Security

Collabera hacked: IT staffing'n'services giant hit by ransomware, employee personal data stolen

Crooks made off with everything needed for ID theft


Exclusive Hackers infiltrated Collabera, siphoned off at least some employees' personal information, and infected the US-based IT consultancy giant's systems with ransomware.

We understand this swiped data included workers' names, addresses, contact and social security numbers, dates of birth, employment benefits, and passport and immigration visa details. Basically, everything needed for identity theft. The recruitment'n'staffing biz, which employs more than 16,000 people globally and banks hundreds of millions of dollars a year in sales, does not believe the lifted records have been used for fraud.

Collabera could not be reached for comment, though El Reg has seen a copy of the internal memo sent to staff disclosing the details of the leak. File-scrambling malware was detected on the IT consultants' network on June 8, and within a couple of days, it emerged at least some data had been stolen, according to the business.

Collabera identified malware in its network system consistent with a ransomware attack

"On June 8, 2020, Collabera identified malware in its network system consistent with a ransomware attack," Collabera wrote in the letter, dated mid-July and signed by HR senior director Mike Chirico.

"We promptly restored access to our backup files and immediately launched an investigation to determine the nature and scope of the event. On June 10, we became aware that the unauthorized party obtained some data from our system. We are working with outside experts and law enforcement to conduct a more detailed review of the incident."

Based out of New Jersey, Collabera offers companies IT services and staffing. That includes hiring out tech workers, hence the cache of personal data that was accessed by the miscreants.

"At Collabera, we reach out a hand to turn the search into a companionable, supportive journey," the company said on its website.

"A journey that certainly doesn’t inspire groaning, and one that no one ever takes alone."

So was this ransomware, or a data leak?

In this case, it appears that miscreants tried to encrypt and stole data. This has become the norm among ransomware gangs; crooks have taken to exfiltrating data as well as encrypting it. These days, victims aren't just paying the ransom to potentially restore their information, they're also paying to prevent the stolen data from being leaked or sold on by the extortionists.

In June, the Maze ransomware group – known for stealing and leaking corporate confidential data – claimed to have hacked Collabera.

Now Collabera is offering its staff two years of credit and identity monitoring services through Experian. (Yes, the same Experian that was once relieved of records on 15 million folks in the US.)

Workers who receive the letter are said to have until October 31 to register themselves for the monitoring service: "We strongly encourage you to review your bank, credit card, and other financial statements regularly. If you see any transactions you don't recognize or which appear suspicious, notify your financial institution immediately, as well as Experian." ®

Send us news
10 Comments

Indian state cuts off internet for millions to stop cheating in exams

1.6 million people sat teaching eligibility test, chasing 40,000 jobs

The Indian state of Rajasthan yesterday cut off internet access to millions of citizens, in order to prevent cheating in an exam.

The exam in question is the Rajasthan Eligibility Exam for Teachers (REET) – a test that, as its name implies, is a requirement to be employed as a teacher.

Rajasthan's informational web site predicts that over 1.5 million people will sit the test in their quest to fill one of 40,000 vacant reaching jobs in the state. The test hasn't been run for two years.

Continue reading

This won’t hurt a bit, says Veeam, as it flags end of socket-based licensing

Change to universal licenses coming sometime in 2022, says backup vendor, but won't be forced

Backup vendor Veeam is almost certainly going to ditch per-socket licensing.

Senior veep for product management Anton Gostev has floated the idea for months in user forums, but last week revealed that the change is now all-but a fait accompli.

"All in all, it is looking like Veeam will in the end go ahead and stop selling Socket-based licenses sometime next year, just as I expected."

Continue reading

'Quad' group seeks to set security standards for global tech industry

USA, India, Australia, and Japan pledge to build own 5G tech, share space data, secure rare earth supply chains, and more

The Quad group of nations – the USA, India, Australia, and Japan – has announced several joint initiatives to share technology and spur its development, among them a plan to set new global security standards for the technology industry.

The four nations' leaders met late last week and announced a set of initiatives, among them development of shared "Quad Principles on Technology Design, Development, Governance, and Use".

A joint statement outlines the aims of that document, including the following call to action for the technology industry:

Continue reading

Huawei CFO Meng Wanzhou admits lying about Iran deal, gets to go home

US puts charges on ice, extradition attempt halted

Updated Huawei finance chief Meng Wanzhou has reached a deal with the US Justice Department to drop the fraud and conspiracy charges against her in exchange for admitting that she made false statements about her company's business dealings with Iran.

The deferred prosecution agreement will end Uncle Sam's attempt to extradite Meng to the United States. It will allow her to depart Canada, where she has been detained since 2018, and return to China, easing a major source of diplomatic tension between Canada, China, and the US.

After Canadian authorities arrested Meng at the Vancouver airport in December, 2018, on behalf of the Americans, the US Justice Department indicted her and her manufacturing giant for violating US sanctions on Iran by misrepresenting Huawei's relationship with Hong Kong-based Skycom, which operated in Iran.

