Cybersecurity for critical infrastructure continues to be of concern, including the transportation sector. A new study by ABI Research concludes that although the transportation sector continues to increase spending on cybersecurity year over year, the rapid digitization of airports, aircraft, trains, ships, and cars puts this sector at risk. The study mentions that poor cybersecurity … Continue Reading
On August 1, 2017, 32M, located in Wisconsin, is offering its employees the ability to have RFID chips implanted into their hands to make purchases at the company break rooms, open doors, use the copy machine and log on to their company computer. On top of that, the employer issued chip can store medical and … Continue Reading
We previously reported about the microphone and video capabilities of Echo technology [view related post]. The FBI is also concerned about this technology being used in toys that are connected to the Internet. The FBI is so concerned that yesterday, it issued a Public Service Announcement that warns consumers that Internet-connected toys “could present privacy … Continue Reading
A cyber-attack against–Bithumb–one of South Korea’s largest cryptocurrency exchanges and one of the five largest in the world—has reaped access to the data of 30,000 users and drained their accounts in the process. Bithumb is one of the biggest ethereum exchanges by volume in South Korea, representing more than 44 percent of trading in that … Continue Reading
Social networking app Wishbone, which is used primarily by teenage girls to vote on various teenage type quizzes, like favorite entertainers or fashion, has been hacked. The intruders have reportedly gained access to users’ (again, primarily female minors) names, unique email addresses and mobile telephone numbers. Not just a few, either. The data compromised included … Continue Reading
President Trump’s administration is asking Congress to grant the federal government power to track, hack and destroy any type of drone that is flying over domestic soil. The draft legislation includes new exception to laws governing surveillance, computer privacy and aircraft protection. This draft legislation stems from the government’s growing concern for the widespread use … Continue Reading
We have read multiple reports on WannaCry and if you are reading this and don’t know what WannaCry is, Google it for the background story. The clear message is this is not the last major attack we will see, and future attacks will only get more sophisticated. It is being estimated that the cost associated … Continue Reading
Over the past week, many clients and individuals have asked me why some companies and health care facilities were devastated by the WannaCry ransomware, and why others made it through the weekend without a blink of an eye. Simplistically, it is because those who pay attention to security patches that they receive from technology vendors … Continue Reading
An unknown intruder was able to access team communication platform HipChat last weekend, allowing access to the account information of users, including email addresses, hashed passwords and names. There is also a chance that actual room metadata, which includes the room name and room topic, may have been compromised. The cyber-attacker was able to access … Continue Reading
University of Michigan researchers have discovered that hundreds of applications in Google Play turn Android phones into a server that allow the user to connect the phone directly to a PC and leave open insecure ports available on the smartphone. What does this mean? It means attackers can use the open insecure port to get … Continue Reading
Bangor Health Center, a psychiatric practice located in Bangor, Maine, has notified 4,229 patients that a hacker from Moldova has accessed their psychiatric records, including names, addresses, Social Security numbers, telephone numbers, diagnoses and doctors’ notes. The health center provides outpatient therapy to both children and adults for behavioral health conditions including substance use disorders, … Continue Reading
We often talk about how anything that is connected to the Internet is hackable and unsafe, and to be careful about how you buy and connect devices, products, appliances, home security systems and other wireless “things.” These are called the Internet of Things, or “IoT.” Alexa is an IoT “thing.” Cybersecurity literature constantly warns us … Continue Reading
Showing no signs of letting up on enforcement actions, the Office for Civil Rights (OCR) late last week settled an investigation against Metro Community Provider Network MCPN, a Colorado based federally qualified health center, for alleged HIPAA violations. The fine, a whopping $400,000 for the center, which provides health care services to low income patients, … Continue Reading
The Illinois Department of Employment Security has revealed that somewhere between 1.2 million and 1.4 million Illinois residents who have received unemployment benefits from the State of Illinois have had their names, dates of birth and Social Security numbers compromised through a hacking of its vendor’s database. The residents are those seeking jobs and using … Continue Reading
McDonald’s Canada has shut down its careers webpage following a breach that occurred in mid-March. A hacker gained access to the jobs section of its website and compromised the personal information, including names, addresses, telephone numbers, employment histories and other job application information of approximately 95,000 individuals. McDonald’s Canada has notified the privacy commissioners in … Continue Reading
The United States Department of Justice (DOJ) has announced that a former contractor of a defense contractor has been indicted for stealing over 75 percent of hacking tools belonging to the Nations Security Agency’s offensive cyber unit, as well as the ICA and Cyber Command. According to the indictment, Harold T. Martin has been charged … Continue Reading
We often hear from small businesses that they do not believe they can be a “target” of hackers, or that they are at risk of a cyber intrusion. This thought is naïve as small businesses are at risk of cyber intrusions, and due to the fact that they do not have the resources to protect … Continue Reading
I am watching Game 7 of the World Series, and it is the bottom of the 8th and the score is 6-6. It is very difficult to concentrate on this blog post. So I am taking the easy way out and reminding you to check the privacy settings on your LinkedIn account. What is the … Continue Reading
The maritime industry is not immune from cybersecurity risks. Navigation, product supplies and deliveries, radar systems and GPS systems are all digital and connected in today’s world, and can be subject to hacking and intrusions. Voyage data recorders (VDRs) are connected to essential parts of a ship’s navigational and safety systems, including radar, ECDIS and … Continue Reading
On the heels of Eddie Bauer’s notification of a cyber intrusion affecting all of its retail stores in the U.S. and Canada, KPMG has released a study showing that almost one-fifth of respondents to a survey said they would avoid a retailer that was a target of a successful cyber intrusion, even if the company … Continue Reading
Athens Orthopedic Clinic in Georgia reported on July 25, 2016, that a hacker gained access to its electronic medical record system at the end of June using the log-in credentials of a third-party vendor. It has determined that patient records in the electronic medical record system were compromised during the hack and it is in … Continue Reading
We have previously reported on hackings of automobiles [view related posts here, here, and here]. Not only can hackings obtain information about your driving habits, your GPS usage and location, the use of your cell phone, access to your contacts, and other information, but it can be dangerous to your physical health. A car hacking can … Continue Reading
Passwords are a pain to keep track of and it is well known that consumers use the same password for multiple platforms because none of us can remember multiple complex passwords. When a hacker obtains one password, they can use that password to gain access to multiple accounts. The nation’s largest banks are well aware of … Continue Reading
A LinkedIn data breach in 2012 supposedly exposed 6.5 million LinkedIn users’ hashed passwords. LinkedIn announced yesterday (May 18, 2016) that in fact, it impacted more than 117 million user accounts, and that the information was posted online. Therefore, as of today, LinkedIn is forcing individual users affected by the 2012 breach to reset their … Continue Reading
