Viewing entries in
In The News

Breadcrumb CEO Discusses Pen Testing with ServiceNow

Breadcrumb CEO Discusses Pen Testing with ServiceNow

Breadcrumb CEO, Brian Horton, had an opportunity to share an example of what Breadcrumb Cybersecurity does for its clients with Service Now, a leading cloud computing company headquartered in Santa Clara, California. The article aims to help readers understand how quickly a breach can occur.

LabCorp Breach May Have Exposed Millions of Medical Records

LabCorp, one of the nation’s largest medical diagnostics companies, is investigating a security breach that may have put health records of millions of patients at risk.

In a filing with the Securities and Exchange Commission, the company says it detected “suspicious activities” on its network over the weekend of July 14 and “immediately took certain systems offline as part of its comprehensive response to contain the activity.” 

Macy’s and Bloomingdales Reveal Two-Month-Long Data Breach

Macy’s and Bloomingdale's have informed online shoppers of a data breach that lasted nearly two months. 

According to a letter from Macy’s Inc., the department stores’ parent company, an unauthorized party reportedly used stolen usernames and passwords to log into the online accounts of certain Macys.com and Bloomingdales.com customers between April 26 and June 12. While it said only “a small number of our customers” were affected by the breach, it didn’t specify how many and said only that the data was obtained from an outside source.

Tesla Sabotage Highlights the Risks of Insider Threat

A former Tesla employee used his access to the company’s network to steal “gigabytes” of highly sensitive data and transferred it to unknown third parties.

Tesla CEO, Elon Musk, sent an email to all employees late last Sunday night alleging that he had discovered a saboteur in the company's ranks.

Musk said this person had conducted "quite extensive and damaging sabotage" to the company's operations, including changing code to an internal product and exporting data to outsiders.

New Colorado Breach Notification Rules Signed Into Law

If your company has customers in Colorado, you may need to revamp your policies for notifying victims of a data breach.

Last week, Colorado Gov. John Hickenlooper signed into law expansive consumer data legislation that mandates all organizations report breaches within 30 days, making it the most stringent in the nation.

The legislation updates the state’s current notification language that states notification must happen without “reasonable delay.”

89% of Top Travel Websites Utilize Unsafe Security Practices

According to Dashlane’s 2018 Travel Website Password Power Rankings, 89% of travel-related websites leave their users’ accounts exceptionally vulnerable to hackers due to unsafe password practices.

The rankings rate password and account security on 55 of the world’s most popular travel-related sites. Dashlane researchers test each website on five critical password and account security criteria. A site received a point for each criterion it met, for a maximum score of 5/5. Any score below 4/5 was considered failing and not meeting the minimum threshold for good password security.

FBI warns that all routers should be rebooted to avoid Russian malware

The FBI has issued a security warning that all home and small office routers should be rebooted after discovering sophisticated Russian-linked “VPNFilter” malware infecting at least 500,000 networking devices.

The malware is capable of blocking web traffic, collecting information that passes through home and office routers, and disabling the devices entirely, the bureau announced.

According to the Justice Department, the Sofacy Group, also known as APT28, or FancyBear, is responsible for the attack. The group, believed to be directed by Russia’s military intelligence agency, is the group that hacked the Democratic National Committee ahead of the 2016 presidential election.

TeenSafe app leaked tens of thousands of user passwords

Two servers used by an app for parents to monitor their teenagers' phone activity have exposed the account information of tens of thousands of parents and children.

The mobile app, TeenSafe, allows parents to track the smartphone usage of their children, including their social media interactions, web history, call logs, installed apps, and real-time location. According to the Los Angeles-based company behind the service, more than a million parents currently use the service.

Over 1M Patients Affected by Healthcare Breaches in Q1 of 2018

According to a new report by the HIPAA Journal, the first three months of 2018 have seen 77 healthcare data breaches. The breaches reported to the Department of Health and Human Services’ Office for Civil Rights (OCR), have impacted more than one million patients and and health plan members.

This number is twice the number of individuals impacted by healthcare data breaches in Q4 of 2017. Between January 1 and March 31, 2018, 1,073,766 individuals had their Patient Health Information (PHI) exposed, viewed, or stolen compared to 520,141 individuals in Q4, 2017.

Was your child's identity stolen in 2017?

Data breaches put millions at risk each year. And while many victims are adults, it seems that no one is too young to become a victim of identity fraud. 

According to a new study by Javelin Strategy & Research, over 1 million US children had their identities stolen in 2017 - resulting in $2.6 billion in fraud, with families paying over $540 million out of pocket.

Even worse, these attacks can occur before children even become active internet users. 66 percent of child identity fraud victims are younger than eight years old.