Data Breaches

logsign

What is a Data Breach and How It Can Be Cured? (Part 1)

In the age of the digital world, cyber threats and vulnerabilities have gained the attention of security leaders as well as countries across the globe. The issue of cyber warfare is no longer limited to organizations. Rather, even state-sponsored cyber-attacks are being organized and launched against enemy states.

tripwire

MGM Resorts hacked: 10.6 million guests have their personal data exposed on hacking forum

Over 10 million people who have stayed at MGM Resorts hotels – including Twitter boss Jack Dorsey and pop idol Justin Bieber – have had their personal details posted online by hackers. The security breach, publicised by ZDNet and security researcher Under the Breach, saw the records of 10,683,188 former guests – including names, postal addresses, phone numbers, dates of birth, and email addresses – made available in an online data dump.

nnt

Medical Devices Introduce Major Bluekeep Vulnerability to HCOs

According to CyberMDX, medical devices pose a serious threat to healthcare organizations (HCOs) and are twice as likely as general network devices to be vulnerable to Bluekeep. The 2020 Healthcare Security Vision Report found that thirty percent of US healthcare organizations have experienced a cyber-attack over the last 12 months. These breaches reportedly cost an average of $6.45 million - a figure sixty-five percent higher than that of the cross-industry average.

api fortress

Twitter Exposes the Phone Numbers of 17 Million Accounts

How State-sponsored Actors May Have Exploited Twitter’s Public Endpoint In our continued push to help companies with APIs realize that 95% of API vulnerabilities are due to human error and not “hacks,” this week, we dive into an issue that Twitter found last December, but is only now reporting. The Twitter API vulnerability is particularly interesting because it didn’t involve a breach.

nnt

Wawa Breach: 30 Million Credit Card Details for Sale Online

Hackers are selling the payment card details of more than 30 million Americans and over 1 million foreigners on Joker's Stash, the internets largest payment card forum. This card dump which occurred on Monday was advertised as "BIGBADABOOM-III", but Gemini Advisory found that the card details traced back to Wawa, an East Coast convenience store chain.

nnt

Regus Sales Staff Data Leaked via Third Party

Detailed information about the job performance of more than 900 Regus employees was accidentally published online after the co-working space provider conducted a review of its sales staff. Regus owner IWG commissioned the mystery shopping business, Applause, to audit its sales staff through covert filming using "spy pens" fitted with miniature cameras.

nnt

Breach Update: Equifax Settles Class-Action Lawsuit for $380.5 Million

A Georgia court granted final approval for a settlement involving Equifax in a class-action lawsuit following the massive 2017 data breach. This week an Atlanta federal judge ruled this week that Equifax will pay $380.5 million to settle lawsuits relating to the 2017 data breach.

nnt

Minnesota-Based Hospital Suffers Data Breach

Alomere Health, a Minnesota-based hospital operator, has begun notifying patients of a data breach that impacts more than 49,351 patients. On October 31, 2019, a malicious attacker gained unauthorized access to an employee email account, then hijacked a second account days later on November 6. The details were recently published on the health providers' website.

tripwire

Waco water bill attack just the latest in a wave of Click2Gov breaches

The City of Waco has warned residents that their online payments for water services may have been intercepted by hackers who stole credit card details. The heart of the problem lies in the third-party online payment software that Waco and several other cities and municipalities use to let residents pay their bills, pay parking fines, as well as make other financial transactions.