Amazon’s Secret Algorithm Generates $1B+ Profits Through Price Manipulation

In September, the FTC and 17 states filed an antitrust lawsuit against Amazon. Recently revealed details claim that Amazon deployed a secret algorithm called “Project Nessie.” This algorithm allegedly raised prices on its online store and influenced market prices, taking advantage of other retailers who adjusted their prices to match Amazon’s.

Amazon is accused by the FTC of toggling Project Nessie on and off to evade scrutiny. The algorithm generated significant profits for Amazon despite causing a decrease in unit sales. In 2015, it resulted in reduced gross sales revenue but increased profits by $363 million. In 2018, Project Nessie was estimated to have boosted annual profits by $334 million.

The FTC accused Amazon of mandating Prime sellers to utilize its logistics services, preventing them from choosing cheaper alternatives or platforms that serve multiple customers. According to the FTC, an unnamed Amazon executive in charge of global fulfillment recognized that allowing Prime sellers to operate independently weakened Amazon’s competitive advantage by promoting self-warehousing.

Read: https://www.zerohedge.com/political/amazon-earned-more-1-billion-through-secret-price-raising-algorithm-ftc

Ontario Hospitals Report Data Theft and Online Publication After Cyberattack

Half a dozen Ontario hospitals and healthcare institutions confirmed that data stolen in a ransomware attack has been published online. The hospitals issued a statement on Thursday acknowledging the publication of data connected to the cyber incident. They are currently reviewing the contents of the data and collaborating with cybersecurity experts to investigate the extent of the impacted information.

The ransomware attack affected the operations of the facilities, resulting in the compromise of patient, employee, and professional staff data. As of Thursday, it remains unclear which specific data was published and where it was published. The hospitals stated in a joint statement that individuals whose data was affected will be notified, and they are actively collaborating with law enforcement agencies such as local police, OPP, Interpol, and the FBI.

Cyber attacks on healthcare facilities are rising, with criminals locking systems and demanding payment or threatening data publication. Michael Garron Hospital’s recent data security incident is unrelated to the ransomware attack on other hospitals.

Read: https://www.cp24.com/news/five-ontario-hospitals-say-data-stolen-in-cyberattack-has-been-published-online-1.6628587

Optus Outage Leaves Millions Without Service, Cause Still Unknown

In a major disruption that left millions of Australians without mobile and internet service, Optus, the country’s second-largest provider, experienced a significant outage. The incident affected almost half the country’s population, causing transport delays, cutting hospital phone lines, and downing payment systems. The cause of the outage is unclear, but Optus stated there is no evidence of a cyber-attack.

The outage also affected other providers that use the Optus network, including Amaysim, Aussie Broadband, Moose Mobile, and more. The incident left people across the country unable to call emergency services and critical helpline numbers and temporarily crippled train services in the state of Victoria. Optus CEO Kelly Bayer Rosmarin said her team had not yet identified what went wrong.

The company has been criticized for not clearly communicating with customers and businesses amidst the outage. Australia’s Communications Minister, Michelle Rowland, called for the company to be transparent and timely in their updates to customers. Ms. Bayer Rosmarin has apologized for the outage and said the company will provide updates throughout the day.

Read: https://www.bbc.com/news/world-australia-67340901

LinkedIn Faces Another Major Data Leak, Over 35 Million Users Affected

In a significant data breach, a hacker operating under the alias USDoD leaked a LinkedIn database containing the personal information of over 35 million users on the cybercrime and hacker platform Breach Forums. The hacker confirmed that the LinkedIn database was obtained through web scraping, an automated process used by software to extract data from websites. The database primarily contains publicly available information from LinkedIn profiles, including full names and profile bios. It also contains millions of email addresses but no passwords.

The leaked data includes email addresses belonging to high-ranking US government officials and institutions, as well as various government agencies worldwide. The incident has raised serious concerns about data privacy and security on social media platforms. It underscores the need for companies to invest in robust security measures to protect user data. It also highlights the importance of users being aware of the information they share online and taking steps to protect their own data.

This is not the first time LinkedIn’s scrapped database has been leaked online. In April 2021, a threat actor was selling 2 scraped LinkedIn databases with 500 million and 827 million records. In June 2021, a hacker sold a scraped LinkedIn database containing data of 700 million users. These incidents highlight the ongoing challenges that social media platforms face in protecting user data.

Read: https://www.hackread.com/hacker-leaks-scraped-linkedin-user-records/

Major Data Breach Exposes Customer Information at Singapore’s Marina Bay Sands

Singapore’s Marina Bay Sands, a prominent luxury complex, has disclosed a security breach that compromised the personal data of 665,000 customers. The incident, as stated by the resort, took place on October 19-20 and involved unauthorized access by a third party to the loyalty program membership data of non-casino customers.

In a public statement, the resort assured, “To date, there is no evidence of the unauthorized third party misusing the data to harm customers.” The casino rewards program, Sands Rewards Club, reportedly remained unaffected. The resort promptly responded to the incident, taking measures to address it and collaborating with a prominent external cybersecurity firm to reinforce system security and safeguard data. They have reported the breach to relevant authorities in Singapore and other applicable countries and are actively cooperating in the investigation.

Shortly after the cyberattacks on prominent US resort groups MGM International and Caesars Entertainment, another incident emerged. This time, it involves a hacking collective called Scatter Spider (also known as Octo Tempest, 0ktapus, UNC3944). The group, allegedly comprised of teenagers from English-speaking nations, is affiliated with ALPHV/BlackCat.

Read: https://www.infosecurity-magazine.com/news/data-breach-singapores-marina-bay/

Elsewhere online: 

Seiko Data Breach: Ransomware Attack Exposes Personal Info
Read: https://www.cpomagazine.com/cyber-security/seiko-confirms-data-breach-resulted-from-a-ransomware-attack/

Ransomware Chief Identified After Excessive Dark Web Activity
Read: https://www.darkreading.com/threat-intelligence/ransomware-mastermind-uncovered-oversharing-dark-web

Boeing Acknowledges LockBit Ransomware Attack, Braces for Possible Data Leak
Read: https://www.cpomagazine.com/cyber-security/boeing-confirms-cyber-attack-after-lockbit-ransomware-threatened-to-leak-data/

Azure Automation Hit by Undetectable Crypto Mining, Researchers Reveal
Read: https://thehackernews.com/2023/11/researchers-uncover-undetectable-crypto.html

New Ransomware Access Techniques on the Rise, Warns FBI
Read: https://www.infosecurity-magazine.com/news/fbi-ransomware-initial-access/

Previously on #AxisOfEasy