
Are war clouds looming over India-Pakistan border?
Section: Politics
An IT company based in Lübeck has been implicated in a series of ongoing data breaches following a ransomware attack that occurred last year. Despite the incident, vulnerabilities within the company remain unresolved.
The firm, known as Melting Mind, received a notification from the Federal Office for Information Security (BSI) in April 2024, indicating potential data leaks from their systems. This information is still accessible on the company's official website.
According to reports, the hacker group APT73 announced a breach of Melting Mind's servers, threatening to sell the stolen data. The company's owner disclosed that a ransom of EUR50,000 was demanded in Bitcoin. An agreement was reached to pay EUR3,000, after which the firm alerted its clients to secure their data. However, the reports suggest that both the ransom and the customer data were ultimately lost.
Despite making the payment, the stolen data was subsequently published on a leak site in the dark web, packaged in a ZIP file.
Furthermore, a vulnerability search engine called Leakix has revealed that data leaks from Melting Mind are still prevalent. At the time of this report, the search engine returned numerous results related to the company's domain, indicating the presence of sensitive files accessible on the web.
Leakix functions similarly to well-known search engines like Shodan, scanning publicly accessible websites for system files, including .DS_Store files that contain directory metadata. In many instances, employees may inadvertently expose these files on web servers, allowing unauthorized access to critical information.
Among the findings were .git folders, which can enable individuals to download entire website source codes from exposed repositories. This could include plaintext database credentials or indicate that passwords are hashed using only MD5 with a salt--an insecure practice.
Alarmingly, access credentials available on Melting Mind's website provided entry to an SQL database containing around 17,000 customer records, including over 3,000 bank account details. Reports suggest that this sensitive information has been publicly accessible since at least 2022.
In response to inquiries, a representative from Melting Mind stated that the firm is currently assessing the extent of the breach and investigating its source. They assured that protective measures would be implemented promptly. Additionally, they plan to report the incident to relevant authorities within the required timeframes.
As of now, the Schleswig-Holstein Data Protection Officer, Dr. h.c. Marit Hansen, has not commented on these developments.
Section: Politics
Section: News
Section: Politics
Section: Health Insurance
Section: Health
Section: Health
Section: Politics
Section: News
Section: Business
Section: Science
Health Insurance in Germany is compulsory and sometimes complicated, not to mention expensive. As an expat, you are required to navigate this landscape within weeks of arriving, so check our FAQ on PKV. For our guide on resources and access to agents who can give you a competitive quote, try our PKV Cost comparison tool.
Germany is famous for its medical expertise and extensive number of hospitals and clinics. See this comprehensive directory of hospitals and clinics across the country, complete with links to their websites, addresses, contact info, and specializations/services.
Join us for an exciting evening of jazz at the EMMAUSKIRCHE on Sunday, May 25, 2025, from 19:00 to 20:30. Experience fresh sounds from the talented young jazz quintet led by Anton Sigling from Harlaching. This group features award-winning musicians from the Federal Competition 'Jugend jazzt' and...
No comments yet. Be the first to comment!