Category Archives: Personal Data

Cyber News Rundown: Medical Testing Service Data Breach

Reading Time: ~ 2 min.

Quest Diagnostics Customers Affected by Third-Party Breach

The medical testing organization Quest Diagnostics has fallen victim to a third-party data breach that could affect nearly 12 million of their patients. AMCA, a collections agency that works with Quest Diagnostics, noticed unauthorized access to their systems over an eight-month period from August of last year through March 2019. The majority of data targeted were Social Security Numbers and other financial documents, rather than patient’s health records. The market offers a premium for such data.

Adware Installed by Millions of Android Users

Until recently, there were over 230 apps on the Google Play store that had been compromised by a malicious plugin that forced out-of-app advertisements on unsuspecting victims. Globally, over 440 million individuals have installed at least one of these compromised applications and have been affected by overly-aggressive advertisements. While this SDK has been used legitimately for nearly a year, sometime during 2018 the plugin began performing increasingly malicious behaviors, until other developers caught on and began updating their own applications to remove the plugin. 

Chinese Database Exposes Millions of Records

A database belonging to FMC Consulting, a headhunting firm based in China, was recently found by researchers to be publicly available. Among the records are resumes and personally identifiable information for millions of individuals, as well as company data with thousands of recorded messages and emails. Unfortunately for anyone whose information is contained within this database, in the two weeks since being notified of the breach FMC has yet acknowledge the breach or take steps to secure it.

Restaurant Payment Systems Infected

Customer who’ve patronized either Checkers or Rally’s restaurants in recent months are being urged to monitor their credit cards after the chain announced that they discovered card stealing malware on their internal systems. While not all restaurant locations were affected, the company is still working to determine the extent of the compromised payment card systems and has offered credit monitoring services to customers.

University of Chicago Medicine Server Found Online

Researchers have found a server belonging to University of Chicago Medicine with personal information belonging to more than 1.6 million current and past donors. The data includes names, addresses, and even marital and financial information for each donor. Fortunately, the researcher was quick to inform the university of the unsecured ElasticSearch server and it was taken down within 48 hours.

The post Cyber News Rundown: Medical Testing Service Data Breach appeared first on Webroot Blog.

Cyber News Rundown: Popular News Site Breached

Reading Time: ~ 2 min.

News Site Suffers Data Breach

Flipboard, a news aggregation site, recently revealed that it’s been the victim of a data breach that could affect many of their more than 100 million active users. Digital tokens were among the compromised data, which could give the attackers further access to other sites, though Flipboard promptly removed or replaced them. At least two separate breaches have been reported by Flipboard, with one occurring in the middle of 2018 and the other in April of this year. Both allowed the attackers nearly unlimited access to databases containing a wealth of user data.

Keylogger Targets Multiple Industries

At least two separate campaigns have been found to be sending malicious emails to industry-leading companies in several different areas of business. Hidden within these emails are two variants of the HawkEye keylogger that perform various malicious activities beyond simply stealing keystrokes from the infected device. By acting as a loader, HawkEye can install additional malware and even contains a script to relaunch itself in case of a system reboot.

Australian Teen Hacks Apple

A teen from Australia was recently in court to plead guilty to two separate hacks on Apple, which he conducted in hopes of gaining a job with the company. While Apple has since confirmed that no internal or customer data was breached, they have chosen leniency after his lawyer made a case for the perpetrator being remorseful and not understanding the full impact of his crimes.

Fake Crypto-wallets Appear on App Store

Several fake cryptocurrency wallets have made their way into the Google Play store following the latest rise in the value of Bitcoin. Both wallets use some form of address scam, by which the user transfers currency into a seemingly new wallet address that was actually designed to siphon off any transferred currency. The second of the two wallets operated under the guise of being the “mobile” version of a well-known crypto-wallet. It was quickly identified as fake due to an inconsistent icon image. Both fake wallets were tied to the same domain and have since been removed from the store.

Ransomware Focuses on MySQL Servers

While the threat of GandCrab is not new, organizations discovered its persistent risk after researchers found it has been refocused on attacking MySQL servers. By specifically targeting the port used to connect to MySQL servers, port 3306, the attackers have had some success, since many admins allow port 3306 to bypass their internal firewalls to ensure connectivity. As GandCrab continues to narrow it’s attack scope, its remaining viable vectors are likely to be even more lucrative given that most organizations are not able to secure everything.

The post Cyber News Rundown: Popular News Site Breached appeared first on Webroot Blog.