Weekly Cybersecurity Recap December 9

The number of victims caused by the global MOVEit data breach continues to climb; Welltok has announced more exposures, this time from three more health organizations.

"Pan American Life Insurance Group Building - New Orleans" by Tony Webster is licensed under CC BY 2.0. Source: Flickr

East River Medical Imaging (ERMI) has three locations in New York City and Westchester County.  ERMI is a "multi-modality radiology center," including patient-centered solutions like MRIs, CTs, ultrasounds, imaging, radiology, fluoroscopy, and x-rays.

Line Messenger is a communication app that allows users to communicate for free by sending messages and making voice calls. Japan's mega-corporation, LY Corp.

In 2015, Family Dollar acquired its biggest competitor, Dollar Tree. Family Dollar is one-half of a consumer's dream; they offer low-priced goods for families in 8,200 locations nationwide.

This week, cybercriminals targeted health lifestyle members, patients, gamblers, and general consumers. Early on, Welltok returned to the news, this time with over 426k member data stolen by assailants; the organizations impacted by the breach were Premier Health and Graphic Packaging International.

Caesars Entertainment (CE) oversees 58 gaming properties across the continental states. Their locations include world destinations, nightlife activities, a comprehensive concierge, and an industry-leading approach to draw millions of gamblers weekly.

Zeroed-In Technologies offers curated human resource solutions and analytics to organizations. Among those who use their services are the City of Detroit, Dollar Tree, Family Dollar, and the U.S. Department of Defense.

Robeson Health Care Corporation (RHCC) is a healthcare network serving North Carolina residents. They offer behavioral, dental, general, and outreach services in nine locations across six counties.

Welltok operates an online wellness program various organizations use to encourage healthy lifestyles. They've been in our news frequently as the global MOVEit breach continues.

This week, the cybersecurity environment continued to be rocked by the global MOVEit data breach. Various Stanford Health groups had information taken in the MOVEit event, up to 1.6 million patient records.

NSC Technologies is a workforce management solution pairing perfect prospective candidates with companies desiring long-term employees.

Group 1001 is the parent company of Delaware Life, a long-term financial consultant for organizations. Delaware Life uses a third-party vendor, Pension Benefit Information (PBI), for analysis and research services.

AutoZone is a vehicle parts replacement provider and servicer. Hosting over 5,300 stores across North America alone, AutoZone is a recognizably local option for car owners stateside.

Based in Central New York, Systems East, Inc. , is a finance, billing, and payment solution for commercial software products.

Stanford Health Care Alliance encompasses children's hospitals, care plans, medicine partners, scholars, and the Stanford University faculty.

Breaches were rampant this week, impacting as many as 15 million individuals. The State of Maine announced that it bled 1.3 million resident records due to the global MOVEit vulnerability.

Perry Johnson & Associates (PJ&A) is a medical transcription service assisting providers like Cook County Health and Northwell Health.

Digital startup PostMeds Inc. , operating as TruePill, is an online pharmacy service based in California. The company allows patients to compare copay pricing, get status notifications on pill orders, and request refills.

McLaren Health Care is a network of 13 hospitals and three clinics serving the residents of north and central Michigan. They care for more than 732k lives by providing various services and network solutions, including a national cancer institute.

The City of Huber Heights is in east Ohio, north of Dayton. The suburban area has a population of around 50,000, but other populated areas are nearby.

In 2021, the average American spent over 8 hours on the internet daily. This screen time includes everything from streaming video, scrolling social media, and browsing the web.

The digital world is great, but for all it's helped the world, it's also opened businesses up to a massive number of threats.

Maine hosts over 1.3 million people within a granite and forest landscape. The state government employs under 100,000 individuals but does not contain fewer departments than more populous states like California.

This week, a variety of cyberattacks and victims have appeared. The pilot union Allied Pilots Association (APA), representing American Airlines pilots, disclosed a ransomware attack early in the week.

OpenAI has suffered a successful DDoS attack following the first-ever DevDay—where OpenAI announced ChatGPT-4 Turbo and the GPT Store.

