[BreachExchange] Virginia National Guard suffers cyberattack as Marketo leaks data

[Sophia Kingsbury]

https://www.hackread.com/virginia-national-guard-cyberattack-marketo-data-leak/

Email accounts linked with Virginia National Guard were targeted in the
cyberattack.

According to details shared by the representative of the chief of public
affairs for the Virginia National Guard, A. A. Puryear, in July, email
accounts linked to the Virginia Department of Military Affairs, and the
Virginia Defense Force, were affected by a cyberattack.

Virginia National Guard suffers cyberattack as Marketo leaks data
Screenshot from the data leaked on Marketo marketplace

Puryear stated that the organization confirmed that a possible cyberattack
impacted it, and an investigation was immediately launched in collaboration
with the state and federal law enforcement and cybersecurity agencies.

No Indication of Data Breach

Puryear explained that the investigation would determine the extent of the
attack and revealed that a “contracted third party maintained the email
accounts.” However, the spokesperson confirmed that there is no indication
that “either VDF or DMA internal infrastructure or data servers were
breached or had data taken.”

He added that the Virginia Army National Guard or Virginia Air National
Guard IT infrastructure wasn’t impacted. However, the investigation will
clarify things regarding the threat’s impact and help them determine
feasible follow-up actions.

Previous Coverage

In late August, the Marketo Stolen Data Market disclosed a trove of data
stolen from the Virginia Department of Military Affairs and offered up to
1GB of data for sale. Experts opined that some data on this website was
obtained through ransomware attacks and was made public to blackmail the
victim to pay the ransom.

Was it a Ransomware Attack?

Speculations are rife that the Virginia National Guard departments were
targeted by ransomware however according to details shared by ZDNET,
Puryear has denied that the incident resulted from a ransomware attack.
Moreover, he didn’t clarify whether affected individuals have been notified
or which email addresses were accessed.

Nevertheless, Virginia Defense Force and Virginia Department of Military
Affairs officials are urged to change their passwords associated with their
email accounts and implement multi-factor authorization for all accounts,
specifically emails.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210914/782dac86/attachment.html>