MacEwan University said its IT systems are secure after the institution was defrauded Attack.Phishing of nearly $ 12 million in a phishing scam Attack.Phishing compounded by human error . The university learned it was the victim of an attack Attack.Phishing last Wednesday , Aug 23 after a series of fraudulent emails “ convinced university staff to change electronic banking information for one of the university ’ s major vendors. ” On Friday , Clark Builders — an Edmonton construction and contracting company — confirmed it was the vendor fraudsters posed as in the online attack . The fraud Attack.Phishing led university staff members to transfer $ 11.8 million to a bank account they believed belonged to the vendor , the university said . MacEwan University spokesperson David Beharry said three relatively low-level staff members were involved in the transfer . He said there was no process in place which required staff members to phone the vendor to confirm the request to change banking information , but that will change . “ We are looking at the levels of staffing it must go through for authorization before somebody changes that , ” he said . “ There is going to be a secondary and tertiary level of approval before this goes on . ”

The Intercontinental Hotels Group data breach Attack.Databreach previously announced in February as affecting 12 hotels in the chain has proven to have been far more extensive than was first thought . Last week the group announced that the breach Attack.Databreach affected guests that used their credit cards to pay at franchisee hotels across the United States and in Puerto Rico between September 29 , 2016 and December 29 , 2016 . According to the chain ’ s website , the Intercontinental Hotels Group data breach Attack.Databreach potentially affected guests who stayed at its Holiday Inn , Holiday Inn Express , Crowne Plaza , Staybridge Suites , Candlewood Suites , Hotel Indigo , and InterContinental Hotels . The full list of hotels that have potentially been affected by the malware incident has been listed on the IHG website . In total , 1,184 of the group ’ s hotels have potentially been affected . The Intercontinental Hotels Group data breach Attack.Databreach involved malware that had been downloaded onto its systems , which was capable of monitoring payment card systems and exfiltrating Attack.Databreach payment card data . It does not appear that any other information other than card details and cardholders ’ names were stolen Attack.Databreach by the attackers . The hotel group does not believe the data breach Attack.Databreach extended past December 29 , 2016 , although that can not be entirely ruled out as it took until February/March for all of the affected hotels to be investigated and for confirmation to be received that the malware had been removed . Prior to the malware being installed , IHG had started installing the OHG Secure Payment Solution ( SPS ) , which provides point to point encryption to prevent incidents such as this from resulting in the theft of clients ’ data . Had the process started sooner , the Intercontinental Hotel Group data breach Attack.Databreach could have been prevented . Hotels that had implemented the SPS prior to September 29 , 2016 were not affected and those that had implemented the solution between September 29 , 2016 and December 29 , 2016 stopped the malware from being able to locate and steal Attack.Databreach credit card data . In those cases , only clients that used their credit cards at affected hotels between September 29 , 2016 and when the SPS system was installed were affected . Intercontinental Hotels Group Data Breach One of Many Affecting the Hospitality Sector The Intercontinental Hotels Group data breach Attack.Databreach stands out due to the extent to which the group was affected , with well over 1,100 hotels affected . However , this is far from the only hotel group to have been affected by POS malware . Previous incidents have also been reported by Hard Rock Hotels , Hilton Hotels , Omni Hotels & Resorts and Trump Hotels . Hotels , in particular hotel chains , are big targets for cybercriminals due to the size of the prize . Many hotel guests choose to pay for their rooms and services on credit cards rather than in cash , and each hotel services many thousands – often tens of thousands – of guests each year . Globally , IHG hotels service more than 150 million guests every year , which is a tremendous number of credit and debit cards . Such a widespread malware infection would be highly lucrative for the attackers . Credit card numbers may only sell for a couple of dollars a time , but with that number of guests , an attack Attack.Databreach such as this would be a huge pay day for the attackers .

