Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 9th March and 15th March 2020.
15th March
Smart home developers raise concerns about Alexa and Google Assistant security
14th March
Browser vendor leaks data via open server
How To Maintain Data Security When Staff Is Working From Home
How to Protect Your Business
HSBC say VoiceID saved almost £400m from fraudsters in 2019
Internet Crimes on the Rise: Virtual currency saw the largest percentage increase; others include extortion, lottery, social media, and personal data breaches
Top 10 internet crimes you need to know about
Urgent care walk-in centers in Texas and Florida suffer cyberattacks
13th March
Amazon Is Selling Its Cashierless Checkout to Other Stores — What Happens to the Data?
Arkansas provider alerts 15,000 patients of ransomware attack
Avoid coronavirus scams: What you need to know
Confessions app Whisper spills almost a billion records
Coronavirus: How hackers are preying on fears of Covid-19
CovidLock: Mobile Coronavirus Tracking App Coughs Up Ransomware
Czech hospital hit by cyberattack while in the midst of a COVID-19 outbreak
Data centre ‘incident’ adds to Eskom’s woes
DPC warning on ‘quick-fix’ solutions
European Electricity Association Confirms Hackers Breached its Office Network
Europol takes down SIM-swap hacking rings responsible for theft of millions of euros
February-reported breaches affect 1.4 million patients
For Sale: Card Data From Online Stores Using Volusion
Hackers pounce as coronavirus spread triggers work-at-home movement
Henry Mayo Newhall Hospital Fires Employees for Snooping on Medical Records
Homeland Security sued over secretive use of face recognition
How to Secure Online Payments on Mobile Devices
It’s 10 o’clock, do you know where your data is?
Microsoft releases emergency patch for critical SMB vulnerability in Windows 10 and Windows Server
New York health system back online following ransomware shutdown
North Carolina: Randleman Eye Center Discloses Malware Attack
Oklahoma Accused of Negligence in Massive Data Breach
Open-source security: This is why bugs in open-source software have hit a record high
Parking payment app hit by ransomware attack
PCI Security – why it’s declining globally
Political campaigns and your personal data
Princess Cruises, hobbled by the coronavirus, admits data breach
Princess Cruises Confirms Data Breach
Radio.com users affected in data breach
Scams, Fraud and Misinformation: How Cybercriminals are Taking Advantage of Coronavirus
State-sponsored hackers are now using coronavirus lures to infect their targets
Sunshine Behavioral Health Group Faces Class Action Under CCPA After Data Breach Affecting 3,500 Patients
Tor team warns of Tor Browser bug that runs JavaScript on sites it shouldn't
UK Data Privacy Compliance: Lessons from the ICO’s First Fine
Using advanced machine learning for adaptive fraud prevention
Why Cybersecurity Insurance Should Complement Your Information Security Policies And Practices
12th March
60% of Company Security Breaches Caused by Human Error
Advanced Russian Hackers Use New Malware in Watering Hole Operation
Amid coronavirus scare, ransomware targets public health agency in Illinois
Analytics firm’s VPN and ad-blocking apps are secretly grabbing user data
Applying the 80/20 rule to cloud security
Australia data breach: 90,000 staff, students, suppliers impacted at Melbourne Polytechnic
Beware of What You Download! Tech Giants Sought Lawmakers Help to Protect Data From Health Apps
Can retailers win consumers with voice technology?
Card data from the Volusion web skimmer incident surfaces on the dark web
Cookiethief Android malware uses proxies to hijack your Facebook account
Crooks use weaponized coronavirus map to deliver malware
Cybercriminals raking in $1.5 trillion every year
Cybersecurity Needs a Layered Approach to Stay Ahead of Attackers
Cybersecurity Trends in 2020 & the Threats Facing the Industry
Data of millions of eBay and Amazon shoppers exposed
Dell: Cost of data loss per organization surpassed $1M in the past year
DHS Warns APT Attackers Exploiting Microsoft Exchange Server Flaw
DoppelPaymer Ransomware Ups the Threat Level by Posting Victim’s Data Publicly If They Don’t Pay
Employees working from home to avoid coronavirus? Protect your data
Excessive permissions biggest threat to cloud security
Facebook cookie-stealing trojans surface on Android devices
Google Will Appeal Latest GDPR Fine
Hacking a network, using an ‘invisibility cloak’ – Is it that simple?
How to delete yourself from the internet
ICO Fines: When Is An Appeal Appealing?
