A database error at Washington’s UW Medicine left crucial patient data exposed resulted in a breach affecting 974,000 individuals. However, it wasn’t the Seattle, Washington-based academic medical system that discovered the misconfiguration, as a patient was said to have made the discovery while doing a Google search on herself.
According to Fox, “a ‘vulnerability’ on a website server made protected internal files available and visible by searching on the internet. The website error happened Dec. 4, but wasn’t discovered by UW Medicine until Dec. 26.”
UW Medicine took to their website to write, “UW Medicine takes patient confidentiality very seriously and we sincerely regret that a data exposure occurred in Dec. 2018. Patients affected by this exposure are being notified by mail.”
Although not the first healthcare organization to experience this crucial error, they are currently the most recent. This occurrence has organizations, both healthcare and not, rethinking their IT and furthering their search to ensure a breach such as this won’t happen to them.
Threats are increasing day by day every small, medium and large scale company must adopt essential IT security measures.
WhatApp thrilled users in January when they revealed compatibility with Face ID and Touch ID, allowing users to open, and continue utilizing their app, with the recognition of their facial features or a fingerprint. However, a recent malfunction with the new upgrade is leaving accounts requiring no verification at all and indirectly encouraging privacy invasion.
Upon enabling Face ID and Touch ID, WhatsApp users are prompted on whether they’d like their authentication “immediately” or in intervals ranging from one minute to one hour. If the option for intervals is selected, the app will use recognition in the allotted time frame during use to ensure the correct person is still browsing the app. Despite the extra security measure, one Reddit user found a loop hole in the app’s code and is warning others who utilize the feature. It seems that, by selection the option of timed intervals, users are able to close out of the app entirely and reopen it without any verification needed. The only users not affected by this glitch are those that have chosen the “immediate” verification.
Although not a high security risk, it still leaves many susceptible to snooping by others who may have access to their phone. A representative for Facebook said, “We are aware of the issue and a fix will be available shortly. In the meantime, we recommend that people set the screen lock option to ‘immediately’.”
Traveling comes with a wide variety of preparations from both personal and professional aspects. While some consider it vacation, many continue to work on the excursion to ensure that they are up to speed and clued in on the current updates with work. However, foreign servers could cause unexpected problems for travelers, so we at Cynexlink feel it is important that users be aware of the risks involving a trip abroad.
Before embarking on your travels, back up your data and information. In the unfortunate occurrence that your device is compromised, you will have a much easier time reinstating your data and continuing where you ultimately left off. Secondly, turn off file sharing and print sharing features just before confirming that anti-spyware is installed and activated.
Once your journey has begun, continuously clear your internet browser at the end of each use: delete history files, caches, cookies, and temporary internet files. If using public wifi, do not visit any sites that require credentials, including social media and various banking sites. Avoid popups and innocently clinking foreign links that could infect your device.
Finally, upon your return, change and update all passwords and login information. This crucial step will allow you to reinstate the safety of your accounts and begin your arrival home on a clean slate.
These are all the important IT Security tips to make a note
The well-known fast food chain reached an offered settlement amount after their point-of-sale systems were breached, leaving many entities and consumers left canceling cards and handling fraudulent activity.
The initial class action lawsuit was filed in February of 2016, Torres v. Wendy’s International, and later settled for $3.4 million. However, in April of 2016, “Pennsylvania-based First Choice Federal Credit Union filed a lawsuit, seeking class-action status on behalf of all affected financial institutions. The lawsuit seeks to have Wendy’s compensate affected card issuers for breach-related losses and expenses, such as the cost of reissuing cards and compensating cardholders for fraud losses,”Data Breach Today writes. Additionally, the fast food mogul is formally expected to update their security measure to ensure this issue is one of the past.
It is estimated that a staggering 18 million cards, issued by 7,500 various financial institutions, were compromised during the breach. Fortunately, it seems this current lawsuit may be nearing resolution as Wendy’s has offered a $50 million dollar settlement, fronting only $27.5 million while insurance disperses the remaining figure.
“By way of example, if valid claims are submitted for all eligible cards, it is estimated that settlement class members could receive approximately $2.00 per eligible payment card,” the proposed settlement reads. “If, for example, 40 percent of eligible payment cards are submitted, then settlement class members could receive approximately $4.80 per eligible payment card.”
Breaches as uninvited guests every online business performing company must adopt healthy IT Security practices.
Internet privacy is the practice including the imposition of personal privacy associated with storing, repurposing, provision to third parties, and displaying of data related to oneself via the Internet. It is a part of data privacy.
With hackers lurking at every corner of the web, it’s critical that you keep both your personal and professional data as secure as possible. Although pinpointing a reputable Cybersecurity company to handle your safety challenges is strongly encouraged, there are minor adjustments you can make at home to better protect your privacy.
