News Heading - 1

Marina Bay Sands’ Security Breach Affects 665,000 Customers

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer

Singapore’s Marina Bay Sands (MBS), a luxury resort and casino, disclosed in a public notice that personal data of 665K customers was exposed in a security incident.

According to the integrated luxury resort, the incident discovered on October 20, had an unauthorized third-party gain access to information belonging to members of the Sands LifeStyle loyalty program.

‘’Marina Bay Sands became aware of a data security incident on 20 October 2023 involving unauthorized third-party access on 19 and 20 October 2023 to some of our customers’ loyalty programme membership data,’’ the statement read .

The leaked personal data included members’ name, email address, phone numbers, country of residence, membership numbers and tiers. However, based on its investigation, the company said that it did not find any evidence that the attackers had misused the data to harm the customers.

Nevertheless, this type of information can be used for various targeted scams, including phishing attacks.

Based on its investigation, MBS went on to say that casino members, who are part of the Sands Rewards Club, were not impacted by this incident.

In addition to an investigation, the company also engaged a third-party cybersecurity firm to gain further understanding of the attack and related damages. It has also deployed additional security measures to strengthen its system and protect data.

It further stated that Sands LifeStyle loyalty program members who had their data exposed in this breach, would be notified individually of this incident. The incident was also reported to the relevant authorities in Singapore and other countries where applicable.

This incident comes close on the heels of another major hacking incident of the famous MGM Resorts International and Caesars Entertainment in September 2023. The financially motivated attack is said to be carried out by the notorious ransomware group Scattered Spider (also known as UNC3944), believed to be a subgroup of ALPHV/ BlackCat gang.

News Heading - 2

Okta’s October Support System Breach Impacted 134 Customers

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer

Okta, identity and access management solution provider, revealed last week that the security breach of October had affected 134 of its customers. Amongst them, 5 later suffered session hijacking attacks, due to stolen session tokens.

In the said post, the company revealed that between September 28, to October 17, 2023, an unknown attacker had gained access to files inside its customer support system. ‘’Some of these files were HAR files that contained session tokens which could in turn be used for session hijacking attacks,’’ the post revealed .

‘’The threat actor was able to use these session tokens to hijack the legitimate Okta sessions of 5 customers, 3 of whom have shared their own response to this event״, CSO David Bradbury explained.

The 3 Okta customers that had reported suspicious activity to it include 1Password, BeyondTrust, and Cloudflare. After being notified, Okta launched an investigation which revealed that service account credentials stored in the system itself, was leveraged to view and update customer support cases.

“During our investigation into suspicious use of this account, Okta Security identified that an employee had signed-in to their personal Google profile on the Chrome browser of their Okta-managed laptop,” Bradbury stated. ‘’The username and password of the service account had been saved into the employee’s personal Google account,’’ he continued.

Although details were not shared about how the service account credentials were stolen by the threat actor, the company believes that either the employee’s personal device or Google account was compromised.

Since the incident, Okta has taken various remediation measures, including:

Disabling the compromised service account in the support system. Blocking the use of personal Google profiles with Google Chrome on Okta-managed devices. Enhancing customer support system monitoring by implementing additional detection and monitoring rules. The company has also introduced session token binding based on network location to prevent the risk of session token theft.