Data Security

The latest on data breaches and cybersecurity and data security by Adam K Levin.

Holiday scam
The holidays are the most wonderful time of the year, especially for scammers. Consumers are typically spending more, doing it quickly and not paying as much attention to who they’re buying it from because of the rush. With the COVID-19 pandemic, many shoppers will make the bulk of their purchases online, which means this year’s Black Friday and Cyber Monday...
Social Security Number
California’s Employment Development Department (EDD) has sent out communications that contain the Social Security numbers of at least 38 million state residents since the beginning of the Covid-19 pandemic, according to a recent audit.  The EDD’s practice of mailing documents that include the full Social Security numbers of their intended recipients greatly elevates the risk of identity theft, according to...
Capcom ransomware
Capcom Co., Ltd., the Japanese video game company known for Street Fighter and Resident Evil, has confirmed the compromise of personally identifiable information (PII) associated with over 350,000 customers, business partners, and employees of the gaming giant. The data was exfiltrated in a ransomware attack.  In a press release, Capcom announced that it was successfully breached in “a customized ransomware...
black friday scams
The holiday season is the most wonderful time of the year for scammers. And like everything else in 2020, these next few weeks promise to be a disaster. With this in mind, all eyes should be on Black Friday. According to Adobe Analytics’ recent holiday forecast, online sales are projected to surge 33% year over year to a record $189...
contact tracing
As Covid-19 rise across the country, public health officials are starting to ramp up contact tracing efforts.  Among other issues, tracking the spread of the disease has been stymied by widespread confusion and misinformation about what kind of data is being collected, and by whom.  Misconceptions about Covid-19 tracking have yielded fertile ground for scammers, who have used phone calls, text...
Mashable
The personal information of technology and culture website Mashable.com users has been discovered in a leaked database online. Mashable announced the leak late November 8, in an announcement on its website. “e learned that a hacker known for targeting websites and apps had posted a copy of a Mashable database to the internet.The types of data in the database included first...
Healthcare facilities
Healthcare facilities are under an increased threat of cyberattack, according to the FBI. In a joint cybersecurity advisory with the Cybersecurity and Infrastructure Agency (CISA) and the Department of Health and Human Services (HHS), the FBI warned of an “increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” While there are currently several strains of malware actively targeting healthcare...
RDP Login
Network access to over 7,000 organizations in the U.S., Canada, and Australia is allegedly available for auction on Russian hacking forums. An unidentified hacker is advertising an archive of remote desktop protocol (RDP) credentials to several thousand organizations with bids starting at 25 bitcoins (roughly $390,000).  “I sell everything at once, without samples, convenient access via rdp to each network,” states...
Maze Ransomware
The infamous Maze ransomware gang has announced they will cease operations, effective immediately.  On November 1, the hacking group behind several high profile ransomware attacks in 2020 issued a rambling press release, riddled with spelling errors, on the dark web announcing, “it is officially closed.” “All the links to out project, using of our brand, our work methods should be...
google employee
An immigration law firm confirmed a data breach that may have compromised the personal information of current and former Google employees. Fragomen, Del Rey, Bernsen & Loewy, a New-York based law firm specializing in work permit and work authorization services that has contacted an undisclosed number of Google employees informing them of the breach. “We recently became aware of suspicious activity...