U-Haul Data Breach and Mitel Devices Patched
Mitel Vulnerability Being Exploited
by Artie Kaye
A flaw with the Mitel product MiVoice Connect that has previously been patched is seeing increased exploitation. Unpatched instances of this product can be leveraged by bad actors to install ransomware and steal data. This vulnerability was patched in April of 2022, but as it was not an automatic update it requires manually addressing the problem. This is actively being exploited.
This flaw is listed as CVE-2022-29499.
Third-Party references:
Click the links below to learn more details. (Opens in a new tab/window.)
U-Haul Data Breach
by Artie Kaye
A breach of their systems occurred during late 2021 to early 2022. Customer contract data was the only information available to the breachers according to U-Haul’s statement. No credit card or payment information was compromised. Driver license and other identification data was accessible to the attackers though.
Third-Party references:
Click the links below to learn more details. (Opens in a new tab/window.)