The emails reportedly requested the targets to share restricted or proprietary software.
Russian Cybersecurity Firm Dr.Web Hit by Cyberattack
Dr.Web, a prominent Russian anti-malware company, has been the target of a cyberattack. The incident led to temporary disruptions in the company’s services and forced them to disconnect their servers from the network.
Despite the attack, Dr.Web successfully contained the threat and ensured that its customers remained unaffected. The company implemented security measures and utilized its own tools to analyze and eliminate the consequences of the breach.
This attack highlights the ongoing challenges faced by cybersecurity firms in protecting themselves from cyber threats. The recent targeting of Russian cybersecurity companies underscores the increasing sophistication and intensity of cyberattacks in the region.