Weekly Recap September 2, 2022

Nelnet is a student loan service based out of Lincoln, Nebraska. Recently, it suffered a data breach that revealed the personal information of over 2.

In early June of 2022, the nonprofit news reporter The Markup discovered that an ad-based service, Meta Pixel, was being used by 33 of the top 100 hospitals in the US. Meta is now being sued for allegedly sending sensitive medical information to Facebook, along with two of the involved hospitals.

Computers are, arguably, one of the most essential items necessary for life in modernity. Through them, not only can we be entertained, but we can be informed or critiqued.

The meteoric rise of SaaS applications delivered to consumers and businesses created an underlying need for a Single Sign On (SSO) login standard.

Over the last few months, there's been a terrifying amount of hacks. From food delivery services to video game companies, there seems to be no limit to what these hackers are willing to do.

The North Face is an outdoor apparel company owned by VF Corporation. They are known for their winter clothing and outerwear that protects people from some of the coldest weather on the planet.

American Airlines is the world's largest airline by fleet size (having over 1,300 aircraft in its fleet), with more than 120,000 employees and operating in more than 50 countries, with 6,700 flights every day, flying to about 350 destinations.

Sometime between November 5th, 2021, and April 5th, 2022, U-Haul International was hacked, leaking the information of millions of users to some unknown entity.

Six years after its last data breach, Uber has confirmed another. However, this time, the attacker claimed to be just 18. This 18-year-old also claimed to be behind a second data breach as well, except this time, it was gaming files for upcoming GTA VI that were hacked.

Rockstar confirmed a breach into Grand Theft Auto VI. Over 50 minutes of footage was leaked, taking social media platforms like YouTube by storm.

Central Florida Inpatient Medicine is on record, acknowledging a data security breach. The criminal invasion of the company's internal systems is the latest in a never-ending flurry of web-based attacks.

To say it is concerning that more than 2,000 data breaches occurred in the first half of 2022 alone would be a dramatic understatement.

DiversiTech Corporation, a provider of heating and cooling products, recently reported a data privacy event that compromised the personal information of its customers.

Financial literacy is the combination of knowledge and skills that people need to make well-informed financial decisions. These decisions range from budgeting for a vacation to crafting a long-term retirement plan.

Some words and phrases in modern vernacular sound intimidating to the uninformed. One such small phrase is the data dump, which has a short and targeted history.

Private Client Services, also known as PCS, recently admitted it suffered a sizable data breach. Hackers victimized the investment advisor business in November of 2021.

Guadalupe County officials, including revered Judge Kyle Kutscher, are speaking out after what appears to be a digital security breach.

It wasn't long ago when online hacks were primarily limited to corporations. Nowadays, organizations of all types and sizes are in the crosshairs of criminals roaming the internet.

Most people don't worry about password safety until it becomes a problem. They find an email or notification from a website asking, "Is this you?

Cryptocurrency's brief history began in 2009 and has seen the various crypto coins rise to become a global phenomenon. The industry is still in its infancy and constantly evolving, which makes it difficult to predict the next stage of development.

According to Constella Intelligence, the breach economy has rapidly expanded to the point that more than 65,000 breaches occur annually, resulting in nearly 42 billion records falling into the hands of parties with evil intentions.

The number of data breaches continues to increase as we quickly transition to a brave new age of high-tech and internet ubiquity.

The West Virginia University Medical Corporation is the subject of a proposed class action lawsuit following a digital attack and subsequent data breach.

Allaire Health Services has confirmed hackers stole its internal data. An unauthorized individual obtained access to Allaire Health's network, downloading highly sensitive information that will likely be used to steal the identities of the company's patients.

An unauthorized actor accessed AdviceOne's network earlier this year. The digital security breach culminated in the exposure of highly sensitive AdviceOne customer information between February 2022 and March 2022.

Novartis, a pharmaceutical company headquartered in Switzerland, has been victimized by keyboard criminals. Hackers pounced on the pharma powerhouse, stealing its data through what appears to be a web-based extortion scam.

