The average American has had their personal data stolen or exposed at least 4 times in 2019, according to new research published by Interest Research.
- The finance vertical is suffering from a 238% increase in cyberattacks during COVID- 19 pandemic according to research published by VMware Carbon Black Security.
- Nebraska Medical Center of Omaha, NE notified 1311 patients that their PHI was exposed after an employee illegally accessed
- Sophos Security reports following on ransomware:
o $1.4 million is average total cost of ransomware attack for companies that pay the ransom
o $732,000 is average total cost of ransomware attack for companies that pay the ransom
- Diane Dove was arrested by Las Vegas police after she was found trying to traffic stolen medical records from an un-named cancer center.
- Star Tribune newspaper of Minneapolis, MN notified an unknown number of subscribers that their info may have been exposed after breach.
- Management and Network Services for Healthcare of Dublin, Ohio notified more than 30,000 patients that their PHI was exposed after email phishing attack.
- North Shore Pain Management of Massachusetts notified an unknown number of patients that their PHI was exposed after ransomware attack.
- Monrovia School District of California notified an unknown number of students that their info was exposed after hacking incident.
- Healthcare Resource Group of Spokane Valley, WA notified an unknown number of patients that their PHI may have been exposed after email phishing attack.
- Orleans Community Health of Medina, New York notified an unknown number of patients that their PHI may have been exposed after email phishing attack.
- Aries Software of Orange, CA notified an unknown number of education vertical customers that their info was exposed after breach.
- Solara Medical Supplies of Chula Vista, CA is being sued for breach that exposed PHI of 110,000 patients and employees.
- Magellan Health, headquartered in Phoenix, AZ, notified an unknown number of patients that their PHI was exposed after ransomware attack.
- Wright County government of Minnesota is notifying an unknown number of residents that their info was exposed after email phishing attack.
- Palm Beach County School District of Florida notified an unknown number of students that their info was exposed after student hacked into system.
- Hepaco LLC, headquartered in Charlotte, NC notified an unknown number of customers that their info may have been exposed after an email phishing attack.
- Grubman Shire Meiselas & Sacks Law Firm, headquartered in New York City, was hit by ransomware, and the hackers are threatening to publish the personal info on their celebrity clients including:
o Gaga, Elton John, Robert DeNiro, Madonna, AC/DC, Barbara Streisand, Bette
Midler, KISS, U1, Maroon 5, John Mellencamp, Rod Stewart, Ricky Martin,
Shania Twain, The Weeknd, Lil Wayne, David Letterman, LeBron James,
Carmelo Anthony, Sloane Stephens, Colin Kaepernick, etc.
- Ashtabula County Medical Center of Ohio notified an unknown number of patients that their PHI was exposed after an employee inadvertently exposed info on public website.
- Gilead Corp. of San Francisco, CA notified an unknown number of patients that their info was recently targeted by hackers in Iran.
- The State of Texas Court System notified an unknown number of citizens that their info may have been exposed after ransomware attack.
- Pitney Bowes announced it was hit by ransomware attack for second time in past 7 months, and notified customers that their info may have been exposed again.
- Diebold Nixdorf of Canton, OH notified an unknown number of its customers (makes ATM machines) that their info may have been exposed after ransomware attack.
- Stadler Rail of Salt Lake City, UT notified an unknown number of customers that their info may have been exposed after ransomware attack.
- DigitalOcean of New York City, NY notified an unknown number of customers of its cloud infrastructure services that their info may have been exposed after it was inadvertently made available on public website.
- Lurie Children’s Hospital of Chicago, IL was hit by multiple lawsuits after it announced a breach of PHI caused by illegal access of the data by former employees.
- Lincoln Hospital of New York City, NY notified an unknown number of patients that their PHI may have been exposed after an ER nurse illegally took video footage inside the facility.
- Parkview Health System of Fort Wayne, IN was sued by former patient after employee illegally accessed her PHI.
- Microsoft and Intel announced a new solution that will convert malware into images which allows the software to analyze for textural and structural patterns, called STAMINA.
- ShinyHunters, a hacker group, claims to have info on 73 million people from 11 different US companies, and is selling it on Dark Web.
- Dutch researchers report that hackers have developed Thunderspy, a way to hack into computers through their Thunderbolt technology
o Thunderbolt is an I/O technology that supports high-resolution displays and high-
performance data devices through a single, compact port
o is a hardware interface that allows for the connection of external peripherals to a PC
- Oracle reported security vulnerabilities with its iPlanet Web Servers and has issued patches.
- IBM announced that hackers are embedding a Trojan into emails that claim to have info on COVID-19 relief payments.
- PaperlessPay Corp, headquartered in Jacksonville, FL, reported that recent breach exposed may have impacted customers from:
o Marshall Medical Center of Placerville, CA
o Community Memorial Health System of Ventura, CA
o Orlando Utilities Commission of FL
o MP Environmental Services of Phoenix, AZ
o Fareway Stores, with locations across Midwest
o Lee Auto Malls of Maine
o Spencer Municipal Hospital of Spencer, IA
o City of Fort Lauderdale, FL
- Ellis Pinksy of New York has been sued for allegedly leading a hacking group that stole $71 million in cryptocurrency from Transform Group.
- Max Kersten, a security researcher, reports that he has confirmed more than 1,200 retail websites that contain malware designed to skim victims' credit card information
o 1236 domains were confirmed to be infected with a notorious type of credit card skimming malware called MageCart
o previously affected major online sites like Ticketmaster and is capable of logging credit card information entered into online forms
- Cognizant, a managed IT services provider, stated that the fallout from a recent security ransomware attack has cost the company between $50-$70 million in lost revenue.
- The U.S. Marshalls Service notified 387,000 prisoners that their info was exposed after hacking incident
- Federal officials report of three new types of malware that have been unleashed by the North Korean government:
o Copperhedge – remote access Trojan (RAT)
o Taintedscribe – malware implant Trojan
o Pebbledash – malware implant Trojan
- McAfee Corp. is reporting that hackers have increased their attacks on Remote Desktop Protocol by 300% as more office workers are working from home during pandemic.
- Devices using Android operating system have a new threat from Mandrake
spyware, according to report from ZDNET
o providing those behind it with total control of the device, while also
remaining completely hidden from the user
o abuses legitimate Android functions to help gain access to everything on
the compromised device in attacks that can gather almost any information
about the user
o attacker can browse and collect all data on the device, steal account
credentials for accounts including banking applications. secretly take
recordings of activity on the screen, track the GPS location of the user and
more, all while continuously covering their tracks.