Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 16 March 2020

Data Breaches Digest - Week 12 2020

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 16th March and 22nd March 2020.

22nd March

Best Practices For Data Loss Protection

Cyber gangsters hit UK medical firm poised for work on coronavirus with Maze ransomware attack

Ex-Employee Steals User Data From Derivatives Exchange Digitex

How Weibo’s massive privacy breach affects China’s crypto community

Pakistan: Cybercrime Affecting Banking Sector And Economy

University of Utah Health notifies patients of phishing attacks that began in January

21st March

Breaking: TQL faces lawsuit over data breach

DDoS botnets have abused three zero-days in LILIN video recorders for months

Ediscovery and Data Security

Hacked: Some patient information compromised in University of Utah Health breach

Police investigate ransomware attack at Jamaica National

Putin’s Secret Intelligence Agency Hacked: Dangerous New ‘Cyber Weapons’ Now Exposed

Security Alert: UK Fintech Finastra Experiences Ransomware Attack, Takes Some Servers Offline

Slickwraps slapped with class action lawsuit after data breach

University of Utah Health says some patients' data compromised in 'phishing' security breach

20th March

65% of Security Professionals Access Documents Unrelated to Their Jobs: Research

Exchange rate service’s customer details hacked via AWS

Fintech company Finastra hit by ransomware

Golden Valley Health Centers notifies patients after employee email account comprised

Golden Valley Health Centers Notifies Patients of Data Breach

Hackers breach FSB contractor and leak details about IoT hacking project

How safe is your data?

India’s Vijay Sales Leaks Private Information through Exposed Amazon Backup Server

Major data breach exposes database of 200 million users

Norwegian Cruise Line Hit By Data Breach As COVID-19 Continues To Impact Travel Industry

Norwegian Cruise Line Suffers Data Breach

Oregon DHS notifies public of data breach

Over Five Billion Breached Records Leaked

Phishing email leads to data breach at Oregon Department of Human Services

Printing company exposes 343GB of sensitive military data

Report: Account takeover and data scraping attacks on e-retailers up as COVID-19 surges

Report: unidentified database exposes 200 million Americans

Security Breach Disrupts Fintech Firm Finastra

This new variant of Mirai botnet malware is targeting network-attached storage devices

Town of Houlton Police discloses malware attack — again

UK Fintech Firm Finastra Hit By Ransomware, Shuts Down Servers

UK printer’s S3 Bucket leaks military documents, AWS issues patch

Unprotected Elasticsearch Server Leaks 5 Billion Records

Weibo Confirms 538 Million User Records Leaked, Listed For Sale on Dark Web

Weibo Data Breach Has 538M Users Personal Information Up For Sale on Dark Web for BTC

WHO chief emails claiming to offer coronavirus drug advice plant keyloggers on your PC

With cyberattacks becoming more common security now needs to take priority

19th March

Are remote workers a security risk to your business?

Australia’s Information Commissioner Charges Facebook Over Data Privacy Breach

Bluffton Township Fire District systems hacked during declared emergency

Carnival Conveniently Owns Up to Data Breach While Nobody's Taking Cruises

Cost of Cyber-Events Worsening for Large Businesses

Data Breach Report: British Printing Press Leaks Confidential Material and More

‘Dirty little secret’ extortion email threatens to give your family coronavirus

Five billion records exposed in open ‘data breach database’

France warns of new ransomware gang targeting local governments

Hackers claim they will stop targeting healthcare organizations amid COVID-19 outbreak

INSIGHT: Tax Season & Covid-19—Peak Time for Law Firm Cyber Threats

IT security report finds 97% have suspicious network activity

Majority of UK SMBs at serious risk through printer hacks

More Business Websites Hit by Credit-card Skimming Malware

Nursing home probed after residents’ personal details are found in the street

Passwords set to become obsolete as companies take security out of our hands

Rogers Data Breach Exposed Customer Info in Unsecured Database

Senators ask Alphabet how it will protect COVID-19 screening site data

Sodinokibi Ransomware Data Leaks Now Sold on Hacker Forums

Study: Fear of data breaches stifling bank innovation

Telcos agree with DoT, say no breach of privacy in sharing call data records

The 14 biggest data breaches of the 21st century

This cryptocurrency miner uses unique, stealthy tactics to hide from prying eyes

18th March

Addressing the growing cybersecurity threat in healthcare

Be vigilant when it comes to online coronavirus threats

Building a Human Firewall Against Cybercrime

Cloud security can be broken down into 4 practical steps

COVID-19: With everyone working from home, VPN security has now become paramount

eMazzanti Technologies Examines the Cost of Small Business Data Breaches

FCA admits data breach: how can firms ensure they don’t make the same ‘mistake’?