Cloud-native and analytic solutions provider Sumo Logic has announced a cybersecurity incident stemming from a compromised AWS account.

In Singapore, there is a massive luxury resort named the Marina Bay Sands (MBS); its owner is state-side, known as the Las Vegas Sands (LVS).

The ever-changing universe of LEGO dominates the toy industry; LEGO is one of the most recognizable toy brands in the world, a perk of which is die-hard fans.

Defense is undoubtedly important. Setting up diverse security measures and protocols for when things go wrong will keep out most attackers or at least mitigate the damage.

Alexander Klink, CC BY 3.0 , via Wikimedia Commons With how much data is exchanged daily, it's a growing necessity that organizations maintain iron-clad and multi-layered security measures.

People are very comfortable clicking on website links these days. This trend is a blessing for the criminals creating and spreading a ludicrous number of malicious URLs.

The Allied Pilots Association (APA) is the collective pilot agent for American Airlines; it provides a range of services to 15,000 members, including acting as a bargaining entity.

This week, hackers targeted various industries for cyberattacks, including nationally-recognized organizations. Five Guys suffered a breach involving two employee email accounts and potentially losing employee and consumer credentials.

Mr. Cooper provides over 4 million people with mortgage lending options. They are the nation's most prominent leading estate loan servicer, with over $900 billion in active service.

Deer Oaks Behavioral Health is a national provider of mental health based in San Antonio, Texas. They offer the nation long-term care focused on psychiatry and psychology.

LiveAction Incorporated is a software company specializing in analytics, network monitoring, and application management tools.

In South Texas, United Medical Centers (UMC) offer reliable, high-quality healthcare services. They host nine locations in the region, servicing patients from the surrounding communities; their services include options for family planning, WIC, and a broad selection of care to assist chronic illnesses.

Five Guys Enterprises, LLC oversees the management of services delivered by "Five Guys," a national restaurant chain throughout the US. The restaurant is available in more than 1,450 locations, 900+ cities, and every state (except Alaska).

These days, password security theory is strongly tied to mathematics. Even ordinary computers are getting exponentially more powerful every few years, and this growth is empowering hackers as a result.

There's a natural yin and yang relationship in the cyber security sphere. Black hatters find new attack strategies, and white hatters patch them up.

The University of Michigan (UM) hosts more than 55,000 students, 35,000 staff members, and 640,000 alums. Unfortunately, following a recent cybersecurity breach, students, applicants, alums, employees, contractors, and donors may now have information at risk.

This week, many institutions were targeted for attacks, impacting thousands differently. In the northeast of the US, New York's gambling scene suffered an attack, downing casinos across the state.

Headquartered in Orange City, Iowa, Revival Animal Health delivers business solutions for pet-oriented care and service providers; they offer pet healthcare products and animal supplies to pet professionals and individual pet owners.

Philly is the most populous city in the United States, hosting more than 1.5 million residents within its borders. The City employs around 30,000 people, fulfilling over 1,000 job categories.

Akumin is a radiology and oncology clinic based in Florida with multiple locations. Last week, three of their South Florida locations shut down their computer systems to hobble a ransomware cyberattack.

A subtype of a phishing scam, email spoofing is an attack meant to trick the recipient into trusting an email's legitimacy. It's estimated that scammers send over 3 billion spoofing emails daily, targeting people of all ages and social statuses.

Hackers and cybercriminals aim to steal as much information from their victims as possible. Unique technologies allow them to get creative and attack in ways their victims aren't prepared for.

New York state's video lottery gaming system receives management by Everi Holdings—a Las Vegas-born licensing operator; the New York State Gaming Commission (NYSGC) battled a cybersecurity event impacting casinos across the state last week.

This week, we noticed increased targeting of medical information; surgeries, health centers, and clinics were all made victims by successful hacking plots.

AIDS Alabama Incorporated (AAI) serves over 8,000 Alabama residents, assisting them with emotional and medical support where possible.