WannaCry only demanded Attack.Ransom $ 300 from each victim . These hackers extorted Attack.Ransom $ 1 million from one South Korean company . Hackers appear to have pulled off Attack.Ransom a $ 1 million heist with ransomware in South Korea . The ransomware attacked Attack.Ransom more than 153 Linux servers that South Korean web provider Nayana hosted , locking up more than 3,400 websites on June 10 . In Nayana 's first announcement a few days later , it said the hackers demanded Attack.Ransom 550 bitcoins to free up all the servers -- about $ 1.62 million . Four days later , Nayana said it 'd negotiated with the attackers and got the payment reduced Attack.Ransom to 397 bitcoins , or about $ 1 million . This is the single largest-known payout for a ransomware attack Attack.Ransom , and it was an attack Attack.Ransom on one company . For comparison , the WannaCry ransomware attacked Attack.Ransom 200,000 computers across 150 countries , and has only pooled $ 127,142 in bitcoins since it surfaced . Ransomware demands Attack.Ransom have risen rapidly over the past year , tripling in price from 2015 to 2016 . But even then , the highest cost of a single ransomware attack Attack.Ransom was $ 28,730 . Nayana agreed to pay Attack.Ransom the ransomware in three installments , and said Saturday it 's already paid Attack.Ransom two-thirds of the $ 1 million demand Attack.Ransom . `` It is very frustrating and difficult , but I am really doing my best and I will do my best to make sure all servers are normalized , '' a Nayana administrator said , according to a Google translation of the blog post . The company is expected to make the final payment Attack.Ransom once all the servers from the first and second payouts Attack.Ransom have been restored . Trend Micro , a cybersecurity research firm , identified the ransomware as Erebus , which targets Linux servers for attacks . It first surfaced in September through web ads , and popped up again in February . `` It 's worth noting that this ransomware is limited in terms of coverage , and is , in fact , heavily concentrated in South Korea , '' Trend Micro researchers said Monday in a blog post . Paying ransomware Attack.Ransom is at the victim 's discretion , but nearly all organizations , including government agencies and security researchers , advise against it .

The gang behind the attacks has compromised technology service firms and plans to use them as a proxy for attacks , security firms have said . The group , dubbed APT10 , is using custom-made malware and spear phishing Attack.Phishing to gain access to target companies . The National Cyber Security Centre and cyber units at PwC and BAE Systems collaborated to identify the group . `` Operating alone , none of us would have joined the dots to uncover this new campaign of indirect attacks , '' said Richard Horne , cyber security partner at PwC . A detailed report drawn up by the three organisations reveals that the group has been active since 2014 but ramped up its attacks in late 2016 . In particular , said the report , it targeted firms who ran key IT functions on behalf of large UK companies . PwC and BAE said the group had mounted many different attacks as part of a campaign they called Operation Cloud Hopper . By targeting the suppliers of IT outsourcing , the attackers were able to stealthily gain access to the networks and systems of their true targets . Dr Adrian Nish , head of threat intelligence at BAE , said the attackers used these third parties as a `` stepping stone '' to get at the companies and organisations they were really interested in . Infiltrating supply chains gave the attackers an easy route into many different targets . `` Organisations large and small rely on these providers for management of core systems and as such they can have deep access Attack.Databreach to sensitive data , '' he said . `` It is impossible to say how many organisations might be impacted altogether at this point . '' The security organisations involved in exposing the APT10 campaign say they have seen firms in the UK , Europe and Japan being targeted by the group . The National Cyber Security Centre and the two security firms have warned known victims that they have been compromised . Spear phishing emails booby-trapped Attack.Phishing with custom-made malware were sent Attack.Phishing to key staff in IT services firms in the first stage of an attack Attack.Phishing . Once the hackers had won access Attack.Databreach they sought out Attack.Databreach intellectual property and other sensitive data . The hacking group maintained a massive network of sites and domains online to serve their various attacks and as a conduit for data they stole , said Dr Nish . Forensic analysis of the times when the attackers were most active as well as the tools and techniques they used led PwC and BAE to conclude that the group was based in China . They have not established who is behind the APT10 group or how it chooses its targets