Continue reading

For the nth time, China bans cryptocurrencies

Coin prices drop after People's Bank reiterates crackdown

China has once again banned cryptocurrencies.

It's not even the first time this month Beijing's done so, let alone the first time ever, yet word of the reiterated crackdown sent coin prices tumbling, which may have been the ultimate goal. After all, China would prefer its citizens use its non-illegal digital yuan.

Bitcoin fell by 5.5 per cent, Ethererum by 7.4 per cent, and Dogecoin by 14.9 per cent, for instance, after this latest announcement and have since rebounded somewhat.

Continue reading

Frustrated dev drops three zero-day vulns affecting Apple iOS 15 after six-month wait

Security Bounty program slammed over 'broken promises'

Upset with Apple's handling of its Security Bounty program, a bug researcher has released proof-of-concept exploit code for three zero-day vulnerabilities in Apple's newly released iOS 15 mobile operating system.

The bug hunter, posting on Thursday to Russia-based IT blog Habr under the name IllusionOfChaos and to Twitter under the same moniker, expressed frustration with Apple's handling of vulnerability reports.

"I've reported four 0-day vulnerabilities this year between March 10 and May 4, as of now three of them are still present in the latest iOS version (15.0) and one was fixed in 14.7, but Apple decided to cover it up and not list it on the security content page," the researcher wrote.

Continue reading

Yugabyte's double-decker DBaaS follows Cochroach in distributed RDBMS

Hopes to lure users with promise of relieving operational burden

Distributed relational database Yugabyte has launched a database-as-a-service product following a rush of inspiration from Facebook, Google and the world of FOSS.

While the open-source DBaaS impressed one analyst, it will have to cope with competition from well-funded CockroachDB, which has had its DBaaS on the market for nearly three years.

Yugabyte is sort of a double-decker database. It is inspired by Google Spanner underneath and compatible with PostgreSQL on top. As Yugabyte founder and CTO Karthik Ranganathan, a former Facebook technical lead, explained to The Register earlier this year:

Continue reading

EurekAI... Neural network leads chemists to discover 'four new materials'

All said to conduct lithium atoms, may be useful for electric car batteries

Chemists have discovered four new materials based on ideas generated from a neural network, according to research published in Nature.

Uncovering new materials is challenging. Scientists have to search for combinations of molecules that lead to useful compounds that can be manufactured.

Traditional methods rely on fiddling around with known materials, and although these techniques narrow down the search for materials that work well, they don’t always produce something useful, according to Matt Rosseinsky, a chemistry professor at England's University of Liverpool who co-wrote the research paper.

Continue reading

Scientists took cues from helicopter seeds to invent tiny microchips that float on wind

'Microfliers' could carry sensors to monitor air pollution and more

Video As autumn arrives in the northern hemisphere, scientists have shown how tiny connected semiconductors can be distributed on the wind in a similar way to the seasonal spreading of airborne seeds.

Researchers led by Professor John Rogers of the US's Northwestern University designed printed circuits able to manifest rotational behaviours, as seen in helicopter and spinner seeds, that enhance the stability and flying behaviour.

In a paper published in Nature this week, they argue that simple electronics can be integrated into the designs, with one example containing a circuit to detect airborne particles.

Continue reading

With just over two weeks to go, Microsoft punts Windows 11 to Release Preview

What's that coming over the hill? Is it new hardware? Is it new hardware?

Microsoft has followed up a lacklustre Surface hardware event with a Windows 11 Release Preview for Windows Insiders.

Assuming, of course, those Insiders are possessed of an "eligible PC" – for Microsoft does not appear to be backing down on its vendor-delighting and customer-frustrating hardware requirements for the new operating system.

The build in question is 22000.194, which emerged last week in the Beta Channel to the disappointment of users trying to run Windows 11 on a virtual machine that is not to Microsoft's liking. Its arrival in Release Preview yesterday, just over two weeks from general availability on 5 October, is an indicator that fans should expect little more than patches and updates until then.

Continue reading

Fukushima studies show wildlife is doing nicely without humans, thank you very much

Biodiversity increasing, endangered species gradually returning despite radioactive terror pig presence

Studies of biodiversity around the former Fukushima nuclear power plant in Japan have shown that a decade after the nuclear incident there in March 2011, the local wildlife, at least, is mostly thriving.

The incident at the Fukushima Daiichi site – in which three of the site's six reactors suffered meltdowns due to damage from an earthquake-induced tsunami – was one of only two events in history to be rated at level 7 on the International Nuclear and Radiological Event Scale (the other being Chernobyl).

This scale is not related to the quantity of radioactive material released (although that was considerable), but by the number of people affected by the event. Following the incident, 154,000 people were evacuated from the area surrounding the plant due to the risk of radioactive contamination, a number second only to the 335,000 evacuated from the environs of the Chernobyl plant in 1986.

Continue reading