Chicago's health providers are prime targets for opportunistic hackers; Cook County Health is the most recently discovered victim of a cyber assault.

Fairfax Oral and Maxillofacial Surgery serves the residents of Northern Virginia and the surrounding region. They employ a ten-person surgery team with six locations.

Decathlon is a global sporting goods retailer with over 100,000 employees and 1,700+ storefronts worldwide. In 2022, Decathlon reported 15.4 billion euros of net sales revenue, shared with 55,000 shareholding teammates.

In 2023, GoBankingRates. com found that 15 percent of Americans have over $5,000 in credit card debt. Additionally, many people will start searching for relief with student loan payments returning.

Data is king. This truth has remained across most of human history. Today's businesses are working with cosmically large amounts of data points, which makes it equally challenging to store and analyze any of them efficiently.

Shadow PC is a Paris-based gaming host with thousands of clients in Europe and the US. Shadow's service allows video games with high resource consumption to run on old software; this is made possible by Shadow's ability to open a virtual computer.

This week, threat actors targeted the vital aspects of many companies characterized by their robust cybersecurity. 23andMe got hit early on, suffering demographic and relationship exposures that may target Ashkenazi Jews and Chinese descendants.

Air Europa is a Spanish airline that serves travelers from all over Europe, North America, the Caribbean, and Tunisia. The airline welcomes over 430 million fliers each year, with 10,000+ daily flights across the globe.

Florida's First Judicial Circuit hosts 33 courts in the Northwest of the state. The region serves over 1.4 million residents, most of whom live within areas heavily impacted by the military.

Flagstar Bank is one of the largest national banks in the country. They operate over 430 branches and 120 banking teams from coast to coast.

Cybersecurity has taken major steps forward in protecting the modern world in recent years. Even though little is given to the public, securing global networks and computer systems is a significant industry in the global information processing structure.

Most jobs require that applicants prove a baseline level of education or skills. They can do so through degrees, work experience, or certifications from an overseeing body.

The nation's capital—Washington, D.C., hosts over 700k+ individuals along the shared border of Maryland and Virginia; within Columbia, an estimated 86.9% of inhabitants can actively vote.

23andMe is a personal genome and biotechnology company that provides genetic reports to interested clients. 23andMe employs over 800 employees and operates in California.

Community First Medical Center (CFMC) is a medical and nursing facility that serves Chicagoland and Illinois broadly. They employ over 300 individuals who preside over a 299-bed hospital campus.

Cybersecurity experts work daily to protect the public from threat actors. This week, we learned about new threats to medical records and gas stations and received updated statuses.

HCA Healthcare is a national and international healthcare service provider. Their services span over 180 hospitals and thousands of clinics across 20 states.

Darkbeam is a top-performing cyber vulnerability and threat management provider with less than 25 employees. The company has reported over $1 million of revenue in recent years, with numbers as high as $5 million.

Detroit is Michigan's largest city, hosting a population of more than 630,000 people. The area is called "Motor City" for its contributions to the automobile industry in the 1950s.

Everybody knows that their passwords should be complex. You shouldn't include personal information like your birth month, hometown, or name.

Global consumers have suffered many hardships in recent years: pandemics, historic inflation levels, and rising crime everywhere.

Nuance Communications is a Microsoft-owned software solutions provider employing more than 6,500 people. Nuance controls industry-defining AI, which professionals may use to fully automate tasks, such as entering and manipulating medical records.

Data breaches are a huge challenge that modern organizations must deal with today. This week, we learned of several education-related breaches, as well as a few financial breaches.

Brady Martz & Associates is an accounting firm in Crookston, Minnesota. The company offers audits, business valuation, forensic accounts, employee benefit plans, and more.

BMO Bank is the 8th largest bank in the United States, employing over 12,000 individuals. The bank manages more than $3 Billion in annual reserves and works with a huge number of customers as it has over 1,000 physical locations across the country.

Lakeland Community College is a public school located in Lake County, Ohio. The school serves approximately 8,700 students at one time and provides over 135 different associate degrees and technical certificates.

