Weekly Cybersecurity Recap October 28
Table of Contents
- By Steven
- Oct 28, 2022
Throughout 2022, we've seen thousands of data breaches, affecting a total well into the millions. This year, it seems like nothing is off-limits; if it has data, hackers are going after it. We've seen schools being hacked, hospitals losing the ability to serve their patients due to data encryption, and even government sites being taken offline after a breach. Why don't we look at this week's most prominent hacks and breaches?
Keystone Health is a healthcare system based out of Pennsylvania. The breach affected hundreds of thousands of patients. The breach was discovered by an employee who noticed the internal systems were glitching. The company immediately contacted law enforcement and a third-party security firm to investigate the extent of the breach. The accessed information included the victims' social security numbers, names, and specific medical data, and Keystone sent free credit monitoring to the affected individuals.
Lifespire Services Inc.
Lifespire Services is a company that helps build a better quality of life for individuals with disabilities and developmental delays. It's based out of New York City and has multiple locations throughout the city. The breach occurred between January 14th and February 8th, 2022, and included a significant amount of personal data on the victims. Names, phone numbers, addresses, social security numbers, birthdays, passport numbers, financial information, etc. The victims are at high risk of identity theft, assault, and even kidnapping, thanks to their extensive data leak. People with developmental delays usually try to spend their time enjoying life; they probably don't know what a phishing scam is or how to prevent being a victim of one. Seniors are also an easy target for hackers because of the stereotype of technological ineptitude.
Advocate Aurora Health
Advocate Aurora Health is a Midwestern healthcare service that employs over 70,000 people. The breach impacted every person that has used Advocate Aurora; there are over 3 million unique patients on record, many of whom are repeat patients with more data in the systems. The affected information involved names, IP addresses, and specific information that the victims shared with Advocate Aurora, among others. The investigation has not shown that any social security information or financial data was part of the breach.
Verizon is a telecommunications provider that sells its services across the world. The breach only affected around 250 people, which is substantially smaller than most of the violations that we've seen recently. The accessed information included the last four digits of the credit card tied to the pre-pay account. The hacker also accessed the victim's emails and began to spam them with phishing attempts.
New York Post
Unlike the other hacks we've noted, this breach included no personal information. Instead, this was a social media takeover by a New York Post employee. They hijacked The Post's Twitter account and its website, using it as a way to spread lies and vile comments that highlighted violence and sexual harassment, as well as death threats to politicians.