Cybersecurity news provided by NetworkTigers on Monday, 28 June 2021.
SAN MATEO, CA — Report finds most people are unaware their data has been stolen, security expert reveals simple ATM hack, Microsoft discovers new breach during SolarWinds probe, Western Digital network storage drives hacked and erased, West Virginia unemployment agency breached, in wake of data breach Scripps Health facing lawsuits, Mississippi hospital breached last year, Iowa eye clinic hit with ransomware attack, poorly trained staff contributed to hundreds of data breaches in local U.K. governments, defense contractors in the crosshairs of hackers, Georgia hospitals continue to feel effects of cyberattack, Montana hospital breached.
Report finds most people are unaware their data has been stolen
Research at the University of Michigan School of Information has revealed that almost 75% of people who have had their data accessed in breaches over the past decade are not aware that their sensitive information has been released online. According to the report, most data breaches never reach the news, and the lack of sufficient rules with regard to reporting hacks is not robust enough to allow those affected to take proper measures once their information has been leaked. Read more.
Security expert reveals simple ATM hack
Josep Rodriguez of IOActive has revealed a vulnerability within ATMs that allows someone to easily access bank information and withdraw cash. The hack he developed uses NFC technology to imitate the manner in which a credit card communicates with the ATM. Rodriguez created the hack to alert banks to the security flaws in their ATM machines, and also says that he warned them a year ago that such an intrusion was possible. Read more.
Microsoft discovers new breach during SolarWinds probe
Microsoft has reported a breach that it discovered as it continued its research into the hack of SolarWinds. The company’s statement says that a Nation-State associated hacker gained access to one of their customer support tools and had access to their Microsoft Services subscription information, which included billing information. Microsoft has not disclosed whether the breach occurred through a third party or not, and has advised those affected to change their login credentials. Read more.
Western Digital network storage drives hacked and erased
Users of Western Digital’s MyBook network storage drives are being told to disconnect them from the internet after it has been discovered that hackers have been remotely deleting their contents using nothing but the internet address of a targeted device. The affected devices are old, having been discontinued in 2014, and are no longer supported by Western Digital with firmware updates. Read More.
West Virginia unemployment agency breached
WorkForce West Virgian took its systems offline after suffering a security incident on April 13th. The agency has not yet disclosed how its data was accessed or how many users may be affected, but has reached out to those who had their data exposed. The agency also said that it appears that the information was not downloaded or changed. Across the country, unemployment fraud and identity theft due to breaches in unemployment databases have been running rampant as the pandemic has left many people out of work. Read more.
In wake of data breach Scripps Health facing lawsuits
Patients affected by a ransomware attack against Scripps Health that has resulted in a now weeks-long shutdown of certain services, are now suing the company for failing to adequately protect their sensitive, personal information from hackers. The individuals allege that Scripps did not fulfill its duty to securely and responsibly store patient data. The lawsuits claims that Scripps could have done more to keep data out of reach, and also could have deleted outdated information that was no longer relevant to their services. Read more.
Mississippi hospital breached last year
The Mississippi Center for Advanced Medicine has announced that it was the victim of a cyberattack in December of last year. The affected server is said to have possibly contained information pertaining to patient health information. The center’s statement says that the data potentially exposed contains names, email addresses, phone numbers, home addresses, dates of birth, Social Security numbers, information to process insurance claims, prescription information such as prescription number, prescribing doctor, medication names and dates, and medical history. Read more.
Iowa eye clinic hit with ransomware attack
Iowa-based Wolfe Eye Clinic was hit with a ransomware attack earlier this year that may have resulted in the theft of 500,000 patient files. Ther attack is said to have taken place in February, with the hackers demanding a ransom to unlock Wolfe Eye Clinic’s systems. The clinic has stated that it refused to pay the ransom, and is planning to notify those affected in the breach. Read more.
Poorly trained staff contributed to hundreds of data breaches in local U.K. governments
It has been reported that over 700 U.K. councils reported cyberattacks and data breaches last year, with one in particular reporting 29 just in 2020 alone. The data shows that the largest councils were affected more frequently. Many of these incidents are reported to be the result of staff error. 40% of councils spent no money on staff training with regard to cybersecurity practices last year, and almost half of them don’t employ anyone with security qualifications. Read more.
Defense contractors in the crosshairs of hackers
Cybersecurity analysts and researchers are sounding the alarm regarding defense contractors and their vulnerability when it comes to being hacked. Small and medium contractors are under the microscope as its’ becoming clear that their inadequate cybersecurity protocols make them ideal stepping stones for hackers probing for ways to access the data of larger, high profile government and defense agencies. Read more.
Hack of ParkMobile app being felt in Tulsa, OK
ParkMobile, an app widely used in urban areas to pay for parking, was hacked some months ago. The effects of the app’s compromise are still being felt in cities across the country, with many users still uninformed about the fact that their personal information such as license plate numbers, email addresses, phone numbers, and mailing addresses have been accessed. Many users of the app are experiencing an influx of spam phone calls. Tulsa, Oklahoma, is one of many cities that used the app. Read more.
Georgia hospitals continue to feel effects of cyberattack
A ransomware attack that was carried out against Savannah, Georgia’s largest healthcare system last week continues to affect patients and doctors at hospitals within the network. Workers had to resort to paper records as computers were locked down. Staff and doctors were quick to make statements regarding the dangers of such an attack on a healthcare facility in which critically ill patients end up being forced to wait for lab results and records that could make the difference between life and death. Read more.
Montana hospital breached
The information of more than 500 patients was stolen in a data breach in the fall of 2020, according to a statement from Montana’s San Juan Regional Medical Center. Critical information such as account numbers, medical data, Social Security numbers, driver’s license numbers, financial account numbers, medical record numbers, and more were reportedly taken. The hospital has reached out to those affected and has said that at this point there has not been any misuse of the data. Read more.
More cybersecurity news
Read more cybersecurity news and articles brought to you by NetworkTigers.
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses and individuals globally. www.networktigers.com
Mike Syiek, CEO
1029 S. Claremont Ave
San Mateo, CA 94402