HipChat has reset all its users ' passwords after what it called a security incident that may have exposed Attack.Databreach their names , email addresses and hashed password information . In some cases , attackers may have accessed Attack.Databreach messages and content in chat rooms , HipChat said in a Monday blog post . But this happened in no more than 0.05 percent of the cases , each of which involved a domain URL , such as company.hipchat.com . HipChat did n't say how many users may have been affected by the incident . The passwords that may have been exposed Attack.Databreach would also be difficult to crack , the company said . The data is hashed , or obscured , with the bcrypt algorithm , which transforms the passwords into a set of random-looking characters . For added security , HipChat `` salted '' each password with a random value before hashing it . HipChat warned that chat room data including the room name and topic may have also been exposed Attack.Databreach . But no financial or credit information was taken Attack.Databreach , the company said . HipChat is a popular messaging service used among enterprises , and an attack Attack.Databreach that exposed Attack.Databreach sensitive work-related chats could cause significant harm . The service , which is owned by Atlassian , said it detected the security incident last weekend . It affected Vulnerability-related.DiscoverVulnerability a server in the HipChat Cloud and was caused by a vulnerability in an unnamed , but popular , third-party library that HipChat.com used , the company said . No other Atlassian systems were affected , the company said . “ We are confident we have isolated the affected systems and closed any unauthorized access , ” HipChat said in its blog post . This is not the first time the messaging service has faced problems keeping accounts secure . In 2015 , HipChat reset user passwords after detecting and blocking suspicious activity in which account information was stolen Attack.Databreach from less than 2 percent of its users . When breaches occur , security experts advise users to change their passwords for any accounts where they used the same login information . Users can consider using a password manager to help them store complex , tough-to-memorize passwords . HipChat has already sent an email to affected users , informing them of the password reset . In 2015 , rival chat application Slack reported its own breach , and as a result rolled out two-factor authentication to beef up its account security . HipChat does not offer two-factor authentication .

Get access Attack.Databreach to essential strategic content , in-depth reports , industry intelligence , and exclusive data . Columbia Sportswear Co , is investigating an attack Attack.Databreach on one of its e-commerce sites . CEO Tim Boyle told analysts on Columbia ’ s fourth quarter 2016 earnings call that there was an unspecified cyber attack Attack.Databreach on its prAna brand ’ s online store . Columbia Sportswear acquired prAna in May 2014 for $ 190 million in cash . “ We immediately launched an investigation and engaged a leading third-party cyber security firm to assist us , ” he told analysts on the call , according to a transcript from Seeking Alpha . “ Protecting our customers ’ information is one of our top priorities and we are taking this very seriously . Until the investigation is completed , it ’ s difficult to characterize the scope or nature of the potential incident , but we are working vigilantly to address this issue ” . Boyle stressed that the attack Attack.Databreach was limited to prAna ’ s site and did not affect Columbia ’ s other online stores . Online sales are growing fast for the outdoor apparel maker and retailer . Boyle told analysts the company generated about $ 220 million in online sales globally in 2016 .

The breach indicates even more capable Asian states are struggling to confront cyber threats . On February 28 , Singapore ’ s defense ministry ( MINDEF ) disclosed that a breach Attack.Databreach in an Internet-connected system earlier this month had resulted in the personal data of 850 national servicemen and employees being stolen Attack.Databreach . Though the impact of the breach was quite limited , it nonetheless highlights the difficulties that Singapore faces as it confronts its growing cyber challenge . According to MINDEF , the I-net system used by personnel to access the Internet through terminals at the ministry and other facilities was breached Attack.Databreach by an attack Attack.Databreach in early February . While personal data , including identification numbers , phone numbers , and date of birth , were believed to have been stolen Attack.Databreach during the incident Attack.Databreach , the ministry said no classified information was compromised Attack.Databreach because it is stored on a separate system not connected to the Internet . As I have noted before , it has been paying keen attention to the cyber domain as a developed , highly-networked country . Singapore is particularly vulnerable as it relies on its reputation for security and stability to serve as a hub for businesses and attract talent . Indeed , last year , Deloitte found that Singapore was among the five Asian countries most vulnerable to cyber attacks ( See : “ Singapore Among Most Vulnerable to Cyberattacks in Asia ” ) . In response , Singapore has unveiled a series of initiatives aimed at boosting cybersecurity , including creating new institutions , safeguarding critical infrastructure , training cyber security personnel , and collaborating more with the private sector ( See : “ Singapore ’ s Cyber War Gets a Boost ” ) . And as I noted before , Prime Minister Lee Hsien Loong also outlined Singapore ’ s overall cybersecurity strategy at the inaugural Singapore International Cyber Week in October last year ( See : “ Singapore Unveils New ASEAN Cyber Initiative ” ) . Nonetheless , the cyber attack this week is a reminder that even the more capable states in the Asia-Pacific continue to struggle with confronting threats in the cyber realm . This was the first publicly disclosed cyber attack that MINDEF has experienced , and the ministry has described it as “ targeted and carefully planned , ” with the purpose of gaining access to official secrets . And based on what Singaporean officials have discovered so far , the attack appears to be less like the work of regular hackers and more along the lines of sophisticated state or state-backed actors