Cyber Security Blog

Beware of Ransomware

Have you ever thought about how much your files are worth to you? If you had to put a price tag on them, how much would it be? If I had to think of my photos alone (family, vacation, life events etc.), I’d say they are priceless! One of these days, someone may put a price tag on your files for you. What’s more frightening is that you may be forced to pay to retrieve them. This malicious play is caused by Ransomware and it’s been around for a long time.

Home Depot Paying Out $13 Million to Customers for Data Breach

Ever notice how after these data breaches, the company always follows up with either or both of the following: “we are tightening up our network security” and “we are offering our affected customers a year of free identity theft protection”. While that’s nice and all, it doesn’t compensate us for the time lost calling our banks, waiting for replacement cards, and the inconvenience of having our bank accounts frozen” (which by the way always happens at the worst imaginable time). So there was nothing short of a large smirk on my face when I read that Home Depot will reimburse its customers with $13 million for its data breach in 2014.

Hooked by the spear-phishing Line

While I am not an avid Snapchat user, I know that many people are. In fact, there are about 1.55 billion monthly active users. Snapchat has a company blog and they recently posted an apology to their employees for a recent phishing attack. The blog, found here, explains the occurrence as “an isolated email phishing scam in which a scammer impersonated our Chief Executive Officer and asked for employee payroll information”. The phishing email was not initially identified as a scam so current and former employee payroll information was unfortunately disclosed.

University of Central Florida discovered Approximately 63,000 Social Security numbers Exposed

The Education System is facing an ever growing cybersecurity threat. Schools and other large institutions are being targeted by hackers looking to steal the sensitive data of teachers and students. I, not unlike many, have spent thousands of dollars and accumulated debt to attend college…so, is it too much to ask of them to protect my data?

The most recent attack was on the University of Central Florida (UCF) discovered early last month. Approximately 63,000 Social Security numbers and names of former and current UCF students and employees were stolen.

Encryption

While the controversy continues between the FBI and Apple, we thought it would be interesting to highlight some of the things Tim Cook said in his letter to Apple’s customers about encryption. We particularly liked his stance on the need for encryption captioned below:

 
“Smartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data,

Landry’s Inc Encounters Threats through it’s POS System

For many Michiganders, weekend trips to Chicago are all too common! So as I plan my trip (which is usually centered around restaurants and shopping) I was surprised to read about a recent credit card breach at one of my favorite Chicago restaurants. Landry’s Inc., is an American dining, hospitality, entertainment and gaming corporation based out of Houston. It owns and operates over 500 establishments (many of which I am a fan of – MASTRO’s Steakhouse! YUM!).

In December 2015, there were reports of suspicious activity on credit cards used at some Landry’s owned restaurants in the Chicago area.

TaxSlayer Hack leads to 8,800 Customers Data Exposed

Tax Season. You either love it or you’re forking over some money. Either way, taxes are something everyone has to deal with. But there is something making this season even more stressful for us and that’s identity theft. While that may seem unrelated to taxes it most definitely is not. Criminals can (and do!) collect your personal information from various sources which can be used to make fraudulent refunds.  Many times personal information is stolen from various sites or databases; just think of all the data breaches suffered by businesses you use each day!

30,000 patients of Indiana University Health’s Arnett Hospital Compromised

Almost 30,000 patients of Indiana University Health’s Arnett Hospital were informed of a potential compromise of their Protected Health Information after an unencrypted flash drive went missing from its emergency department on November 20, 2015. The flash drive was lost in a publically inaccessible part of the hospital so officials do not believe patient data was viewed by a third party. Data breach notification letters were sent to the concerned patients in January to notify them of the potential compromise. While the flash drive did not contain social security numbers or other financial information,

SPEAR Phishing

Spear phishing sounds like a sport, doesn’t it? Well for many cyber criminals, it is! And sadly, they much to gain when you lose. While phishing e-mails are sent in mass quantities with the anticipation that some will fall prey, spear-phishing e-mails target select individuals or groups. Odds are, the cybercriminal already knows something personal about you or your organization. They use this data to lure you into giving them private information or tempt you to click links in their e-mails that install malware onto your PC.  Malware can hijack your computer resulting in your personal data (think bank account and social security numbers) being stolen.

TaxAct Data Breach affects 9,000+ Customers

TaxAct, the Iowa-based tax preparation software developer, acknowledged a data breach resulting in the suspension of more than 9,000 customer accounts due to suspicious activity. Approximately 450 of those customers may have had their tax information stolen along with social security numbers and legal names between the dates of November 10 and December 4, 2015. On January 11, 2016 TaxAct sent a letter titled “Notice of Data Breach” to its 450 affected customers. A TaxAct spokesperson said the company has “no evidence that any TaxAct system has been compromised” and said instead that the company thinks cyber criminals may have got customer names and passwords from other data breaches.