Archive for July, 2017

PasteBin data dump: Hackers claim files are from Mandiant FireEye ‘breach’

Hackers have leaked what they claim is information stolen from FireEye/Mandiant after apparently breaking into the incident response biz’s network. Mandiant has denied this.

The miscreants, who branded their attack campaign “Op #LeakTheAnalyst,” claimed in a preface to their PasteBin dump that they had “breached [Mandiant’s] infrastructure” and alleged that Mandiant’s internal networks and its clients’ data had been compromised.

However, there is no hard evidence of any significant compromise. It appears Op #LeakTheAnalyst is the result of mischief-makers breaking into a Mandiant staffer’s social media accounts and leaking some of the contents.

Ido Naor, a researcher at Kaspersky Lab, commented: “Only one workstation seems to be infected during ‪#leakTheAnalyst‬. Dump does not show any damage to core assets of ‪Mandiant‬.”

Researcher Hanan Natan‏ agreed: “The current ‪#leakTheAnalyst‬ dump doesn’t contain any [proof] that they compromised the ‪Mandiant‬ networks.‬”

In response, FireEye put out a preliminary statement blaming the whole thing on a social media leak.

We are aware of reports that a Mandiant employee’s social media accounts were compromised. We immediately began investigating this situation, and took steps to limit further exposure. Our investigation continues, but thus far, we have found no evidence FireEye or Mandiant systems were compromised.

®

Sponsored:
The Joy and Pain of Buying IT – Have Your Say

Article source: https://www.theregister.co.uk/2017/07/31/mandiant_fireeye_leak/

,

No Comments

Spoiler alert: Hackers steal HBO data, apparent ‘Game of Thrones’ script

<!– –>




Khal Drogo who speaks Dothraki, with Daenerys Targaryen from Game of Thrones.


Hackers have published the alleged script of next week’s “Game of Thrones” episode after breaching HBO’s systems, Entertainment Weekly reports.

HBO’s hugely popular “Game of Thrones” started its seventh season earlier this month. Hackers reportedly published what is supposedly the script for the season’s fourth episode, which is scheduled to air Sunday, Aug. 6.

Upcoming episodes of “Ballers” and “Room 104” have also been published, with more said to be coming soon, Entertainment Weekly reports. Hackers reportedly claimed to have obtained 1.5 terabytes of HBO’s data.

In a statement, HBO acknowledged it suffered a data breach, though it did not specify exactly what information was compromised.

“HBO recently experienced a cyber incident, which resulted in the compromise of proprietary information,” the company said in a statement to CNBC. “We immediately began investigating the incident and are working with law enforcement and outside cybersecurity firms. Data protection is a top priority at HBO, and we take seriously our responsibility to protect the data we hold.”

In an email to employees, HBO CEO Richard Plepler said some of the stolen material included some of HBO’s programming, though he did not identify which programming.

“Any intrusion of this nature is obviously disruptive, unsettling, and disturbing for all of us,” he wrote.

In the email, Plepler said the company’s efforts to protect its interests have been “nothing short of herculean.” He wrote he has “no doubt” HBO will successfully navigate its way through the incident, which is “unfortunately all too familiar” in today’s world.

Angelica LaVito

Playing

Share this video…

Watch Next…



Article source: https://www.cnbc.com/2017/07/31/hbo-data-hackers-game-of-thrones-episode-script.html

,

No Comments

Healthcare Execs Report Rise in Data Breaches and HIPAA Violations

IT executives, however, increasingly believe they are “completely ready” to withstand a cybersecurity attack on their healthcare system.

A survey of IT healthcare executives found that 47% have suffered a data breach or violation of the Health Insurance Portability and Accountability Act (HIPAA) at their organization this year, compared to 37% in 2015.

Even so, 35% of the 100 IT healthcare executives believe they are “completely ready” to offset a threat, compared to 16% in 2015, according to the KPMG 2017 Cyber Healthcare Life Sciences Survey released today.

Boards of directors, meanwhile, show a declining interest in cybersecurity, according to the survey. The report found 79% are putting cybersecurity as a board agenda item on the list at meetings, down from 87% in 2015. Healthcare companies are also spending less on cybersecurity, with 66% indicating they made investments in this area in the past 12 months – down from 88% in 2015.

“There needs to be a higher degree of vigilance among boards and executive suites as attacks become much more sophisticated, especially as doctors need to share information to improve quality and as connected medical devices and wearables proliferate,” KPMG’s Healthcare Advisory Leader Dion Sheidy says in a statement. “The WannaCry ransomware hack in May was a warning shot against our collective ability to protect patient safety and privacy.”

