Social Security number

Data Breach at Zomato

May 20th, 2017

Zomato is the restaurant search portal which has more than 120 million users per month. The team of the company recently found that approximately 17 million user IDs, names, user names, email addresses and hashed passwords were unauthorizedly accessed.

”We hash passwords with a one-way hashing algorithm, with multiple hashing iterations and individual salt per password,” the company stated. “This means your password cannot be easily converted back to plain text. We however strongly advise you to change your pasword for any other services where you are using the same password.”

Zomato mentioned that the passwords of the affected accounts have been reset. Also, the database which contained payment information was not affected. It also mentioned that the hacker has agreed to stop sale of the data.

“The marketplace link which was being used to sell the data on the dark Web is no longer available,” the company said.

Hacker wanted company to start bug bounty program which got positive response. Hacker also gave information the way of hacking a present Zomato database. It will be made public when loopholes are closed.

“Having said that, we are going to be cautious and paranoid, as this is a sensitive matter,” the company added. “6.6 million users had password hashed in the ‘leaked’ data, which can be theoretically decrypted using brute force algorithms. We will be reaching out to these users to get them to update their password on all services where they might have used the same password.”

Breach harms the brands

Ponemon Institute study recently conducted survey on the brand impact of a data breach. It shows that breach causes decline in stock value.

The survey sponsored by Centrify mentioned that 31 percent of users stop using the services and products provided by company who gets affected by data breach. Sixty five percent said that they lost trust in company. Eight one percent mentioned that organizations should take reasonable steps to secure personal data.

Forty five percent of IT practitioners present in the survey mentioned that they don’t believe brand protection is taken seriously in the C-suite.

“It is no longer just an IT problem — it must be elevated to the C-suite and boardroom because it requires a holistic and strategic approach to protecting the whole organization,” Centrify CEO Tom Kemp said.

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organizations laptops and computers.

US Hit Hard by WannaCry Ransomware

May 18th, 2017

A Department of Homeland Security official mentioned that WannaCry ransomware campaigns affected some U.S. critical infrastructure operators. It also mentioned that there are no victims in U.S. federal government.

Dragos CEO Robert M. Lee mentioned that his company is “aware of infections that occurred in the industrial control system community and had impact,” including small utilities and manufacturing sites in the United States — though he said “no one’s been hurt and no safety was at risk.”

PAS Global CEO Eddie Habibi mentioned that companies that depend on industrial control systems (ICS) are put on high alert.

“In a corporate IT network, cyber security professionals have the option of isolating traffic or entire systems if they are compromised,” Habibi said. “Personnel can also apply patches in real time with confidence that patching will not impact system performance.”

“Those systems may have primary responsibility for controlling volative processes or ensuring worker and environmental safety,” Habibi said. “System uptime is paramount.”

“Real-time patches are also no-nos within a facility’s network,” Habibi added. “First, any Microsoft patch must have ICS vendor approval before application. Even with approval, patching typically occurs during maintenance windows and turnarounds when systems are offline — something that may occur only once or twice per year.”

Patches can’t be applied if there are chances of process disruption.

“In these cases, asset owners may place additional security controls in front of the unpatched system to mitigate risk,” Habibi said. “This assumes that there is a closed-loop, enterprise-wide patch management process in place that can evaluate the steps required to mitigate risk; many companies are missing this capability.”

Microsoft has released patches for security but it is not enough for limited ability work force of critical infrastructure.

“As we watch WannaCry continue to proliferate and see new variants spring up, the risk to industrial process facilities remains high,” he said.

Langner founder and CEO Ralph Langner mentioned that the abled attacker could hit industrial targets and force a production halt. “We haven’t seen that on a large scale yet, but I predict it’s coming, with ransom demands in the six and seven digits,” he said.

____________________________________________________________________________________________

The Alertsec service protects everything stored on the computer such as Word, PowerPoint, Excel, Outlook, Gmail, Photos, Credit Card data files etc.

Seventy four countries hit with WannaCry ransomware

May 14th, 2017

Kaspersky researchers mentioned that tens of thousands of computers are infected in 74 countries worldwide by WannaCry ransomware.

“It’s important to note that our visibility may be limited and incomplete and the range of targets and victims is likely much, much higher,” the researchers mentioned.

MalwareTech has published live map for the area affected in the world.

“Russia, Ukraine and Taiwan leading,” Avast researcher Jakub Kroustek tweeted on Friday. “This is huge.”

Major company affected included FedEx, the Spanish phone company Telefonica, the Russian mobile phone operator MegaFon, and the UK’s National Health Service (NHS).

“This attack was not specifically targeted at the NHS and is affecting organizations from across a range of sectors.” NHS mentioned.