Online predators have been the fastest-growing crime segment since the beginning of the pandemic. FBI's annual Internet Crime Division reported a nearly four-fold increase in cybercrime, with total losses exceeding $4.

Rarely does media accurately reflect reality. It characterizes values like romance, success, and beauty at the unrealistic, almost unrecognizable, extremes.

OneTouchPoint is the latest victim of relentless hackers. The company was breached in an online attack that culminated in the theft of data from several million accounts.

Statista states several thousand breaches occurred in the first half of 2022 alone. This statistic shows that if you rest on your laurels by leaving your current digital defenses in place, your business might be the next to be victimized.

Agenda ransomware is causing widespread harm. This uniquely nasty ransomware is referred to as "Agenda" for the moment. Though we will not know the full extent of the new ransomware's impact until the threat is contained, we have some preliminary information stemming from descriptions provided by Agenda victims. 

LastPass, the most popular password manager in the world, has been hacked. The company's source code and even some of its most valuable proprietary data were stolen by hackers.

Oktapus, a hacking campaign, has more than 130 firms in its crosshairs. The threat targets more than 100 firms in the United States and victims scattered throughout 60+ other nations.

Crypto.com, the crypto platform, was hacked in mid-January 2022. The breach is another example of how digital criminals zero in on cryptocurrency websites.

Hundreds of unique expressions and idioms enter the world's lexicon daily. Google Dorking is a phrase that demands further attention.

The vocabulary of cybersecurity has progressed after the shift to high-speed internet. Though most people understand the basics of antivirus software, modems, and wireless connectivity, most are unaware of terms such as accidental exposure.

Many of us use password managers to keep our secure passwords safe. However, even secure software titles we rely on can still have issues with breaches.

A new data breach has hit food delivery juggernaut DoorDash, exposing personal customer data. The exposure came when hackers deployed a successful phishing attack that stole employee credentials from a service vendor.

Technology offers society an astonishing number of opportunities for advancement. How we choose to take advantage of these possibilities defines our future.

Nieman Marcus, a beleaguered fashion business that fell from grace after reaching the apex of its industry, was breached by hackers.

Digital miscreants are currently ambushing PAN-OS. The Palo Alto Networks' creation is undergoing immediate patching. The software that runs the firewalls is being attacked, spurring the United States Cybersecurity and Infrastructure Security Agency, or CISA for short, to warn both government digital security specialists and those who work for the public to implement fixes.

The language of cybersecurity has changed in the years following the dot com boom. We've rapidly transitioned from America Online (AOL) dial-up internet service through modems connected to landline phones to lightning-fast wireless internet available across nearly the entirety of the globe. 

The Block Cash App hack made waves partially because the company is led by Jack Dorsey, a supposed computer whiz with his finger on the pulse of cybersecurity dynamics.

Yet another cryptocurrency platform has been struck by digital criminals. CoinMarketCap is the victim this time around. It appears as though hackers plucked more than six figures' worth of cryptocurrency from the platform.

An online digital footprint is a digital history and reputation that follows you whenever you interact with anything online. It includes all your social media posts, comments, likes, shares, images, videos, blog posts, and more.

You get an email, or maybe a text, and it says someone stole your bank user name and password. But, if you hurry, you can log in and change them before your funds leave your account!

If cybersecurity industry experts' predictions prove true, there will be nearly 15 million DDoS attacks in 2022 alone. Cloudflare reports it blocked an average of nearly 58 million online attacks each day from the summer of 2021 to the spring of 2022.

Hackers accessed Argentina's database containing residents' government IDs. The thief found his or her way through the federal government's IT safeguards, plucking information directly from residents' ID cards. 

T-Mobile was hacked in the second half of 2021, creating the potential for widespread identity theft in the years ahead. In total, about eight million T-Mobile customer accounts were impacted by the digital breach.

A whopping $97 million worth of cryptocurrency was stolen from Liquid, a Japanese crypto exchange. The attack is yet another in a string of digital offensives against cryptocurrency platforms.

