VPNs might not always protect one’s privacy. Recently, 25 million free VPN user records were leaked by BeanVPN. In other news, an unprotected Elasticsearch server of StoreHub, a POS software system, exposed almost 1 million customers’ data. Meanwhile, the healthcare industry has become increasingly volatile with cybercriminals targeting the segment, and some of the recent victims were Comstar and Baptist Health System who reported cyberattacks. Let’s find out what transpired in cyberspace in the last 24 hours!

1. BeanVPN, a free VPN software provider, reportedly left about 20GB of connection logs accessible to the public. Out of which, the cache of 18.5GB connection logs allegedly contained over 25 million records, including user device and Play Service IDs, IP addresses, connection timestamps, and more.

2. A major data leak affected the Malaysian software company StoreHub, exposing data stored on its Elasticsearch server that was left open without any password protection or encryption. The server potentially compromised the data of thousands of retail stores and restaurants, along with their staff and about 1 million customers.

3. Comstar, a U.S. ambulance billing service, potentially exposed sensitive information belonging to medical patients in a data breach. The information includes names, dates of birth, data regarding medical assessment and medication administration, health insurance information, drivers’ licenses, financial account information, and SSNs.

4. Security researchers at Akamai discovered Panchan, a new Golang-based P2P botnet, targeting Linux servers in the education sector since March 2022. The botnet uses basic SSH dictionary attack to implement wormable behavior and harvests SSH keys for lateral movement.

5. Researchers at F5 Labs discovered a new Android malware, dubbed MaliBot. The information-stealing trojan was spotted targeting online banking and cryptocurrency wallet users in Italy and Spain.

6. Baptist Medical Center and Resolute Health Hospital, both a part of Baptist Health System, Texas, reported a cybersecurity incident due to a potentially unauthorized activity that infected certain systems within their network with malicious code. The health system immediately suspended user access to impacted IT applications and executed extensive protection protocols to restrict unauthorized activity.

7. Under First Light 2022, an international law enforcement operation led by INTERPOL, with the assistance of the police in 76 countries, has seized $50 million and arrested thousands of people involved in social engineering crimes worldwide. It involved telephone deception, BEC scams, romance scams, and money laundering.

8. Shoprite Group, a large supermarket chain serving multiple countries across southern Africa suffered a ransomware attack by the group RansomHouse. The data compromise may have affected some customers who engaged in money transfers to and within Eswatini, Namibia, and Zambia.

9. A new study from Digital Shadows revealed that about 24 billion credentials are available on the dark web, an increase of 65% in just two years. Even after removing duplicates, 6.7 billion unique credentials were found, an increase of 34% in two years.

10. According to an RSM US and U.S. Chamber of Commerce report, 72% of middle-market companies expect to experience a cyberattack in 2022, a sharp rise from 64% last year.