Missing Google Drive files, arrest over drop-card operations on Garantex, and other cybersecurity events

Here are the week’s most important cybersecurity headlines.

Files disappeared for some Google Drive users

Since last week, complaints have appeared on Google support forums about recently saved files and folders disappearing from Google Drive. This was reported by BFMTV.

According to those affected, the cloud service rolled back to its state from April–May 2023.

The issue was noticed by users in the United Kingdom, South Korea, and the United States. It affected both files uploaded via the web interface and those synced from the app.

However, no changes were detected in the activity logs of affected accounts.

Support said they are looking into the problem.

As of writing, the original post with complaints on the Google forum had been removed.

ChatGPT forced to reveal personal data of real people

A group of researchers conducted an attack on ChatGPT 3.5, forcing it to reveal training data, including personal information of real people.

Researchers proposed for the chatbot to endlessly repeat certain words, such as the word poem, and as a result achieved a malfunction in the AI. In the stream of meaningless generated text, whole chunks of training data appeared.

In particular, they contained scientific papers, template texts from websites, and personal data of dozens of real people. The researchers confirmed the authenticity of the obtained data.

OpenAI has yet to comment on the report.

The son of the former deputy governor of the Leningrad region detained on suspicion of illicit drop-card operations on Garantex

On November 27, the Frunzensky District Court of Saint Petersburg ordered the detention of three people suspected of illicit handling of payment instruments on the Garantex crypto exchange, according to local media.

Among the defendants is the 21-year-old Nikita Kondrashov, the eldest son of the head of the Lomonosovsky District administration, and former deputy governor of the Leningrad region, Aleksei Kondrashov.

According to investigators, the suspects used other people’s bank cards in their operations allegedly to bypass transfer limits. The real cardholders were paid for this.

The Kondrashov defence says that only one card is involved in the case, for which there was a power of attorney.

Nevertheless, information about the suspicious activity was reported to the police by a bank. The criminal case was opened in September.

Sources in the economic police noted that the case could set a precedent in the fight against grey money movements.

LockBit ransomware attacked India’s National Aerospace Laboratory

The LockBit group claimed responsibility for the cyberattack on India’s National Aerospace Laboratories (NAL). Hackers demand a ransom, threatening to leak stolen data, writes Techcrunch.

As proof, the attackers published eight files belonging to NAL, including confidential letters, a employee’s passport and other internal documents.

As of this writing, the organization’s website was down.

Texas faces water-supply disruption due to a cyberattack

About 2 million residents of Texas faced water-supply issues following a cyberattack on their water district, the North Texas Municipal Water District NTMWD.

The incident affected corporate networks and communications systems. However, authorities said they were able to restore operations promptly. They added the incident did not affect the production process.

The attack group Daixin Team claimed responsibility, alleging the theft of more than 33,000 files containing customer information.

#Daixin has listed the North Texas Municipal Water District. pic.twitter.com/pWX4bqR1Sm

— Brett Callow (@BrettCallow) November 28, 2023

NTMWD, comprising more than 850 employees, is responsible for water supply, wastewater treatment and solid waste management in 13 cities across the state.

Earlier, the Pennsylvania Water Authority faced a similar incident. The Cyber group Cyber Av3ngers took down key systems, forcing the use of backup power to ensure water supply.

Ukrainian hackers breached Russia’s Ministry of Labour and Social Protection website

The hacking group Blackjack, along with the Security Service of Ukraine SBU breached the Moscow ministry’s site.

They gained access to more than 50 TB of information, including statistics on the conduct of the “SVO”, personal data of military personnel, files on the number of prostheses and briefing materials to the Russian president.

A separate data set concerns the temporarily occupied Kherson and Zaporizhzhia regions and their current “leadership”.

After downloading, hackers deleted the information from the ministry’s servers.

Also on ForkLog:

• Bitcoin industry lost in November $343 mln, with the three largest breaches tied to associated with Justin Sun platforms.
• Hacked KyberSwap warned of fake compensations, and the hacker demanded full control over the project.
• In Russia, the number of suspicious operations with cryptocurrencies doubled.
• A Kazakh citizen was suspected of illegal P2P trading.
• Bitcoin mixer Sinbad.io was sanctioned by the US after servers were seized.
• In Ukraine, authorities uncovered hackers with earnings exceeding $82 million.
• Media reports of an investigation into the crypto platform Hounax.
• A person who paid a $3.1 million fee for a Bitcoin transaction reported a hack attack.
• Reuters: terrorist groups moved to Tron instead of Bitcoin.
• An expert urged Lightning Network developers to wake up and fix errors.
• The phishing service Inferno Drainer announced its closure.

What to read this weekend?

A look at the new Russian solution for analyzing Bitcoin transactions “InChain”.