Joshua Douglas, chief strategy officer at Raytheon Foreground Security mentioned that the target was vital services like healthcare.

“Organizations are beginning to fully appreciate their exposure to risk, whether from negligent or malicious insiders, the growing attack surface are represented by the Internet of Things, or from the growing number of sophisticated attackers,” Douglas said.

“Healthcare, an industry with mountains of sensitive personal data and lives at stake, should consider security measures that take into account network users in addition to outside threats,” Douglas added. “When dealing with ransomware, advance security protections, basic cyber hygiene, tested disaster recovery plans and employee training are critical to protecting data.”

The attack has devastating impact on the services and systems.

“This is the first time that a worm-link tool has been used in conjunction with ransomware that has created devastating impact against entire organizations,” Fidelis Cybersecurity threat research manager John Bambenek said by email. “Strong and swift patching would have helped mitigate this threat. It has undoubtedly captured the imagination of criminals who don’t want to hold individual machines ransom but to take entire organizations hostage, and surely we will see much more of this in the coming weeks.”

“The fact that a vulnerability developed by the NSA was used in this attack shows the dangers that can happen when this knowledge gets out into the wild even after a patch has been developed,” Bambenek added. “Intelligence agencies will always be developing zero-days, but unlike traditional weapons, these tools can be repurposed quickly for devastating criminal attacks.”

“The intelligence community should develop strong procedures that when such tools leak, they immediately give relevant information to software developers and security vendors so protections can be developed before attacks are seen in the wild,” Bambenek said.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements.

Privacy and Security for Americans

May 12th, 2017

A Recent survey conducted by AnchorFree shows that more than eighty percent of Americans are worried about online privacy and security as compared to previous year.

The bill is passed which allowed companies to collect personal data without permission through ISPs. Ninety-five percent of respondents are concerned about this bill. More than fifty percent people are looking to increase their security for personal data.

The survey also shows that more than 70 percent are employing more ways to protect their data as compared to previous year.

“Our survey finds that the majority of consumers are concerned in the aftermath of the Federal Communications Commission’s rollback of Internet privacy protections,” AnchorFree founder and CEO David Gorodyansky said in a statement.

“As more connected devices emerge and threats to Internet freedom persist, it’s imperative for Americans to learn about online privacy protection options and take personal responsibility for safeguarding their health, wealth and family,” Gorodyansky added. “They otherwise risk the misuse of this data by hackers and third party companies.”

Another survey by TeleSign survey shows that thirty-one percent of consumers have their online life worth of $100,000 or more. Fifty percent believe that businesses are primarily responsible for security.

“Companies make plenty of money with the time and money we invest in them and they should do the same to protect our accounts and personal identity,” one survey respondent said.

A survey conducted by Lawless Research shows that 51 percent faced data breach in the previous year. Forty-two percent suffered financial loss. One-third of the respondents stopped doing business with that companies.

Almost 61 percent changed their password after it was compromised. Seventy percent said that they use reused passwords.

Another survey conducted by EyeVerify mentioned that eighty-six percent believes that biometrics makes logging in apps easier. Also, seventy percent believe mobile apps are more secure with biometrics authentication.

“Most people use some form of biometrics every day, but they want more opportunities to use it to make their lives easier and more secure,” EyeVerify CEO and founder Toby Rush said in a statement.

 ___________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by CheckPoint and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Stolen laptop leads to data breach

May 2nd, 2017

Lifespan Corporation recently suffered a possible data breach due to stolen laptop. The device belongs to Lifespan employee. An individual broke into employee’s car and stole laptop along with other items. The employee immediately reported the incident to law enforcement & Lifespan.

As per the website, “Lifespan, Rhode Island’s first health system, was founded in 1994 by Rhode Island Hospital and The Miriam Hospital. A comprehensive, integrated, academic health system affiliated with The Warren Alpert Medical School of Brown University, Lifespan’s present partners also include Rhode Island Hospital’s paediatric division, Hasbro Children’s Hospital; Bradley Hospital; Newport Hospital; and Gateway Healthcare. “

To reduce unauthorized access to the laptop, Rhode Island health organization changed the login credentials for accessing Lifespan system information. Facility found out the stolen MacBook was not encrypted. Password protection was also not present on the system.

The laptop included information of 20,431 patients. Affected information included emails containing patient names, medical record numbers, and demographic information. Lifespan has started notifying the affected patients. Call centre is also established to answer the queries.

Facility mentioned that there is no suggestion or information of data misuse. Also, patient medical records or Social Security numbers were not included in the breach.

Facility is retraining the employees to avoid such incidents in future.

