Security News Round-Up: Data Breach Risk Highest in Healthcare Industry
News Round-Up – Get a Quick Rundown of What You Need to Know
Evolver’s Cyber News Round-Up looks into recent reports and journalism covering cyber threats and trends affecting all industries. You can suggest articles to us on LinkedIn and on Twitter at @EvolverInc. Visit our cybersecurity services page to learn more about cyber risk assessment and threat protection.
Data Breach Risk Highest in Healthcare Industry
According to Help Net Security, amongst the top 10 largest companies across seven different industries, healthcare was found to have the largest number of exposed databases. Also studied were the amount of exposed remote login services, the article notes. The average number of databases left exposed in the healthcare industry was 13 per company, along with 8 exposed RDP servers per company on average. Manufacturing and automotive followed behind the healthcare industry, respectively. This highlights the serious and increasingly common risks of PII loss and dangerous consequences that can come along with a data breach in the industry.
Data Leaked by Israeli Marketing Firm
More than 140 GB of contact information for U.S. and European customers was leaked by Israeli marketing firm Straffic, according to Bank Info Security. Information exposed includes names, phone numbers, email addresses, genders, and physical addresses, the article states, left in a database which the access credentials for were left unprotected online. A security specialist discovered the issue after growing increasingly frustrated with receiving unsolicited marketing messages on his phone and deciding to look for the cause. The company has so far not revealed any data misuse or loss, the article says.
University of Texas Steals Hackers’ Secrets
Using the DEEP-Dig method, University of Texas researchers successfully used a decoy website to record hackers’ tricks for gaining access. A computer analyzes the information afterwards in order to decipher the best methods for identifying and preventing other hacks, says Info Security Magazine. This enables companies to get real-time insight into how the hacks take place and what attackers are looking for. The decoy sights include fake information to convince the attackers that they’ve succeeded, according to the article. The computer scientists presented the concept at the annual Computer Security Applications Conference in December as well as the Hawaii International Conference of System Sciences.
Phone Wrap Company Hit With Data Breach
A company that produces vinyl wraps for electronics (including phones), known as Slickwraps, revealed that it had suffered a unique type of data breach, according to Naked Security. After a hacker was blocked twice after they reported a vulnerability to the company, another hacker exploited it. The attacker accessed the resumes of former employees, back-up customer photos, and more, the article states. The initial hacker then exposed the company’s weaknesses out of spite, detailing how he was able to access their systems through the vulnerability and shaming the company for their response when he reported it.
French Sporting Retailer Leaks More Than 123 Million Records
Over 123 million employee and customer records were leaked by Decathlon, a massive French sporting retailer, by means of a misconfigured database that left the information exposed. According to Info Security Magazine, the 9GB database was found by researchers on an Elasticsearch server that was left unsecured. The breach affected Spanish and likely UK customers, including emails and login information that were not encrypted. Some of the data also included employee addresses, potentially putting their safety in danger, says the article. The database was found on February 12th and taken down on February 17th.