Evolver News Round-Up: 809 Million Records Exposed by Email Marketing Company
News Round-Up – Get a Quick Rundown of What You Need to Know
Evolver’s Cyber News Round-Up looks into recent reports and journalism covering cyber threats and trends affecting all industries. You can suggest articles to us on LinkedIn and on Twitter at @EvolverInc. Visit our cybersecurity services page to learn more about cyber risk assessment and threat protection.
809 Million Records Exposed by Email Marketing Company
According to Wired, a MongoDB database left accessible by anyone online possessed over 763 million different email addresses along with a massive amount of other data, adding up to a total of 809 million records. Verifications.io, a company that validates email addresses for marketers, owns the database and has immediately taken it down. In addition to emails, names, addresses, and phone numbers, it also contains a large amount of birth dates, genders, mortgage amounts, social media accounts, credit score characterizations, and more, the article notes.
Late CEO of Crypto Exchange’s Devices Accessed and No Money is Found
The CEO of QuadrigaCX, a cryptocurrency exchange, passed away and had never told anyone the passwords to access the funds. The devices have finally been accessed by investigators, says Business Insider, but the funds totaling $137 million are nowhere to be found. It appears that the last of the money stored in the Bitcoin Cold Wallets had been taken out in April 2018, the article notes. As theories of a faked death advance, the search for answers will continue.
Caller ID App Exposes Data for More Than 5 Million People
Saudi caller ID app Dalil has exposed over 5 million users’ data by using an unsecure MongoDB Server to store the information, according to Hack Read. After researchers reached out to the creators of the app, no response was given. According to the article, leaked data includes full names, emails, phone numbers, activity logs, gender, GPS location, and much more. Furthermore, the location coordinates update in real time and the server updates its user list nearly every day. Since no fix has been issued, Hack Read recommends that users delete the app immediately.
Rush Health System Hit With Data Breach
“An employee of one of Rush’s financial service vendors improperly shared a file with an unauthorized party,” says Security Week. As a result, around 45,000 patients’ data was exposed. The information likely includes names, birthdays, addresses, health insurance details, and social security numbers, according to the article. While Rush found out about the breach on January 22nd, 2019, it is estimated to have taken place in May of last year.
Wolverine Solutions Group Breach Includes Over a Million Patients
According to SC Magazine, a September 25th, 2018 cyberattack left Wolverine Solutions Group infected with ransomware. The impact included around 1.2 million patients’ data being exposed across 700 different companies, the article details. Information such as names, birth dates, social security numbers, addresses, phone numbers, insurance contact details and numbers, and even extremely sensitive medical information were all involved. SC Magazine states that the Health Alliance Plan, Three Rivers Health, Mary Free Bed Rehabilitation Hospital, and North Ottawa Community Health System are a few of the healthcare providers that were impacted.
424% Jump in Breaches and Leaks Last Year
In 2018, there were 12,449 breaches and leaks combined, says Info Security, 424% more than those in 2017. However, it is also noted that the incidents were usually smaller at an average of 217,000 exposed records each. This trend, the article states, is a result of an increasing number of small businesses becoming targets of hackers as they tend to have weaker security practices. Government data and voting records were noted as being stolen more in 2018 as well. A 20% jump from 2017, stolen identity data reached 3.6 billion different records, according to the article.