Lawsuit filed against Dept. of Securities over massive data breach
Majority of businesses in SEA aim to improve IT security
Microsoft discontinues RDCMan app following security bug
Microsoft patches SMBv3 wormable bug that leaked earlier this week
Nearly 300 cybersecurity incidents impacted supply chain entities in 2019
Necurs zombie botnet disrupted by Microsoft
New Report Shows Breach Costs Continuing to Grow
Open Source Push Highlights Security Flaws
Open source vulnerabilities increase almost 50 percent in 2019
Payment Data From 2019 Volusion Hack Appears On Dark Web
Phishing attacks exploit YouTube redirects to catch the unwary
Shared Responsibility in Data Security
Startups: Your Most Valuable Asset in the Long Run Will Be Your Customers’ Trust
The Biggest Data Breaches and GDPR Fines – Google Tops the List
This free service shows who has your data—and helps you delete it
Two-Thirds of Healthcare Organizations Have Suffered a Security Incident
Unsecured database exposes 76,000 fingerprints
Vulnerabilities Patched in Popup Builder Plugin Affecting over 100,000 Sites
Web Application Security at Every Stage of the SDLC
What’s the best approach for ethical data use?
Will 5G Implementation Lead to an Increase in Ransomware Attacks?
Wireless SoCs Get Hardware Security
World is at permanent cyber war say security professionals
Wyoming hospital alerts patients of phishing attack
11th March
5 ways to stay avoid phishing lures
75% of Healthcare Organizations Globally Have Experienced Cyberattacks
100 data breaches by the UK Home Office
Are You Ready for a Data Breach?
Avast disables the JavaScript engine component due to a severe issue
Brazil: Millions of Records Leaked, Including Biometric Data
Clearview AI Data Breach Exposes Facial Recognition Firm’s Client List
Crafty Web Skimming Domain Spoofs “https”
Data Breach Enforcement in the UK and in the EU: Cross-Border Issues
Data breaches trend upward for 2019
'Data localisation won't help with cyber security,' say cyber security professionals, researchers
Dutch government loses hard drives with data of 6.9 million registered donors
European electricity association warns of office network breach
Fantasies of 900 million Whisper users exposed in yet another data breach
February sees huge jump in exploits designed to spread Mirai botnet
Government withholding information in data breach
Hackers are working harder to make phishing and malware look legitimate
Health Provider Sued for Failing to Safeguard Patient Data
How to prevent the data breach that keeps on happening
Israeli spyware company accused of WhatsApp hack: Facebook lied in lawsuit
Keeping Data Secure in the Always-On World
Local governments: Don't pay ransoms to hackers
Media and e-commerce brands are top targets for phishing attacks
Microsoft takes down global zombie bot network
Modern RAM used for computers, smartphones still vulnerable to Rowhammer attacks
Nearly 60% of Security Professionals Trust Cybersecurity Findings Verified by Humans over AI
Northeast Radiology Sends Notification of Data Security Incident
Ransomware attacks on healthcare facilities spike 350%
Redefining Bot Detection: Why Identity Matters
Safeguarding Healthcare for the Future With Zero Trust Security
University of Hertfordshire avoids data breach action by UK watchdog
What is cryptojacking (with examples) and how do you stop it?
Whisper, an anonymous secret-sharing app, failed to keep messages or profiles private
Why are governments so vulnerable to ransomware attacks?
Why hackers are more persistent than security teams
10th March
8 million UK shopping records exposed on the web, customers’ personal info leaked
Apple, Samsung, Google get letter from lawmakers to protect data from period tracker apps
ASD teamed up with GCHQ for stolen credit card crackdown
Avast AntiTrack certificate bug allowed others to snoop on your online activities
Bank’s voice ID system detects record number of fraud attempts
Coronavirus 'fake news' Twitter accounts shut down
Cyber hackers demand $30m from ‘major international company’ with office in Perth
Cyber Security Trends: Tips from recent UK enforcement - Part 1
Cybersecurity Has A People Problem
Details about new SMB wormable bug leak in Microsoft Patch Tuesday snafu
Durham City and County services targeted in cuber attack, 80 servers taken offline
FBI arrests Russian behind Deer.io, a Shopify-like platform for cybercrime
Following Data Breach, In-House Counsel Should Review Company Email Policies
GDPR: Is it time for the ICO to get tough?