Twilio, the company that provides Signal with its phone number verification services recently suffered a phishing attack. During that attack, hackers had access to various company accounts at the corporate level.

Whole Foods, a subsidiary of Amazon, was in the news late last year for an unfortunate reason. The company admitted more than 80 million logging records were exposed to hackers. 

OneMoreLead, a business-to-business (B2B) marketing enterprise, suffered a significant data breach late last year. The marketing company left a database misconfigured, prompting the unintentional leaking of 63 million records. 

When you think of scams, you probably think of them as someone trying to trick you out of money. While data loss is typically not the primary goal of a scam, it can be the outcome.

The personal information of nearly 700,000 individuals was stolen in a data breach at the University of New Mexico Health. The data breach was revealed in the second half of 2021.

Following a statement by Twilio outlining a phishing attack that led to a data breach, Cloudflare released a statement sharing they were a victim of the same attack.

Twilio recently revealed that several employees were tricked by hackers, leading them to divulge personal, corporate-level logins.

A hacker has illegally accessed and leaked several hundred million user records from the popular Raychat app. Raychat, especially popular in the Middle East, is now in damage control after this digital infiltration.

From email marketing companies to law firms, healthcare companies, and beyond, organizations of all types are being hit by online attacks at an increasing frequency nearly across the board.

Hackers plucked a tidy $600 million worth of cryptocurrency out of Poly Network accounts. Poly Network is a popular DeFi (decentralized finance) platform.

BitMart, a cryptocurrency trading platform, has been in the news for all the wrong reasons. BitMart suffered a nasty digital security breach that prompted a corrective update.

Digital security specialists are issuing a siren call in response to the significant uptick in phishing attacks. Phishing is now a component of a decentralized offensive through an IPFS network.

A recent IBM report estimates healthcare data breaches have reached a record high of $10 million per incident. This eye-popping statistic is just one of many examples of the actual cost of digital security breaches.

Smishing is the latest form of phishing that has taken the mobile world by storm. It's not a new concept, but it has been modified to suit today's fast-paced society and accessibility to mobile devices.

The average person downloads Android apps from the Google Play Store without a second thought. However, more than a dozen such apps are planting malware on phones after download.

Digital security specialists have identified more than 3,200 apps used on mobile devices that are leaking API keys related to Twitter.

Early reports indicate Twitter might have suffered a massive data breach. It appears that between five and six million accounts were compromised in the attack.

By snooping on their email messages, hackers from North Korea are using harmful browser extensions to uncover information about targeted individuals.

Harmful NPM packages are stealing usernames, passwords, and financial information from Discord users. The campaign, dubbed "LofyLife", plucks tokens from users, infects files for monitoring activity, and can even change a Discord user's password in mere seconds.

The Roaming Mantis mobile campaign has returned to no fanfare at all. The threat connects several new forms of attempts at digital compromise targeting smartphone customers in France.

The end of the final week of July has arrived. The time has come to recap the week's top online breaches, hacks, and other digital offensives.

Raccoon Stealer has once again reared its ugly head to the delight of no one outside of the hacking community. It is not a question of whether Raccoon Stealer will remain on the digital threat landscape but whether your organization or your personal computer will be victimized by it.

Digital security experts have identified a new UEFI firmware rootkit. Referred to as Cosmic Strand, the UEFI firmware rootkit poses a significant threat, as detailed below.

It wasn't long ago when the term "mercenary" was limited to soldiers on the field of traditional battle. The battleground has partially shifted to the digital realm.

Neopets' website has suffered a significant data breach. In all, just under 70 million users are affected by the breach. Below, we provide the details of the breach and outline some digital security tips to bolster your online defenses.

In 2016, more than 16 million patient records were stolen in the US. Some papers fetched high prices, up to $1,000 for complete information.

Having your wallet stolen can be frightening; losing your credit and debit card can be devastating financially, and thieves may clean out your accounts before you can freeze them.