Hackers hit NutriBullet website with credit card-stealing malware

How destructive ransomware attacks could represent the future of cyberwarfare

How scammers exploit Spring Break in the time of COVID-19

How to control what personal information people see in Android

How to protect yourself from coronavirus-themed malware

Increasing Cloud Adoption to Drive Security as a Service Market to $43.4 Billion Revenue by 2030: P&S Intelligence

Koodo Mobile's Data Breach Notification: Customer Accounts and Data Sold on Dark Web

Montenegrin Coronavirus Patients’ Identities Exposed Online

More than 60% of RSA Attendees Surveyed Access Documents That Have Nothing To Do With Their Job

New TrickBot Module Bruteforces RDP Connections, Targets Select Telecommunication Services in US and Hong Kong

Open Exchange Rates Data Breach Leaks Passwords and User Information

Privacy compliance: 5 things IT leaders need to know in 2020

Protecting your Office 365 data against the threat of external and insider data breaches

Ransomware: Avoid Becoming the Next Victim

Rogers notifies customers their personal information may have been compromised

Senators Concerned About COVID-19 Health Data Leak

Skimming code battle on NutriBullet website may have risked customer credit card data

ThinCats VIP forum suffers data breach

Thousands of COVID-19 scam and malware sites are being created on a daily basis

To What Extent do Top Tech Companies like Google and Facebook Track your Online Activities?

Trickbot malware adds new feature to target telecoms, universities and finance companies

VMware patches privilege escalation vulnerability in Fusion, Horizon

Windows 10: This kernel malware is why you need Secured-core PCs, says Microsoft

Windows 10 or Mac user? Patch Adobe Reader and Acrobat now to fix 9 critical security flaws

Zero in on zero trust

17th March

As the Airline Industry Looks to the Cloud, Data Security is Critical for Take Off

Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Brave accuses Google of using 'hopelessly vague' privacy policies that breach GDPR

College of DuPage data security breach could affect 1,700 current, former employees

Coronavirus: You don’t get a pass when it comes to cybersecurity

CovidLock ransomware exploits coronavirus with malicious Android app

Critical comms companies lax in security

Cyberattacks Force Schools to Bolster Online Security

Cybersecurity risks grow as thousands of federal employees shift to telecommuting

Experian’s Data Breach Preparedness Study Reveals Increased Investments in Security Aren’t Stopping Breaches

Financial companies leak 425GB in company, client data through open database

German Military Laptop With Classified Data Sold for $100 on eBay

Hackers exploit coronavirus fears as cyber attacks soar

Hospitals 'overwhelmed' by cyberattacks fuelled by booming black market

How business professionals can improve their data management

How to protect your organization from security threats amidst the rise in telecommuters

Illinois: College of DuPage data security breach could affect 1,700 current, former employees

Open Exchange Rates Discloses Data Breach Exposing Customers’ Data

Operators behind Nefilim Ransomware threaten to release stolen data

Ransomware not slowing down and healthcare a prime target

The intersection of compliance and third parties: How to stay compliant

The Pros and Cons of Password Rotation Policies

Two Trend Micro zero-days exploited in the wild by hackers

Virgin Media data breach may mean compensation claims

Which? calls for all banks to adopt anti-fraud measures

Which? calls for mandatory bank transfer scam protections

Why Traditional Security Is Failing Us

Your No. 1 Cloud Threat is ‘Excessive Permissions’

16th March

88% of IT pros say world is in permanent state of cyberwar

Beware the cyberattacks seeking to exploit coronavirus fears

Blisk browser left open, 2.9 million records exposed

Coronavirus: Cybercriminals target healthcare workers with email scam

Coronavirus-themed phishing attacks and hacking campaigns are on the rise

Cyber experts step in as criminals seek to exploit Coronavirus fears

Data Protection as a Service (DPaaS) Market 2020 Technology, Share, Demand, Opportunity, Projection Analysis Forecast Outlook 2026

Five Cybersecurity Practices to Minimize Risk During Coronavirus

Healthcare Cybersecurity (Part II) – Pernicious Threats and Their Ripple Effects

HHS targeted by hackers as it responds to novel coronavirus, COVID-19 pandemic

Hospital Brno in Czechia hit by a cyberattack during COVID-19 virus crisis

How Red Hat tackles security

How to Tell If Your Employees are a Cybersecurity Threat

Illinois College Suffers Data Breach

Illinois Public Health Website Hit With Ransomware Amid Coronavirus

Intel CPUs vulnerable to new 'Snoop' attack

Microsoft patches wormable Windows 10 ‘SMBGhost’ flaw

Most ransomware attacks take place during the night or over the weekend

New Cyber Threat Index Shows Industries Are Under Attack in Uncertain Times

New reports unveils more details about Data Exfiltration Protection Market by 2025

North Carolina provider hit by malware attack

Online printing site Doxzoo exposed thousands of customer files

Open source bugs have soared in the past year

Remote Workers Can Increase Cyber Threat to Employers

Report: US Health and Human Services department hit by cyberattack amidst coronavirus fears

Roundup: The coronavirus pandemic delivers an array of cyber-security challenges

Security: Data Breaches Continue to Be IT Headache

Security researchers reveal Facebook's Android app can now be hacked

Security spending on the rise, says Telstra Cybersecurity expert

Slack fixes vulnerability exploitable for session hijacking, account takeovers

Tandem Diabetes Care Announces Security Incident with Five Employee Email Accounts

The State of the Cybersecurity Market: Where We’ve Come, Where We’re Going

The suboptimal state of healthcare security – and how to improve it

TrueFire hacked, credit cards and personal info may have been compromised

U.S. Health and Human Services Department Suffers Cyberattack

Understanding Zero Trust Network Security

When COVID-19 and Cyber Risk Collide, Lives Hang in the Balance

When was the last time you changed your important passwords?

Wichita State University notifying 1,762 Iowans whose personal info was accessed by hacker

Working from home: Cybersecurity tips for remote workers