“Lifespan is committed to protecting the security and confidentiality of our patients’ information, and we deeply regret this incident occurred.”

How can you protect data when the laptop is stolen?

Encryption

 Encryption can play a major role in securing your data in case of stolen laptop.

Authentication

Biometrics and two-factor authentication (2FA) increases the security level of your device.

Email security

Your email contains a lot of sensitive information. Emails are auto-opened in the system due to stored password. Remember password or use alternative methods to open email accounts.
Find My Device

Activate Find My Device software on your laptop. It will help you to track the laptop.

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Data breach trends in 2016

April 5th, 2017

As per the IBM report, data breach increased 566 percent in 2016 from 600 million to more than 4 billion. The report also mentioned that healthcare in no longer the most attacked sector. Most of the attack was carried out on financial services industry.

In 2016, 12 million records were affected in healthcare. In previous year, the breach was 100 million records which counts to eighty eight percent drop. IBM surveyed 8000 security clients in 100 countries.

IBM Security Vice President of Threat Intelligence Caleb Barlow mentioned that the cyber attacks was carried out with innovative techniques.

“While the volume of records compromised last year reached historic highs, we see this shift to unstructured data as a seminal moment,” Barlow said in a statement. “The value of structured data to cyber-criminals is beginning to wane as the supply outstrips the demand. Unstructured data is big-game hunting for hackers and we expect to see them monetize it this year in new ways.”

IBM mentioned that for ransomware attacks, 70 percent of the companies paid more that $10,000 to regain the access to data. According to the FBI, cyber-criminals were paid $209 million in first three months of 2016.

Ransomware attacks are on the rise with 400 percent increase. In the coming time healthcare will do many reforms which includes increase in internet of things (IoT) technology. This will increase the attacks.

“Retail and financial services have battened down their hatches,” IDC Health Insights Research President Lynne Dunbrack told HealthITSecurity.com in a 2016 interview. “Now the cyber criminals might still be nipping at those heels, but they are looking at other targets, healthcare being one of them.”

CynergisTek Vice President Dan Berger mentioned that attacks against healthcare are carried out with sophistication.

“The dramatic increase in hacking attacks in 2016, coupled with the large number of patient records compromised in those incidents, points to a pressing need for providers to take a much more proactive and comprehensive approach to protecting their information assets in 2017 and beyond,” Berger stated.

___________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Insider security breach at KY

April 2nd, 2017

Kentucky-based Med Center Health mentioned that a former employee accessed certain patient billing information without permission. As per the reports, facility found out that on two instances the person “obtained certain billing information by creating the appearance that they needed the information to carry out their job duties for Med Center Health.”

“The evidence we have gathered to date suggests that the former employee intended to use these records to assist in the development of a computer-based tool for an outside business interest which had never been disclosed to Med Center Health officials,” Med Center Health explained in its letter, signed by CEO Connie Smith.

Person accessed the data and copied it on encrypted CD and encrypted USB drive. Facility mentioned that the data is not related to work responsibilities of the employee. Affected information included Social Security numbers, health insurance information, diagnoses and procedure codes, and charges for medical services. Patients medical records were not copied.

Patients who were treated at The Medical Center Bowling Green, The Medical Center Scottsville, The Medical Center Franklin, Commonwealth Regional Specialty Hospital, Cal Turner Rehab and Specialty Care and Medical Center EMS between 2011 and 2014 got impacted.

Law enforcement asked the facility to delay its data breach notification process.

“We sincerely apologize for any concern and inconvenience this incident may cause you,” the letter read. “We continue to review the incident and to take steps aimed at preventing similar actions in the future. Those actions include re-enforcing education with our staff regarding our strict policies and procedures in maintaining the confidentiality of patient information.”

Facility did not mention the number of individuals affected. It has established a dedicated call center to answer patients’ queries.

As per the statement, “We are offering credit monitoring and identity protection services to eligible patients and enrollment instructions are contained in the letters sent to the patients. We also recommend that you review the explanation of benefits that you receive from your health insurer. If you see services that you did not receive, please contact your health insurer immediately.”

___________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by CheckPoint and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Data breach at UNC

March 31st, 2017

University of North Carolina Health Care recently suffered data breach. It is notifying patients of a potential data breach at two UNC Health Care obstetric clinics. The incident involved PHI of 1,300 prenatal patients. The data was transmitted to local county health departments inadvertently.

Data breach involved patients who completed Pregnancy Home Risk Screening Forms at their clinical visits between April 2014 and February 2017 at the Women’s Clinic at N.C. Women’s Hospital and UNC Maternal-Fetal Medicine at Rex.