Read more about the survey here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: http://www.darkreading.com/threat-intelligence/healthcare-execs-report-rise-in-data-breaches-and-hipaa-violations/d/d-id/1329494

,

No Comments

Two Swedish officials resign over data breach fallout

Two senior Swedish government officials have resigned in response to a data breach stemming from the country’s Transport Agency.

Anders Ygeman, Sweden’s home affairs minister, and Anna Johansson, the infrastructure minister, had both resigned their posts due to the data breach and the scandal that followed, reported Politica.eu.

The data breach initially took place in 2015 when the Transport Agency, as part of an outsourcing agreement with IBM, mistakenly sent a trove of data to marketers in clear text and IBM workers who had not been cleared by Sweden’s security apparatus to view confidential information, the Financial Times reported.

The scandal began when the two now former officials discovered the problem, but instead of reporting the problem they asked IBM and others with access to simply delete the list. Sweden’s Prime Minister Stefan Löfven found out about the data breach in January and the FT said there are also calls for his ouster, but so far he has retained his position.

Article source: https://www.scmagazineuk.com/news/two-swedish-officials-resign-over-data-breach-fallout/article/678466/

,

No Comments

Anthem reports 18500 members involved in new data breach

Anthem

Anthem Health Insurance is once again reporting a data breach, this time 18,500 members had their records emailed to the private email address of a staffer at a third-party vendor.

The first indication that there was a problem came in April when Anthem’s insurance coordination firm LaunchPoint Ventures realized one of its employees was likely involved in identity theft activities, Anthem said in a release. On May 28 LaunchPoint discovered the worker had misused another company’s data as well as having emailed a file containing the Anthem membership records to his personal account on July 8, 2016.

LaunchPoint investigated the incident and on June 12 reported the email did contain Protected Health Information and two days later reported the case to Anthem.

“The personal information on the file primarily included Medicare ID numbers (HICN) which includes a Social Security number, Health Plan ID numbers (HCID), Medicare contract numbers, and dates of enrollment. A very limited number of last names and dates of birth were also included,” Anthem reported.

The members involved are now being contacted.

The LaunchPoint employee has since been fired and arrested, but on charges unrelated to this case, Anthem said.

In 2015 Anthem was involved in a massive hacking incident that saw 80 million customer records compromised. It recently agreed to pay $115 million to settle a class action suit centered on that incident.

Article source: https://www.scmagazine.com/data-breach/anthem-reports-18500-members-involved-in-new-data-breach/article/678483/

,

No Comments

Site reveals little known data breaches

photo

photo
Think you know if your information has been compromised in a data breach? You should double check.

– We hear all too frequently about big companies being hacked. But there are data breaches that you don’t hear about that can also impact you.

With the big breaches, particularly at big companies, there’s an announcement, an email, a letter, something that alerts you to take precautions. But, as you said, there are smaller breaches and you may not always hear about those.

So I asked around the newsroom, “Has your identity been breached lately, as far you know?” Well every time the answer was ‘no.’  But you can check. Did you know that?

Take a look at the website www.haveibeenpwned.com.  Put your email address username in there and it’ll take search little known data breaches for you.  

Here’s what we found in the newsroom. Good Day Atlanta’s executive producer put in an email address. And it came back, “Oh no. Pwned!” Her email address was part of two breaches. This was news to her.

“I had no idea,” Amy Oates said.

Next to her another GDA manager.  But good news.  No breeches.  We tried one more producer.  ‘Oh no,’ again! Breaches. A few of them.

Now you can also ask the site to notify you if your address comes up an data breaches it tracks.

Here’s  what you do if you get bad news.  Do something because research reveals that one in three data breach victims become fraud victims.

                                   TAKE ACTION

  • Change passwords connected to breach
  • If that password is used anywhere else, change it.
  • Check your credit report for anything odd.
  • Connect with credit reporting agencies.  Get a fraud alert attached to your account.

Article source: http://www.fox5atlanta.com/news/i-team/271044642-story

,

No Comments

Anthem reports data breach impacting 18500 members

Anthem has reported a data breach impacting more than 18,500 members after a business associate discovered a rogue employee improperly emailed member records. 

The breach was initially discovered in May by LaunchPoint Ventures, a third-party analytics company that provides insurance coordination services to Anthem, according to a media advisory released (PDF) by the insurance provider. After learning that one of its employees was involved in “identity theft-related activities” LaunchPoint discovered the employee emailed a file containing protected health information of Anthem members to his personal address.

LaunchPoint reported the incident to Anthem on June 14 and Anthem reported the breach the HHS Office for Civil Rights on July 24. LaunchPoint has terminated the employee, hired an investigator and is working with law enforcement.

