As a managed IT service provider it is important to us to make sure to stay in know about the latest cyber security breaches. Every few weeks we like to share our findings with you here on our blog. Please take a peek below to learn more about some of the most recent cyber attacks here and around the world.
Microsoft (United States)
Technology Conglomerate
The Hack: Unsecured Database
Quick Summary: “In a rare security blunder, Microsoft failed to secure a backend server for Bing. The server is estimated to have leaked more than 6.5TB of log files containing 13 billion records originating from the Bing search engine. The leak included the server exposed technical details, such as search queries, details about the user’s system (device, OS, browser, etc.), geo-location details (where available), and various tokens, hashes, and coupon codes.” -Kevin Lancaster
Read More Here >> Microsoft secures backend server that leaked Bing data
Shopify (Canada)
e -Commerce Platform
The Hack: Malicious Insider
Quick Summary: “The data of customers for an estimated 200 merchants on Shopify was exposed in an insider incident at the e-commerce giant. Two employees who were working a scheme to steal transaction data are to blame. The data exposed includes client details like email, name, and street address, as well as order details, but does not involve complete payment card numbers or financial information. The company hosts over one million businesses across more than 175 countries on its platform.” -Kevin Lancaster
Read More Here >> Shopify says customer data likely exposed as employees accessed records
University Hospital New Jersey (United States)
Healthcare Provider
The Hack: Unauthorized Systems Access
Quick Summary: “The SunCrypt ransomware operation has leaked data allegedly stolen from University Hospital New Jersey (UHNJ) in a ransomware attack. The attackers have leaked 1.6 GB ff the 240 GB of data containing over 48,000 documents. The documents contain patient information release authorization forms, copies of driving licenses, Social Security Numbers (SSNs), date of birth (DOB), and records about the Board of Directors.” -Kevin Lancaster
Read More Here >> University Hospital New Jersey hit by SunCrypt ransomware, data leaked
Public Health Wales (Wales)
Government Agency
The Hack: Accidental Data Exposure
Quick Summary: “Personal data concerning 18,105 residents of Wales who tested positive for COVID-19 was uploaded by mistake to a public server and spent 20 hours online in August, Public Health Wales said on Monday. The agency says that for the majority of cases, 16,179 people, the information consisted of initials, dates of birth, geographical area, and sex. For 1,926 people living in nursing homes and supported housing, the information also included the names of the homes.” -Kevin Lancaster
Read More Here >> Wales says personal data of 18,000 COVID patients accidentally published
Staples (United States)
Office Supply Retailer
The Hack: Ransomware
Quick Summary: “Staples has notified some customers of a cybersecurity incident that occurred earlier this month around 9/02 and consisted of unauthorized access to a system. Little information is available, but the event. The letter notes that “a limited amount” of order data for customers of Staples.com was obtained, and may contain names, addresses, email addresses, phone numbers, last four credit card digits, details about the order (delivery, cost, product), and other non-sensitive information.” -Kevin Lancaster
Read More Here >> Staples discloses data breach exposing customer info
University of Tasmania (Australia)
Institution of Higher Learning
The Hack: Accidental Data Exposure
Quick Summary: “That classic human error is to blame for the accidental exposure of students’ personal data to faculty members at the University of Tasmania. In a security bungle, the personal information of 19,900 students was made public through a misconfigured Microsoft Office365 SharePoint site that was accessible to anyone with a utas.edu.au email address.”
-Kevin Lancaster
Read More Here >> University of Tasmania students’ personal information exposed in email bungle
To learn more about how to keep your company safe and secure, click here to explore our San Diego IT Services & IT Security plans that are offered by SDTEK.
