Cybercrime , Fraud Management & Cybercrime , Incident & Breach Response

Breach Roundup: Google Phases Out Passwords for Passkeys

Also: Microsoft Will Bid VBScript Goodbye; Magecart's Novel Page-Not-Found Attack
Breach Roundup: Google Phases Out Passwords for Passkeys
Image: Shutterstock

Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. This week: Google began phasing out passwords, Microsoft will bid VBScript goodbye, payment card information exposed via an Air Europa hack, a Magecart attack uses a sneaky page-not-found tactic, U.S. voter registration data stolen from the District of Columbia, and Volex reports a hack attack.

See Also: OnDemand | MFA, Passwordless, & Passkeys: Defend Your Workforce

Google Phases Out Passwords

Google on Tuesday announced it is phasing out passwords as the default sign-in method for users in favor of passkeys. Passkeys based on the WebAuthn standard create an asymmetric keypair, with the private key stored on the user's device and the public key by the service provider. A successful match works as a logon credential, without the necessity of a service provider having to store passwords. Users unlock the private key by verifying their identity through methods that include facial recognition, fingerprint scanning or a PIN.

The tech giant asserts that passkey logins are 40% faster than password-based logins.

Microsoft Bids VBScript Goodbye

Microsoft is bidding farewell to VBScript after being in use for 30 years. A programming language akin to Visual Basic or Visual Basic for Applications, VBScript has also served hackers as a pathway for Windows hacking. Trojans including Emotet and Qbot - also known as Qakbot - have spread via VBS. The notorious ILOVEYOU worm from the year 2000 was a VBS file.

Before nuking the feature entirely, Microsoft plans to make VBScript an on-demand feature, to give users time to adapt before its retirement. Microsoft began the slow road to removing VBScript from Windows in 2016 when it deprecated VBS in Internet Explorer 11.

Credit Cards Exposed in Air Europa Hack

Spanish airline Air Europa urged customers to cancel their credit cards after a recent data breach. The airline disclosed that hackers compromised sensitive details, including full payment card numbers, CVV numbers and expiration dates. While the extent of the breach and potential financial impact remain undisclosed, angry customers shared emails on social media advising card cancellation. Air Europa asserted there's no evidence of the breached data being used for fraud so far, though that is no guarantee for what might happen in the future. The company has yet to say how attackers breached its site.

Spanish consumer advocacy organization Ocu recommends consumers follow the airline's advice and cancel payment cards used to purchase airfares on Air Europa. It also asked the Spanish data protection agency to investigate the incident. Spanish authorities fined Air Europa 600,000 euros in December 2020 for a payment card data breach affecting 489,000 individuals.

Magecart Cyberattack Uses Sneaky Page-Not-Found Tactic

Akamai researchers discovered Magecart online skimmer malware being hidden in "HTTP 404 page not found" error pages displayed by online shops that use the Magento and WooCommerce platforms.

Attackers have targeted numerous websites, including major players in the food and retail sectors, with this novel concealment technique. The loader triggers a "404 Not Found" error by calling for a nonexistent page. It injects obfuscated attack code into the page-not-found response, decoding into JavaScript what appears to be a code comment. "The attacker successfully altered the default error page for the entire website and concealed the malicious code within it," Akamai researchers wrote.

US Voter Registration Data Stolen

The government agency overseeing elections in the U.S. capital is investigating a breach of voter records, prompted by claims from the threat actor RansomedVC. The District of Columbia Board of Elections says it has confirmed that "some D.C. voter information was accessed through a breach" of its website hosting provider DataNet Systems.

Volex Suffers Hack Attack

British power and data transmission product manufacturer Volex told investors Monday that hackers gained unauthorized access to "certain IT systems and data, at some of the group's international sites."

Volex has initiated an investigation, engaged third-party specialist consultants to assess the extent of the breach and to formulate an incident response plan. The 131-year-old company, with operations in 27 locations across 24 countries, emphasizes that it remains operational, experiencing only "minimal disruption" to production. Volex, headquartered in the United Kingdom, primarily serves markets in Europe, North America and Asia.

About the Author

Anviksha More

Anviksha More

Senior Subeditor, ISMG Global News Desk

More has seven years of experience in journalism, writing and editing. She previously worked with Janes Defense and the Bangalore Mirror.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.