RELATED: Anthem agrees to $115M settlement over 2015 data breach

Data show that insider threats still make up a large portion of data breach incidents and healthcare executives see employee security awareness and culture as their number one threat. At the same time, payer and providers favor funding for cybersecurity technology over staff hiring and training. 

The breach notification comes just over a month after Anthem agreed to pay $115 million to settle a class-action lawsuit over the 2015 data breach that exposed nearly 80 million member records. Part of the settlement, which is awaiting approval by a California district court judge requires the insurer to adhere to specific security practices and devote a certain amount of money to information security.

Article source: http://www.fiercehealthcare.com/privacy-security/anthem-business-associate-compromises-phi-for-18-500-members

,

No Comments

WestJet suffers data breach, customer information revealed | CTV …

WestJet announced they suffered an online breach and some of their customer’s personal information was disclosed.

The airline company said they have been working closely with Calgary Police and the RCMP cybercrime unit.

Credit card information was not compromised, WestJet said in a press release.

“The privacy and protection of our guests’ information is a matter we take very seriously and we have worked swiftly and aggressively to resolve this incident,” WestJet Executive Vice-President and Chief Information Officer said. “WestJet is in the process of contacting affected guests and we deeply regret any inconvenience this may cause.”

WestJet encourages WestJet Rewards members to update their passwords regularly.

Article source: http://edmonton.ctvnews.ca/westjet-suffers-data-breach-customer-information-revealed-1.3524717

,

No Comments

WestJet suffers data breach, customer information revealed

WestJet announced they suffered an online breach and some of their customer’s personal information was disclosed.

The airline company said they have been working closely with Calgary Police and the RCMP cybercrime unit.

Credit card information was not compromised, WestJet said in a press release.

“The privacy and protection of our guests’ information is a matter we take very seriously and we have worked swiftly and aggressively to resolve this incident,” WestJet Executive Vice-President and Chief Information Officer said. “WestJet is in the process of contacting affected guests and we deeply regret any inconvenience this may cause.”

WestJet encourages WestJet Rewards members to update their passwords regularly.

Article source: http://edmonton.ctvnews.ca/westjet-suffers-data-breach-customer-information-revealed-1.3524717

,

No Comments

Customer information released in WestJet data breach

WestJet says “it has become aware” that profile data for some of its WestJet Rewards program members was revealed online by what the company calls an unauthorized third party.

The disclosed data did not include credit card or banking information, WestJet said.

The company said it is working with the Calgary Police Service and the RCMP in their investigation of the privacy breach.

“WestJet is in the process of contacting affected guests and we deeply regret any inconvenience this may cause,” said Craig Maccubbin, WestJet Executive Vice-President and Chief Information Officer in a news release.

“It’s hard to say whether (the attack) was targeted,” said cyber-security expert and former Calgary police officer Kathy Macdonald.

She said the hackers might have been testing the security parameters of the WestJet network for another breach, or simply wanted the user info.

The company says it has notified the Information and Privacy Commissioner of Alberta and the federal Privacy Commissioner about the disclosure of personal information.

Macdonald said companies that gather identifying information are being targeted all the time, even if they don’t collect credit card details. She said WestJet should take this opportunity to look at their security and strengthen it.

Companies should dispose of data that is no longer needed, determine if they are collecting more information than they need and ensure proper protection for their most valuable information.

Events like these are becoming increasingly popular.

“A lot of the big organizations have been targeted, multiple times even — Target, Home Depot, Sony, the Hilton family, P.F. Chang’s, I mean the list just goes on and on,” said Macdonald.

She said e-mail is one of the most common attack vectors where hackers send well-crafted messages drawing people to click a link or send personal information.

Last month, personal details about patrons of Calgary’s Cowboys Casino were put online by hackers a year after a massive cyber attack. Information about customer payouts, tracking of gambling habits and the casino’s “elite members list” were among the leak.

In May, a High River charity called Rowan House thwarted an attempted hacking incident by abandoning their website.

In 2016, the University of Calgary paid a whopping $20,000 after a ransomware cyberattack took command of its computer systems. Similarly in November last year, Ottawa’s Carleton University became a victim to a similar attack and hackers demanded the school pay bitcoins in exchange for access to its computer networks.

For consumers, Macdonald said people should be selective to minimize as much risk as possible.

“These companies do protect as much as they can,” she said, but there is no full-proof protection available. “It’s like a lock on the door kind of thing. Nothing is 100 per cent.”

Article source: http://www.calgarysun.com/2017/07/29/customer-information-released-in-westjet-data-breach

,

No Comments