“If you completed a Pregnancy Home Risk Screening Form, it may have included information about you, such as demographic information (like your name and address), your race and ethnicity, your Social Security number, information about your physical and mental health, sexually transmitted diseases, your HIV status, smoking, drug and alcohol use, and medical diagnosis information related to your pregnancy and any prior pregnancies,” UNC Health Care said in the notification letter.

UNC Health Care after the incident set up a call center. It has also changed/modified its process for submitting patient pregnancy forms. The new provision will ensure eligible patients forms for Medicaid are sent to county health departments. Staff is trained to handle new procedure.

UNC has also asked all county health departments to delete the electronic health information on non-Medicaid patients from their systems.

As per the statement:

“UNC Health Care is committed to providing its patients with superior health care services and takes very seriously its obligation to protect the privacy of patients’ medical information. While UNC Health Care does not believe that any of the patients will be at financial risk as a result of the release any of this information to county health departments, UNC Health Care included in the letters a number of options available to patients for monitoring and reviewing their credit reports and has offered fraud resolution services for any patient who suffers from identity theft as a result of this incident, free of charge.”

___________________________________________________________________________________

Alertsec is powered by Check Point Endpoint Security products, which are positioned in the leaders quadrant in Gartner’s Magic Quadrant for Mobile Data Protection.

iCloud hacking incident

March 27th, 2017

“Turkish Crime Family”, the group of hacker is threatening to reset millions of iCloud accounts and delete all data from iPhones if ransom of $75,000 in crypto currency or $100,000 in iTunes gift cards is not paid.

Apple mentioned that its systems are not hacked.

“There have not been any breaches in any of Apple’s systems including iCloud and Apple ID,” the company mentioned. “The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.”

“To protect against these types of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication,” the company added.

As per the reports, passwords and email addresses matched to data from the linkedin breach that was disclosed last year.

John Bambenek, threat systems manager at Fidelis Cybersecurity, said the threat ultimately sounds like a stunt. “There are always people who make unfounded threats to organizations in the hope of an easy payday — in this case, the hackers want $100,000 in iTunes gift cards,” he said.

“Companies must take due diligence but assess the adversary before paying to see if the threat is real,” Bambenek added. “As in the physical world, the odds are that paying a ransom, especially in a public manner, means the threats only increase.”

Still, Lamar Bailey, director of security research and development for Tripwire mentioned that iPhones can be wiped remotely if hacker posses the data.

“The hackers cannot remove backups for Apple devices from the cloud, but changing the passwords will make it hard for the legitimate users to reset and recover their devices,” Bailey said.

In recent survey of 1001 iPhone users, forty seven percent said that they are not comfortable in storing sensitive data in icloud.

“The worst thing in the world would be if someone thought they backed something up, deleted it, and found that it wasn’t on the cloud,” Network Remedy business development manager Aaron Mangal told Clutch.

___________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by CheckPoint and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Data breach at JobLink

March 25th, 2017

America’s JobLink (AJL) recently suffered data breach due to hacking incident. It works with state governments to help job seekers with necessary information across the United States. As per the reports, hacker viewed the personal information of job seekers across 10 states.

Affected information includes the names, Social Security numbers and birthdates of job seekers in Alabama, Arizona, Arkansas, Delaware, Idaho, Illinois, Kansas, Maine, Oklahoma and Vermont. The incident has affected 4.8 million accounts.

After creating a new account hacker exploited a vulnerability  to access data. Company is working with law enforcement. It has also contracted a forensic firm to determine the extent of breach.

“The firm has verified that the method of the hacker’s attack has been remediated and is no longer a threat to the AJLA-TS system,” AJL mentioned.

Lisa Baergen, director of marketing at NuData Security said that whenever personally identifiable information (PII)  is involved, the stolen data can be cross-referenced with data from other breaches to present an even greater threat.

“As a society, we’ve reached the point where every organization entrusted with PII should be constantly testing and hardening its external and internal defenses, and embracing more proactive, effective levels of defense such as consumer behavior analytics solutions, which can constantly validate legitimate users — even when the stolen but accurate credentials are presented,” Baergen said. “That would be the best way to help prevent the sorts of deceitful transactions and identify theft that otherwise may lie ahead for these unfortunate JobLink victims.”

The recent surveys can be summarised as below. It shows the vulnerabilities present in the organizations:

  • Sixty nine percent of respondents mentioned that some of their organization’s existing security solutions are outdated
  • Ponemon Institute survey which was sponsored by Citrix mentioned that just 32 percent of respondents are confident that their employees’ devices are not providing criminals with access to their corporate networks and data
  • Forty eight percent of respondents said their organization has security policies
  • Thirty seven percent of respondents said their organization is highly effective in protecting sensitive data

___________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.