Google data puts innocent man at the scene of a crime
Hackers impersonate Vanderbilt University Medical Center to lure victims in phishing attacks
Hackers using fake HIV test results, coronavirus emails to target healthcare companies
How poor IoT security is allowing this 12-year-old malware to make a comeback
Human Error Linked to 60% of Security Breaches
Intel CPUs vulnerable to new LVI attacks
Intel's data center CPUs vulnerability could lead to "devastating" attacks
IoT Security Market is Projected to Grow From USD 8,472.19 Million to USD 73,918.82 Million by 2026 With a CAGR of 31.20% - Valuates Reports
IT Vs. The Big Phish: Study Finds Split On Security Risk
It’s 2020 and Only 20% of Companies Are Ready for a Ransomware Attack
Microsoft March 2020 Patch Tuesday fixes 115 vulnerabilities
Microsoft orchestrates coordinated takedown of Necurs botnet
Microsoft shares nightmare tale: 6 sets of hackers on a customer's network
Microsoft warns of Human-Operated Ransomware as a growing threat to businesses
New cybersecurity legislation – ‘password123’ is illegal?
NSW govt pledges to introduce mandatory data breach reporting
Password managers: A little pain for a lot of security
Passwords Remain the Main Method of Authentication and Top Cause of Data Breaches
Poor Rowhammer Fixes On DDR4 DRAM Chips Re-Enable Bit Flipping Attacks
Privacy and Data Security Alert - March 2020
Securing customer data in a digital world filled with threats
Securing the PII ‘crown jewels’ of health IT systems
Sextortion hackers use 'friend's naked girlfriend' lure
Stop saying employees are the weakest link in cybersecurity
The Necessary Evolution of SecOps to DevSecOps
This ransomware campaign has just returned with a new trick
Thousands of Malaysian credit card details leaked in massive breach
U.S. Ex-Inspector General Indicted for Stealing Data on 250,000 DHS Employees
Verizon Business adds biometrics to cybersecurity solution portfolio
Watchdog Finds Security Weaknesses in NIH's Records System
What’s Driving Identity Access Management in 2020?
Why a risk-based approach to application security can bolster your defenses
Why the Wawa Data Breach Serves as a Warning That “Good Enough” is Never Enough
Years-long campaign targets hackers through trojanized hacking tools
9th March
5 Data Security Errors That Can Break Your Business
2020: The Year of Mobile Sneak Attacks?
A Philly lawyer nearly wired $9,000 to a stranger impersonating his son’s voice, showing just how smart scammers are getting
A Round-up of Data Breaches in February 2020
An introduction to cyber security and data protection
Australia Sues Facebook For Data Breach Of 300K Citizens In Cambridge Analytica Case
Australia vs Facebook as Privacy commissioner launches Federal Court action
Biometrics and new standards – the key to digital security
Brave to generate random browser fingerprints to preserve user privacy
Cambridge Analytica: Australia takes Facebook to court over privacy
Cathay Pacific fined £500,000 after "brute force" data breach
Cyberattackers are delivering malware by using links from whitelisted sites
Dump your passwords, improve your security. Really
Eckert Seamans lawyer warns about voice fakers after he nearly wired $9K to scammer
Eight Best Practices For Avoiding Data Breaches
Fort Worth ISD Hacked, Joining Other Texas Schools, Towns Hit By Ransomware Attacks
From Facebook to Marriott: the biggest data breach fines companies have had to pay
Healthcare Providers Lose an Average $2.75 Million per Data Breach
Holistic Cybersecurity a Must for the Healthcare Industry
Infographic: Cyber Attacks and Data Breaches of 2019
Inside the Insider Threat
Insurance provider alerts members of phishing attack
IoT May be a Hacker’s Delight, Both Inside and Out
Is Enterprise Password Death Really Inevitable?
It’s not a breach… it’s just that someone else has your data
Many companies still lacking in data breach readiness
Microsoft Edge has more privacy-invading telemetry than other browsers
Millions of UK businesses experience data breaches due to employee error
Mobile malware: Hidden apps give cyber criminals a sneaky backdoor
Multiple nation-state groups are hacking Microsoft Exchange servers
NordVPN HTTP POST bug exposed customer information, no authentication required
Oh, you won an award? Don't click that vanity scam spam link
Passwords belong in time capsules, not IT ecosystems
Phishing: Google just made it easier to use 2FA to secure your accounts
Policy Management: Choosing the Right Data Privacy Software, Part 1
Report: 267 million Facebook users IDs and phone numbers exposed online
Spying concerns raised over Iran's official COVID-19 detection app
Take These 4 Steps to Protect Yourself After a Data Breach
Two-factor authentication isn't as secure as you might expect
UK regulator fines Cathay Pacific £500k for data breaches