Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Sunday 8 March 2020

Data Breaches Digest - Week 10 2020

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 2nd March and 8th March 2020.

8th March

250,000+ Login/Passwords Leaked in The Trident Crypto Fund Data Breach

Computer systems at University of Kentucky and UK HealthCare hobbled by massive, month-long cyber attack

Coronavirus Sets Up Accelerated Push to Cloud for Cybersecurity Industry

Data breach fines set to rocket after limit is lifted - with some hitting hundreds of millions

7th March

AMD processors from 2011 to 2019 vulnerable to two new attacks

Redcar council excludes public from cyber-attack discussion

Singapore, Malaysia credit card details dumped online in massive data breach

6th March

53% of hospitals faced cyberattacks, but few have plans to respond to phishing attacks

Arkansas Children's Hospital reboots IT system after cyberattack

Behind the Crime: New Phishing Attack Launched Every Two Minutes

Brazilian security firm leaks more than 25 GB of client and staff data

Catches of the month: Phishing scams for March 2020

Charities report 102 data breaches in the third quarter of 2019-20

Data breach: U.S. retailer J.Crew reveals 2019 security incident to customers

Former DHS official charged with theft of confidential government software, databases

Microsoft: 99.9% of compromised accounts did not use multi-factor authentication

Nasty phishing scams aim to exploit coronavirus fears

One billion Android devices at risk of hacking

Ransomware: These sophisticated attacks are delivering ‘devastating’ payloads, warns Microsoft

Security Researcher Publishes Details About Zero-Day Vulnerability in Zoho Enterprise Product

T-Mobile's Data Breach Exposes Customer's Data and Financial Information

Virgin Media breach 'linked customers to porn'

5th March

Access Control: Don’t Give Cybercriminals the Keys to Your Business

Americans worry more about identity theft than being murdered

Backdoor malware is being spread through fake security certificate alerts

Boots Advantage Card hit by cyber attack

Brazil ranks third in email security threats

Chinese hackers use decade-old Bisonal Trojan in cyberespionage campaigns

Cruise Operator Carnival Corporation Discloses Cyber Attack

Defense contractor CPI knocked offline by ransomware attack

Facebook sues Namecheap to unmask hackers who registered malicious domains

How to maintain safe cybersecurity practices while transitioning workers from the office to remote workstations

Loyalty program fraud targets 600,000 Tesco shopper accounts

Malicious Chrome extension caught stealing Ledger wallet recovery seeds

Malta-based crypto-fund suffers data breach; 10K user records affected

Microsoft subdomains hijacked following DNS security blunder

Mimecast tracks growing Malware-as-a-Service trend in analysis of 202 billion emails

New Report: A Profile into Kilos, New Search Engine for the Dark Web

One of Roman Abramovich's companies got hit by ransomware

Quest Diagnostic finalizes data breach settlement

Ryuk ransomware hits Fortune 500 company EMCOR

T-Mobile says hacker gained access to employee email accounts, user data

US property and demographic database of 200 million records leaked on the web

Virgin Media data breach affects 900,000 people

Virgin Media exposes data of 900,000 users via unprotected marketing database

West Suffolk Hospital apologises after dog walker finds medical records in nature reserve

Why Ethical Hacking? (The What and Why of Ethical Hacking)

4th March

4 essential things security experts do to protect their own data

5 recent data breaches caused by human error

2019 proves a bumper year for cyber attacks

Cathay Pacific hit with £500,000 fine for customer data breach

Citrix vulnerability used for potential Defence recruitment database access

Cyberattackers hack Wellington school’s computer system

Cybercriminals are Increasingly Turning to Ransomware as a Secondary Source of Income

Cybercriminals Increasingly Harnessing Stolen Identity Data to Launch Global Attacks

Fears private details of Defence Force members compromised in database hack

Indiana hospital alerts 2,600 patients of human error data breach

International airline fined £500,000 for failing to secure its customers’ personal data

Number of spoof attempts on domains drops to "near zero" within months of DMARC enforcement

Number of Student Data Breaches, Ransomware Attacks Nearly Triple in Last Year

State-by-state breakdown of ransomware attacks on healthcare providers

T-Mobile customers notified of breach

These are the first passwords hackers will try when attacking your device

Warning over 'hidden apps' as mobile malware attacks increase - and get sneakier

3rd March

7 security tips for IoT systems

Almost half of mobile malware are hidden apps

Casinos in Las Vegas Hit by Suspected Ransomware Attack

Chinese security firm says CIA hacked Chinese targets for the past 11 years

Consumers urged to secure internet connected cameras

CrowdStrike's 2020 Threat Report: Spammers fine-tune email thread hijacking

Cybercriminals and drug cartels are spreading malware and stealing financial information in Latin America

Data Breach Affects Princess Cruises, Holland America Line Guests

Data security: 5 problems and solutions

Do these three things to protect your web security camera from hackers

Hospitals should employ 1-10-60 rule to counter cyberattacks

Legal services giant Epiq Global offline after ransomware attack

'Malware-free' attacks now most popular tactic amongst cybercriminals

Missouri: Detectives investigate data breach at Jefferson County School District

Phishing scams: Big jump in complaints about phoney calls and texts

SpaceX Contractor Hit by Data Breach

Surge in Attacker Access to Privileged Accounts and Services Puts Businesses at Risk

Woman scammed out of £95,000 after her solicitor was hacked

2nd March

5G and IoT security: Why cybersecurity experts are sounding an alarm

23 cybersecurity incidents in February

Alinta Energy accused of putting customers' sensitive information at risk

Computer Scientists’ New Tool Fools Hackers into Sharing Keys for Better Cybersecurity

Credit score builder Loqbox hit by data breach

Hackers are actively exploiting zero-days in several WordPress plugins

Hawaii health system notifies 2,900 patients of email mix-up

Increased security investments aren't stopping data breaches

Leaked: 146 million records relating to users of railway Wi-Fi exposed online

Phishing: Leading targets, breaking myths, and educating users

Ransomware victims are paying out millions a month. One particular version has cost them the most

Simon Fraser University hit by ransomware attack, resulting in data breach

Spartanburg School District One's computer network hit by ransomware attack

Survey: Despite new tactics, companies still face challenges implementing cybersecurity measures

Swiss government submits criminal complaint over CIA Crypto spying scandal

Tesco sends security warning to 600,000 Clubcard holders

This phishing email contains a password-protected file. Don't open it

UK Home Office breached GDPR 100 times through botched management of EU Settlement Scheme

US charges two Chinese nationals for laundering cryptocurrency for North Korean hackers

‘Vulnerable’ iOS Cut-and-Paste Data in iPhone or iPad Devices

Walgreens Announces its Mobile App Leaks Personal Data