People once thought that water was the new oil, as the availability of fresh, potable water was starting to dwindle while the population continued to soar.

Google has officially removed Android apps containing malware. The tech powerhouse eliminated the eight apps in the aftermath of a whopping three million total downloads.

Premint, a platform for NFTs, suffered a loss of nearly $400,000 after an especially damaging online attack. Hackers pocketed a tidy sum of money by implementing malicious code to infiltrate the site and redirect funds to their own accounts.

CloudMensis spyware has emerged as a nasty threat to businesses and everyday computer users. It appears as though the spyware went undocumented for quite some time.

Wordfence digital security specialists are issuing a siren call concerning the unexpected hike in online attacks designed to take advantage of unpatched weaknesses within WordPress plugins.

Microsoft recently revealed online miscreants aggressively targeted 10,000+ organizations dating back to last fall. The tech giant is warning its business email clients about a massive phishing campaign designed to avoid multifactor authentication, obtain access to inboxes and engage in fraudulent activity.

Business email compromise or BEC, also known as email account compromise, can cost your business hundreds or thousands of dollars in lost revenue.

Botnet scams are multi-fold in their danger. Each botnet scam requires a criminal and a series of victims. Victims are those who have had their computers hijacked, plus the targets of the criminal's assaults.

According to VentureBeat, the frequency of online attacks in the new year has increased by three million more than that of the year prior.

A new callback phishing scam has victimized several digital security firms. Though the scam was limited to security firms, it has the potential to extend to other enterprises spanning several sectors and industries.

A North Korean hacker obtained access to the systems of Axie Infinity, an NFT marketplace, and blockchain gaming service. The attack resulted in a loss of about $540 million.

The internet has grown significantly over the past 20 years and continues to grow at an accelerated rate. The cyber threat landscape continues to grow as more people and businesses invest in digital services.

Personally Identifiable Information (PII) is sensitive data that can identify an individual. Examples of PII include an individual's name, address, phone number, email address, social security number, passport number, driver's license number, and other similar PII information.

SHI has been hit by malware, spurring the temporary shutdown of the company's public websites and email services. SHI took down their sites and email for several days during the attack and its aftermath.

The massive global hotel chain Marriott has been digitally breached yet again. Marriott International revealed the breach earlier this week.

The OpenSea data breach made waves throughout the digital security industry earlier this year, spurring a sector-wide siren call to improve digital protections safeguarding networks, computers, and web-connected devices.

An influence campaign tied to China has zeroed in on rare earth mining businesses. The United States, Canada, and Australia were the home of most of the targetted companies.

Summer is in full swing, yet the online threats aren't dissipating in the slightest. The digital criminals are out in full force, as evidenced by the attacks that occurred this past week and throughout the entire month of June.

Digital security specialists have identified harmful NPM packages that have stolen significant information from online forms and apps.

Leaky access tokens have created quite the digital storm as we transition to the second half of 2022. Hackers employed Amazon user authentication tokens to encrypt or steal pictures and documents.

OpenSea, the popular NFT platform, suffered a significant data breach. The NFT trading marketplace endured yet another attack.

If you own a SOHO router, you should be aware that ZuoRAT has the potential to take it over. SOHO routers transmit wireless and wired broadband routing across networks.

Identity theft is serious, and it can be challenging to know if someone is illegally using your personal information. Identity theft affects more than 13 million individuals annually in the U.S., with losses topping $15 billion.

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

The dark web, also known as "darknet" is a portion of the internet that lies outside the boundaries of traditional search engines.

Your Wi-Fi network is another handy access point that hackers use to infiltrate your computers, steal your identity, and grab your personal details.

Six databases that were owned by Friend Finder Networks, Inc. suffered a massive data breach in 2016, which cost 412 million users their accounts.

In this highly digital age, it is near impossible to erase all information online about yourself, but you can do a lot to remove online information and minimize your risk of identity theft or worse. 

The main difference between a credit freeze and credit lock is that while freezing your credit you restrict access to your credit report.