At a glance.
- Medical data breach exposed colonoscopy results.
- Data breach at forest charity.
- Insurance data exposed.
- Fusion of disparate technologies and its effect on privacy.
- Developer community breached.
Colonoscopy results published on the dark web.
Two US healthcare providers suffered a data breach in which hackers stole tens of thousands of patient colonoscopy records. NBC News reports that the records, which included private data like patient names, dates of birth, and diagnoses, were taken from Florida-based Leon Medical Centers and Nocona General Hospital in Texas and posted on an underground forum by a well-known hacking group. As the Verge explains, the incident is just the latest in a recent wave of cyberattacks on hospitals during the pandemic, as more than five hundred healthcare providers were hit with ransomware attacks in 2020 according to cybersecurity firm Emsisoft, and the attacks doubled from the first half of the year to the second. However, in this case the cybercriminals’ motives are unclear. No ransomware appears to have been deployed, and although the files were published on a site typically used for extortion, the hackers posted the data without attempting blackmail.
Hackers uproot forest charity data.
Woodland Trust, a charity devoted to preserving the woodlands in the UK, announced that on December 14 they experienced a breach of their IT systems, Infosecurity Magazine reports. In response to the incident, Woodland Trust has shut down their network and launched an investigation to determine the scope of the breach. The exact data compromised have not been specified, but it likely includes member contact info and financial data. "In the event of confirmed data loss, we will identify and inform those affected immediately, in accordance with GDPR,” Woodland Trust stated in their official notification.
Kids’ insurance provider enrollee data exposed.
Children’s health and dental insurance provider Florida Healthy Kids Corporation (FHKC) announced that it suffered a data breach as the result of a cyberattack on their website host, Jelly Bean Communications Design. Exploiting vulnerabilities on the website platform, the attackers accessed and tampered with thousands of street addresses of online applicants and enrollees, but it is unclear whether any personal data were stolen. The website has been taken down and FHKC has instructed the individuals potentially impacted to protect themselves against identity theft.
Technological fusion broadens the horizons of surveillance.
Wired examines the field of fusion technology, the process of integrating and synthesizing data from surveillance intelligence devices in order to optimize their effectiveness. Security tech firms like Montreal-based Genetec have created systems that gather outputs from devices like automated license plate readers, neighborhood CCTV cameras, and gunshot detectors, which are then linked into easy-to-navigate, interactive platforms. Algorithms detect patterns to seamlessly blend the information from the various sources, replacing tasks that it could take law enforcement agencies and government officials months to perform manually. Tech leaders like Microsoft and Motorola have already begun offering fusion system products, and data integration firm Palantir has such high-profile clients as the US Central Intelligence Agency and Immigration and Customs Enforcement.
SitePoint discloses data breach.
The professional developer community SitePoint has disclosed a data breach, according to BleepingComputer. The attackers sent "extortion and fake cryptocurrency giveaway emails to addresses that [SitePoint states] were specifically created for and only used at SitePoint." The community believes it was compromised through a third-party app, and has told its members to reset their passwords.
We received comment from two industry sources on the breach. Chris Clements, Vice President of Solutions Architecture at Cerberus Sentinel, wrote:
"SitePoint joins the long list of organizations that only learn they have been breached when alerted by a third-party months after the breach occurred. Too often organizations fail to identify all potential attack vectors, especially from vendors that have access to sensitive organization data. Supply chain attacks can be especially devastating because they often look very similar to legitimate operations. For organizations to protect themselves, they must adopt a true culture of security that includes a full accounting of potential risk vectors, regular testing to ensure that no gaps or mistakes have been made, as well as continuous monitoring for suspicious behaviors that can indicate an attack is taking place before criminals can cause widespread damage.
"For users affected by the SitePoint breach, the most important thing is to make sure that they have not reused the same password on any other website or application, particularly work or personal email accounts. Email account compromises can be devastating as they allow attackers an easy way to identify other accounts, such as a person’s bank, and perform password reset attacks to gain access to very sensitive information."
Bryan Embrey, Director of Product Marketing at Zentry Security said, "This breach underscores the need for least-privileged user access to sensitive information. Moreover, by using zero trust best practices like tunnel encryption and multi-factor user authentication, the extent of the attack might have been mitigated or prevented altogether."