Roblox vendor data breach exposes dev conference attendee info
Roblox announced late last week that it suffered a data breach impacting attendees of the 2022, 2023, and 2024 Roblox Developer Conference attendees. Roblox is an online gaming and game creation platform popular among younger audiences that design, create, and share games with a large community of over 200 million active users. The company hosts an annual Roblox Developer Conference (RDC) event that helps developers network, learn, and share knowledge with others through workshops and new tool presentations.
Ticketmaster discredits dark web claims of stolen barcodes for Taylor Swift concerts
Ticketmaster shot down claims made on the dark web that hackers have access to working ticket barcodes for several upcoming Taylor Swift concerts and other events. On Friday, a hacker allegedly offered for sale event barcodes for Taylor Swift’s Eras Tour concert dates in New Orleans, Miami and Indianapolis. The barcodes are typically scanned at the entrance for events. In total, the hacker offered about 170,000 barcodes for sale, with about 20,000 for sale at each show. The hacker also threatened Ticketmaster with more leaks if they are not paid $2 million — claiming to have 30 million more barcodes for NFL games, Sting concerts and more.
Supreme Court Ruling Threatens the Framework of Cybersecurity Regulation
A recent Supreme Court ruling has shifted regulatory enforcement from the federal agencies to the judicial system. On June 28, 2024, the Supreme Court struck down a legal principle known as the Chevron Doctrine (or Deference). This doctrine dates to a 1984 Supreme Court ruling (Chevron v Natural Resources Defense Council) that allows federal agencies to use their own expertise to interpret ambiguities in the law.
Ransomware attack on blood-testing service puts lives in danger in South Africa
A ransomware attack against South Africa’s National Health Laboratory Service (NHLS) has put lives at risk and created chaos for healthcare services across the country. On June 22, the BlackSuit ransomware group hit NHLS, leaving it unable to process millions of blood tests. This means serious conditions have been left undiagnosed and lives endangered. This included details of tests that screened for diseases like tuberculosis and HIV/AIDS, as well as the mpox (also known as monkeypox) outbreak that is currently impacting parts of Africa.
OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers
French cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service (DDoS) attack in April 2024 that reached a packet rate of 840 million packets per second (Mpps). This is just above the previous record of 809 million Mpps reported by Akamai as targeting a large European bank in June 2020. The 840 Mpps DDoS attack is said to have been a combination of a TCP ACK flood that originated from 5,000 source IPs and a DNS reflection attack leveraging about 15,000 DNS servers to amplify the traffic.