Delta Dental of California is a major dental insurance provider throughout one of the largest states in the US. The company is well-known for offering PPO dental insurance policies and other varieties of dental insurance options.

The National Student Clearinghouse is a research facility that gathers data on students from approximately 22,000 high schools and more than 3,600 different colleges.

There are a few universal methods by which we fantasize about getting rich. We could win the lottery or inherit a fortune from a long-lost relative.

Modern computers and anti-malware programs are incredibly sophisticated. Their power causes users to believe that any threats will be swiftly detected and dealt with.

Both Atrium Health and Novant Health are health organizations that work with a large number of hospitals offering services. These v work with data from thousands of patients and enable standard hospital practices to occur.

This week, we noticed that data breach attackers targeted a substantial number of hospitals. north Carolina patients are being impacted the most currently.

According to a recent data dump on a hacker forum, credit giant TransUnion was recently the victim of a data breach. It's unclear whether the company itself was breached, but it does appear that TransUnion customers have been compromised.

Save The Children is an organization that specializes in helping children live healthy lives. The non-profit works in multiple countries, helping to provide for children's needs, especially in areas affected by war or tragedy.

North Carolina hospitals were under attack from a streak of data breaches back in May of this year. The breaches resulted in some lost medical and personal information for many facilities throughout North Carolina.

Caesars Entertainment is one of the largest casino companies in the United States and is well-known for its loyalty program. The company serves countless customers in Las Vegas and elsewhere throughout the world.

Most people navigate the internet with little to no anxiety despite not knowing what goes on behind the scenes. Public Key Infrastructure is one of these background processes that allows everyday users to feel safe online.

The Federal Information Security Management Act (FISMA) was introduced as part of the E-Government Act of 2002. This act required Federal Organizations to implement an information security accreditation process designed to protect government data more efficiently.

Sabre is a huge technology company that serves as a powerful travel reservation system for many of the major hotels and airlines in the United States.

This week, data breaches were particularly bad, with attacks impacting travel technology giant Sabre, production giant Johnson and Johnson, and medical company Amerita.

Amerita and Pharmerica are medical companies that offer services to nursing facilities, hospitals, individuals, and seniors. These companies specialize in infusion treatments but also provide additional medical services.

Traderie is a special trading platform dedicated to enabling Animal Crossing: New Horizons, Roblox, Elden Ring, Diablo, and Rocket League players to buy and sell in-game items with one another.

Johnson and Johnson is a large-scale manufacturing company that provides pharmaceuticals and medical products to companies throughout the world.

In this digital age, staying connected is not just a luxury but an absolute necessity. And at the heart of every wireless connection lies something called an SSID. 

It's difficult to fathom how much information passes through a single website daily. On the extreme side of things, Google, YouTube, and Facebook had 28 billion combined visits in June 2023 alone.

Freecycle is an online platform dedicated to helping its users exchange free goods with one another. Freecycle is designed to help reduce waste by helping people give away their unwanted items instead of throwing them away.

UnitedHealthcare is a large insurance company that serves more than 8 million Americans throughout the United States. The company gathers health, personal, and financial information and utilizes all those different data points to provide reliable insurance services.

Each week, new data breaches plague the public. This week, significant healthcare and retail breaches led to substantial data losses for customers and patients throughout the United States.

Cognizant is a massive IT services company with over 300,000 employees and more than $15 Billion in annual revenue. The company helps major corporations with IT services.

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

The dark web, also known as the "darknet", is a portion of the internet that lies outside the boundaries of traditional search engines.

Your Wi-Fi network is another handy access point that hackers use to infiltrate your computers, steal your identity, and grab your personal details.

Six databases that were owned by Friend Finder Networks, Inc. suffered a massive data breach in 2016, which cost 412 million users their accounts.

In this highly digital age, it is near impossible to erase all information online about yourself, but you can do a lot to remove online information and minimize your risk of identity theft or worse. 

With all our technology and connectedness comes a price, vulnerability. Now more than ever before, our credit and identities are at risk from cybercriminals, thieves, and hackers.