Weekly Cybersecurity Recap April 28
Table of Contents
- By Steven
- Apr 28, 2023
Another week has gone by, and significant data breaches have occurred in real estate, government, legal associations, and healthcare systems. Major agencies and organizations like the Consumer Financial Protection Bureau and the American Bar Association, as well as large companies like Shield's Healthcare Group, Point32Health, and Kimco Realty, were hit by serious breaches. Consumer data is being put at risk on a daily basis, and if you had data stored by any of the agencies or companies mentioned in this recap, you should take immediate action to protect yourself.
Consumer Financial Protection Bureau
The Consumer Financial Protection Bureau is a government agency that's responsible for protecting American consumers from predatory financial practices. The agency suffered a data breach in March 2023, and during that time, details for more than 256,000 consumers were put at risk by an agency employee. That employee sent many emails to their personal email account containing credit scores, bank account numbers, income amounts, demographic information, and more. This is a huge scandal for the organization and a real security vulnerability for American consumers.
American Bar Association
The American Bar Association is one of the largest networks of legal professionals in the world today, and this huge organization suffered from a data breach that uncovered login credentials for 1.4 million legacy members of the association. The legacy data servers for the association were hacked into on March 6, 2023, and all the username and password credentials contained were taken. These credentials were encrypted and salted, but it is still possible for the data to be deciphered with enough time.
Shield's Healthcare Group
Shield's Healthcare Group is a major medical company that helps provide technological services to hospitals, private medical providers, and other medical facilities in the United States. This company suffered a data breach on March 7 through March 21, 2023, and during those several weeks, patient data stored on company servers were exposed. Mostly medical data was available because of this breach, and things like diagnosis information, medical record numbers, insurance numbers, and some personal information were made available in the breach.
On April 23, 2023, Point32Health released a statement about how it was hit by a ransomware attack. The company was making updates to secure its network and protect its users, but a large number of users had already lost their private information to this data attack. During this attack, users had their Social Security numbers exposed, along with medical and personal information. Points32Health is a healthcare company that works with organizations like Tufts, Harvard, and Integra Partners to manage their healthcare services. Impacted victims are at serious risk of being taken advantage of by hackers, and they should take action to protect themselves as soon as possible.
Kimco Realty Corporation
Soon after acquiring Weingarten Realty, a similar real estate company, Kimco Realty, was hit by a data breach that only impacted the Weingarten file servers. This breach occurred on February 8, 2023, and resulted in the loss of substantial consumer data, including Social Security numbers, driver's license numbers, names, addresses, and more. The attack is a serious issue that makes the Kimco Realty Corporation look vulnerable.