Valuable insights and thought leadership.
- Breadcrumb News
- In The News
There’s a new phishing scam targeting Gmail users. Security researchers have stated that the emails are “highly effective” and even experienced, tech-savvy users have fallen victim. The scheme, which has been gaining popularity over the past few months, involves a clever trick that can be difficult to detect.
In 2016, we saw Hillary’s emails exposed on Wikileaks, the Democratic National Convention (DNC) email leak, taxpayers affected when the Internal Revenue Service (IRS) was hacked, U.S. Department of Justice breach exposing 20,000 FBI employees, Verizon customer data exposed, San Francisco’s public railway system shutdown, and most recently Yahoo’s billion account hack. The theft of Protected Health Information (PHI) continues to accelerate, with over 15 million patient records compromised in 2016. The FBI estimates that ransomware will be a 1-billion-dollar industry this year. Consumer identities are stolen hundreds of thousands of times, per day, and sold on the black market (The Dark Web) to the highest bidder. This disturbing trend continues to build with no signs of slowing down.
On January 6, 2017 the California Department of Insurance released the examination findings and settlement agreement concerning the breach of health insurance giant, Anthem Inc., which compromised 78.8 million consumers’ records. Investigators concluded with a “significant degree of confidence” that the cyber attacker was acting on behalf of a foreign government. They did not identify the government.
After months of speculation relating to Russian interference in the U.S. election, DHS and the FBI issued a rather detailed Joint Analysis, detailing the methodologies and techniques used by the Russian intelligence services and their associated threat groups.
The U.S. government is not saying that Russia “tampered with vote tallies in order to get Donald Trump elected President,” but believe that Russia is behind cyberattacks that targeted the Democratic National Committee and a host of other U.S. entities. So what does this mean for you as a business owner, employee, or consumer? If Russian hackers are capable of infiltrating a highly ranking organization like the DNC, then they are most likely capable of hacking your company server or private email account.
On November 28th, 2016 Quest Diagnostics failed to secure the Protected Health Information (PHI) of 34,000 patients from unidentified threat actors. An “unauthorized third party” accessed patient data including their lab results, name, date of birth, and telephone numbers. According to a press release from Quest Diagnostics, the stolen information does not include Social Security Numbers, or credit card information. Hackers were able to steal the data through an insecure web application named MyQuest by Care360. Patients are able to store and share electronic health records through the app. The MyQuest app is available online and to both Android and iPhone users.