25 August 2023

5 min read

Duolingo's unintentional data slip becomes a new lesson | Cyber Intelligence Briefing: 25 August

August 2023
Cyber Intelligence Briefing


Top news stories this week

  1. Lost in translation. Duolingo's unintentional data slip becomes a new lesson.
  2. Data leaks down under. Charity donor data leaked and Latitude Financial's post-breach costs revealed.
  3. PSNI terror charges. Police arrest individual for terror offences over PSNI data leak.
  4. False advertisement. Fake Amazon links used in Google Ads for malware distribution.
  5. Double extortion. Seiko and CloudNordic hit with ransomware.
  6. Crackdown. Law enforcement arrest 14 cyber criminals in Interpol-led operation.  



1. 2.6 million Duolingo customer records exposed

Hackers have placed 2.6 million Duolingo customer records for sale on a dark web forum. In January 2023, an exposed API allowed the public information of Duolingo profiles to be retrieved by entering a known username. The data contains names and email addresses and is accessible for a fee of USD 2.13.

So what?

Including API testing as part of a regular penetration testing programme will help identify vulnerabilities and possible routes of data exposure.  



2. Cyber attacks impact Australian companies

A cyber attack on Australian telemarketer Pareto Phone led to the exposure of personal data from multiple Australian charities. Three charities have confirmed the release of donor information by the threat actors.

Separately, Australian company Latitude Financial reported spending roughly USD 50 million in response to a cyber attack earlier this year, negatively impacting various aspects of the business and leading to a lawsuit.

So what?

Cyber attacks can have serious financial consequences. The recovery cost is often far greater than the cost of proactively identifying the gaps and implementing robust and proportionate security measures. 




3. Individual accused of terror offences over PSNI data leak

Following the recent accidental leak of personal data within the Police Services of Northern Ireland (PSNI), an individual has been arrested after possessing official documents and mobile phones that could be used for terrorist purposes

One mobile phone held a leaked spreadsheet with full names of PSNI officers, and the other had images of explosive devices. The individual had also performed postal address searches using the leaked surnames.

So what?

The repercussions of the PSNI data leak continue to have serious implications. Enforcing robust protocols for the storage and exchange of confidential information minimises the risk of inadvertent data leaks occurring in the future.



4. Maladvertisement campaign abuses Google Ads

Threat actors have exploited Google sponsored ads by impersonating Amazon’s legitimate URL. When the ad is clicked, it prompts the user with a fake Microsoft Defender alert which, if interacted with, infects their device with malware.

So what?

Not only is user awareness of these evolving threats important, but employees should exercise scepticism towards any unexpected redirects. Employees should be trained on the importance of escalating potential malicious activity to an internal IT/security team before trying to solve the problem themselves.



5. Seiko and CloudNordic hit with ransomware

The BlackCat ransomware group has targeted the Japanese watchmaker Seiko in a data breach, exposing technical data and watch designs.

Separately, Danish cloud provider CloudNordic suffered a ransomware attack that erased server and customer data. Although no data theft is suspected, the company faces challenges in restoring services.

So what?

Organisations should adopt comprehensive cyber security practices to prevent and mitigate the impact of ransomware attacks, including regular user training, keeping software up-to-date, and maintaining offline immutable backups. 



6. 14 arrested in Africa cyber crime crackdown

A coordinated international operation has arrested 14 suspects and identified thousands of illicit networks across 25 African countries, linked to more than USD 40 million in cyber crime losses. The Interpol-led operation disrupted phishing campaigns, business email compromises, and other online scams.

So what?

This case demonstrates the growing pressure cyber criminals face from increasingly coordinated law enforcement operations across the world.


Cyber Intelligence Briefing

The S-RM Cyber Intelligence Briefing is a weekly round-up of the latest cyber security news, trends, and indicators, curated by our intelligence specialists.

To discuss this briefing or other industry developments, please reach out to one of our experts.


Share this post

Subscribe to our insights

Get industry news and expert insights straight to your inbox.