DDW Weekly Highlights in November W3

Resources

2024.11.28

☑️ S2W DDW Weekly Highlights in November W3

🔍 Major US electric vehicle manufacturer hit by data breach affecting 120,000 customer records

• Evidence shows information from US electric vehicle company T was leaked and listed for sale on BreachForums.

• On November 19, a threat actor "IntelBroker" claimed responsibility for leaking personal information of approximately 120,000 customers from the Middle East who used the charging stations of the world’s leading electric vehicle company. The leaked data reportedly includes customer names, locations, payment details, vehicle identification numbers (VINs), manufacturers, and model names.

• The hacker, linked to recent corporate breaches, stated the information was accessed via T’s external data hosting vendor.

🔍 South Korean user data exposed on Chinese Telegram channel

• Telegram posts revealed leaks of data from South Korean automakers, airlines, and hotels.

• On November 18, a Chinese-language channel shared samples, including two auto purchase records, one set of hotel customer data from Incheon, and one airline passenger record. According to S2W’s analysis, the airline data originated from a prior breach and is fabricated.

• The Telegram channel specializes in sharing leaked personal information and has approximately 500 subscribers.

🔍 Sensitive medical data from Chinese hospitals sold for $200 on Hacking Forum

• On November 21, a threat actor "Desec0x" was observed selling sensitive medical data stolen from Chinese hospitals.

• The leaked records originate from hospitals in Beijing, Shandong, and Shenzhen, including patient medical details, pharmaceutical company information, medical insurance data, and internal hospital credentials. The data is being sold for $200.

• "Desec0x" is also known for selling internal data from the State Grid Corporation of China (SGCC), the world’s largest state-owned electric utility, in June. The hacker appears to specialize in breaches targeting Chinese entities.

If you want to read more, follow the newsletter as below and visit S2W Inc. website to contact us.

✅ https://s2w.inc/en/contact

* The full report is available upon request and for XARVIS subscribers.

Attachments

[S2W] Darkpedia_Newsletter (20241128)_EN.pdf

Threat Intelligence Reports

Introduction to the North Korea-backed Scarcruft ROKRAT Malware Cluster

2024.11.28

Industry Newsletters

S2W, INTERPOL Discuss on Strengthening Global Public-Private Cooperation

2024.12.02

List

File download request

This is a consent popup for collecting personal information in order to send you an attachment of S2W's Resource. Please enter the following items and submit, and the attachment will be sent to the email you provided. All information you provide will be subject to S2W's privacy policy.

Name *

Email *

Contact number *

Company / Institute name *

How did you find us?*

Agree to all

[Required] Terms of Service View all

[Required] Collection and Use of Personal Information View all

[Optional] Collection and Use of Information for Marketing Purposes

Collected items: Required : Name, Country, Company/Institute Name,Job Title, Email, Contact Number
Purpose of use: For online/offline marketing and advertising purpose Name, Job Title, Email, Contact Number; Delivery of product brochures, newsletters, event information, etc.
Retention period: Until consent for marketing use is withdrawn.