Recent Cyber Security Breaches: Health Quest, London Stock Exchange, Wyze and More

As a managed IT service provider it is important to us to make sure to stay in know about the latest cyber security breaches. Every few weeks we like to share our findings with you here on our blog. Please take a peek below to learn more about some of the most recent cyber attacks.

 

London Stock Exchange (United Kingdom)

Stock exchange for the city of London

The Hack: Cyber-attack

Quick Summary: “Authorities are reexamining an August outage at the London Stock Exchange that was initially attributed to a software glitch. The disruption prevented traders from buying or selling shares for more than 90 minutes, and impacted prices on two stock indexes. The incident could have been caused by hackers trying to destabilize markets for their own gain or even set the stage for a more nefarious scheme in the future. The lengthy time to identification reflects the difficulty that many companies have when identifying and addressing cyber threats.”

Read More Here >> UK government investigates possible cyberattack link to London Stock exchange outage

 

 

Health Quest (New York)

Network of hospitals and healthcare providers

The Hack: Phishing scam

Quick Summary: “Health Quest is updating its data breach announcement from an event that initially occurred in July 2018 when several employees fell for a phishing attack that compromised patients protected health information (PHI). In the attack, employees provided their email account credentials to hackers who used their information to access patient data.”

Read More Here >> Health Quest Begins Notifying Patients Affected By Phishing Incident

 

 

Fondren Orthopedic Group (Texas)

Orthopedic healthcare services provider

The Hack: Malware attack

Quick Summary: “A malware attack destroyed a number of the medical provider’s patient records. The incident was first discovered in November 2019, but IT administrators only recently identified the permanent damage to their digital records. As a result, patients have to complete new patient information forms that include detailed medical histories. Given the sensitive and incredibly important nature of this information, this attack could negatively impact patient care, and it will undoubtedly invite regulatory oversight.”

Read More Here >> 30,000 medical records damaged in malware attack at Texas provider

 

 

Royal Yachting Association (United Kingdom)

Boating organization

The Hack: Unauthorized database access

Quick Summary: “Hackers infiltrated the company’s network and downloaded a database containing customers’ personal information. The organization identified the breach on January 17th and hired cybersecurity specialists to investigate the event and secure customer data. To prevent unauthorized account access, the Royal Yachting Association reset all customer passwords. Although the database contains information from several years ago, there are still many ways that bad actors can deploy this information in additional cybercrimes.”

Read More Here >> 2015-member database floats off through breach in Royal Yachting Association’s hull

 

 

Contra Costa Library System (San Francisco Bay Area)

Library network

The Hack: Ransomware

Quick Summary: “A ransomware attack disabled the entire library network, impacting all 26 branches. While buildings remain open, patrons have to bring their library cards to a location to manually check out books. The incident will bring significant recovery costs to the library network, which just updated its systems in 2018. For an organization with limited resources, this attack can reduce their ability to meet customer needs and invest in future opportunities.”

Read More Here >> Bay Area Library System Suffers Ransomware Attack

 

 

Wyze (United States)

Low-budget home security company

The Hack: Unprotected database

Quick Summary: “A cybersecurity company identified an exposed database containing the personal details of millions of Wyze users. The breach, which has not been confirmed by Wyze, is an unforced error that could have serious and financial and reputational implications. Smart home technology is often targeted by hackers due to its sensitive nature, and many consumers are already unwilling to work with companies that cannot protect their personal data, especially when it impacts their peace of mind and security.”

Read More Here >> Report alleges massive Wyze data breach, but many questions remain

 

 

Rogers Communications (Canada)

Telecommunications company

The Hack: Intentional data exposure

Quick Summary: “Security researchers found sensitive data from Rogers Communications posted on two public GitHub accounts. The information included application source code, internal usernames, passwords, and the company’s private keys. The data was dumped on the website by a former employee. Although the company claims that the information is outdated and couldn’t lead to a data breach, other specialists note that it could provide cybercriminals with insights into the company’s IT infrastructure. At the very least, it’s a black mark on the company’s data privacy reputation, but that’s unlikely to be the only consequence the company faces.”

Read More Here >> Rogers’ internal passwords and source code found open on GitHub

 

 

Children’s Choice Pediatrics (United States)

Pediatric healthcare provider

The Hack: Ransomware

Quick Summary: “A ransomware attack encrypted patient data and exposed patient records to hackers. The attack, which was discovered on October 27, 2019, encrypted the healthcare provider’s entire network. When records were restored, the provider discovered that some were irretrievably deleted. In response, Children’s Choice Pediatrics is upgrading its cybersecurity protocols to ensure that they don’t give a foothold to future ransomware attacks. However, the opportunity cost, reputational damage, and recovery expenses will continue to weigh down the practice now and for the foreseeable future.”

Read More Here >> Children’s Choice Pediatrics Notifies Patients of Data Security Incident

 

To learn more about how to keep your company safe and secure, click here to explore our San Diego IT Services & IT Security plans that are offered by SDTEK.

Leave a Reply