top of page

Cybersecurity News Briefing (October 10th-October 21st)

1. Hackers steal data from genetic testing company, millions of user information sold on the dark web.

On October 10th, genetic testing company 23andMe suffered a massive data breach, with hackers stealing a large amount of customer personal information and selling it on the dark web. The leaked data includes names, photos, birth details, racial information, and even involves well-known entrepreneurs such as Meta founder Mr. Mark Zuckerberg and Tesla founder Mr. Elon Musk. A spokesperson for 23andMe stated that the data was collected without user authorization from their official website accounts. The company is currently investigating the incident and emphasizes that their network security system has not been compromised. The company believes that hackers used previously leaked user credentials to establish contact with other individuals with similar genetic information using 23andMe's "DNA Relatives" tool, thereby gaining access to more unaffected user information.

2. International investigation report indicates Vietnamese use spyware to attack global politicians.

On October 10th, according to a report by French investigative news website Mediapart, Amnesty International revealed that the Vietnamese government has been utilizing spyware called "Pegasus" purchased from a French company to attempt to invade the computer systems of global politicians, journalists, and other individuals. The targets include leaders of Taiwan, the German ambassador to the US, four US lawmakers, and UN personnel, among others. The report states that Vietnam conducts large-scale hacking operations through social media platforms using this spyware, targeting high-level political leaders, journalists, scholars, and opponents of the Vietnamese regime. Amnesty International called on the Vietnamese government to immediately cease using illegal spyware and emphasized the prohibition of highly invasive spyware.

3. WhatsApp account hijacking cases surge, involving losses of up to HKD 28.2 million.

On October 18th, the Hong Kong Police reported an increasing number of online scams, particularly involving the hijacking of WhatsApp accounts. From August to September, there were 1,366 recorded cases with total losses reaching HKD 28.2 million. After hacking into the victim's account, the fraudster uses the address book to send messages to his friends and relatives, and obtains property under various excuses. The police advise citizens not to click on suspicious links, enable two-factor authentication, and pay attention to the connected devices in their messaging apps. If in doubt, users should log out promptly. Additionally, citizens can use the "Scameter" App provided by the police to check if accounts, phone numbers, or websites are suspicious. The police plan to introduce a reporting mechanism next year for reporting suspicious activities through a dedicated application.

4. Singapore Senior Minister calls for international cooperation to address cybersecurity issues.

On October 17th, in the context of combating cybercrime, Mr. Teo Chee Hean, Senior Minister and Coordinating Minister for National Security of Singapore, stated during the Singapore International Cyber Week that cross-border cybercrime issues require international cooperation but are hindered by a lack of trust. He pointed out that building trust necessitates addressing challenges in three areas: between nations, between governments and the tech industry, and the public's perception of the digital world. He also called for strengthened international cooperation in resolving cybersecurity issues, the establishment of normative frameworks, and the identification of accountable institutions to foster trust among all parties.

5. Singapore Deputy Prime Minister proposes three cybersecurity recommendations to promote digital order.

On October 17th, Mr. Heng Swee Keat, Deputy Prime Minister and Coordinating Minister for Economic Policies of Singapore, presented three recommendations to address new trends in cyber attacks during the Singapore International Cyber Week. Firstly, he proposed fostering cross-sector and cross-border partnerships that extend beyond governments and international organizations to include non-governmental organizations, academia, and technology companies. Secondly, at the government and international organization levels, establishing an information and communication technology security working group has been initiated for discussions on global digital agreements, frameworks, and guidelines. Lastly, Singapore's Cyber Security Agency is hosting the "CyberCall" initiative aimed at inviting cybersecurity experts to propose innovative solutions to address local cybersecurity challenges.

6. Hong Kong government plans to legislate network security responsibilities for critical infrastructure operators.

On October 18th, the Hong Kong government announced plans to introduce legislation explicitly defining the network security responsibilities of critical infrastructure operators. The Security Bureau stated that in order to enhance the protection of critical infrastructure networks, the government will establish a preventive management system to ensure the secure operation of their information systems and networks. The government is currently drafting the legislative framework and seeking preliminary industry views. It intends to consult the Legislative Council's Panel on Security and conduct public consultations. Additionally, the government has implemented multiple security measures and mechanisms for data security risk management, including protection of government data, auditing and risk assessment, incident handling and response, education and training, and more.

7. Hongkong Post personal information leakage incident raises concerns over information security.

On October 20th, Hongkong Post experienced a personal information leakage incident where unauthorized individuals used the electronic service function of the postal department to repeatedly attempt and guess the registered email addresses of users, obtaining the email addresses of 7,249 account holders. The affected account holders were notified on the same day by the authorities, who also reminded them to be cautious of suspicious emails or unknown correspondence. The incident was reported to the police, and the PCPD was consulted. A report was submitted, and the opinions of the OGCIO were sought to further strengthen security measures. The author, who has been following information security issues, pointed out that this information leakage incident involved credential stuffing and brute force attacks, which can be easily prevented. For example, adding a lockout feature to limit the number of attempts on websites and implementing verification methods like Captcha can effectively block such attacks.

8. Okta suffers a hacker attack, with the company's stock price plummeting 12% in a single day.

On October 21st, security identity verification company Okta (OKTA.US) experienced a hacker attack, resulting in a significant drop in its stock price. The hackers used stolen credentials to gain access to Okta's support case management system. Approximately 184 customers, accounting for about 1% of the total customer base, were affected by this attack. In addition to Okta, identity management company BeyondTrust also became one of the victims of this intrusion. Mr. Marc Maiffret, BeyondTrust's Chief Technology Officer stated that he had spoken with Okta and requested an investigation into the allegations. The attack targeted authentication for internal administrator accounts of Okta, and through deep investigation, it was discovered that the attackers used stolen valid session caches from Okta's support system. BeyondTrust immediately utilized their own identity verification tools to detect and remediate the attack and stated that no impact or exposure occurred to their company's infrastructure or customers.


bottom of page