5 Tips To Improve Your Internet Privacy
Check Social Media Privacy Settings
Pay a visit to the ‘settings’ portion of your social media accounts and make sure your posting are only shared with a small group of people if any. Allowing foreign accounts to view your postings, photos, and whereabouts is definitely not an action in favor of your internet privacy. Adjust your settings so only close friends and relatives have access to that information. While it may seem harmless, any amount of personal information is more than enough make you an online target.
Your search browser allows visited sites to gain access to your former searches and target you from there. To avoid this, use private browsing when searching the web.
Favor Messaging Apps With “End-To-End Encryption”
A wide variety of messaging apps utilize what is called “encryption in transit”, documenting your information and conversations into their system instead of eliminating the thread upon closure. This could deem a problem if servers are hacked and information is disseminated. Stick with “end-to-end encryption” apps that don’t store your information, such as WhatsApp.
Avoid Public Wifi
While public wifi seems convenient and enticing, it is strongly encouraged that you stick to private entities to avoid the risk of someone browsing through your device. The heavy traffic that frequents public wifi servers is a point of interest for hackers or individuals attempting to elicit private information.
Don’t Settle For Basic Passwords
Put in the extra time to ensure your password contains a wide variety of letters, numbers, and symbols. It is strongly encouraged that you stray from the standard “one word” password and craft a complex phrase. The more difficult the password you make, the more difficult time an outside source will have getting into your accounts.
Monday was filled with international tension as China publicly accused the US of blocking their technology advancements by alleging that their products may impose a security threat. While attempting to get other countries onboard with the ban, British media seemingly negated the US’ claims, informing that China’s 5G technology can actually limit security risks.
NBC writes, “The U.S. argues that Beijing might use Chinese tech companies to gather intelligence about foreign countries. The Trump administration has been putting pressure on allies to shun networks supplied by Huawei Technologies, threatening the company’s access to markets for next-generation wireless gear.”
Huawei Technologies denies any affiliation with spies while holding their ground and refusing to release confidential information about foreign clients.
Chinese foreign ministry, Geng Shuang, expressed his discontent with the US government attempting to“fabricate an excuse for suppressing the legitimate development”. He continued to address that what the country is doing by incorporating “political means” to affect the economy is “hypocritical, immoral and unfair bullying.”
While the cloud has proven itself to be an incredibly useful tool for both business and personal use, it goes without saying that a heavily relied on entity should be equipped with even heavier security measures.
It’s a common misconception that since the cloud is not necessarily a tangible source it can’t be hacked or breached. This is extremely false. Clouds are just as susceptible to attacks as any server with a location would be. Ensuring that your cloud is as secure as possible is a necessary step that many overlook or assume is irrelevant to their computing endeavors.
In addition to using complex passwords to secure your cloud, it is also recommended that you entertain the idea of utilizing MFA (multifactor authentication). MFA requires multiple sources of confirmation before granting access. Examples of these include a secret PIN, a verification text, or an email link that instantly allows you to access your domain through a deep link.
For more information on securing your cloud and what options are best suited for you and your company, visit Cynexlink and request your free consultation!
In light of Facebook’s recent privacy infraction that became a global upset, the Federal Trade Commission (FTC) and the social media platform are sitting down to negotiate a multi-billion dollar fine.
Said to total as the biggest penalty imposed on a technology firm, the fine “would amount to a reckoning for Facebook in the United States after a series of privacy lapses that may have put the personal information of its users at risk,” the Washington Post reported. They continued, “Lawmakers have faulted the company for mishandling that data while failing to crack down on other digital ills, including the rise of online hate speech and the spread of disinformation from Russian operatives and other foreign actors.”
Democratic Sen Richard Blumenthal (Conn.) spoke on the issue, stating, “Facebook faces a moment of reckoning and the only way it will come is through an FTC order with severe penalties and other sanctions that stop this kind of privacy misconduct going forward.”
Prior to the incident, the largest fine ordered by the FTC was a whopping $22.5 million against Google due to “misrepresenting the extent to which consumers can exercise control over the collection of their information.”
With security breaches and phishing on the rise, we at Cynexlink feel it’s important to educate users on preventative measures they can take from home to lessen the likeliness of a cyber attack.
First and foremost, ensure that your passwords emulate phrases with a combination of numbers, letters, and symbols. For in-depth tips on crafting an ironclad password, visit our article giving a step by step guide for extra protection.
Once your password is nice and complex, make sure your software and servers are up to date and have the latest installments. Although a tedious task with verbiage that potentially requires a degrees to comprehend, this updating tactic could be the difference between a secure server or a compromised company. Take the extra time for updates and avoid falling down the slippery slope of “Remind Me Tomorrow”.
Another tactic used to add an extra layer of cyber protection is to enable two-factor authentication. This requires a secondary method of confirmation beyond a username and password. Common methods can include a secret PIN, a text message verification, or a confirmation email. While this may seem like a lengthy precaution to take, nothing is too extensive to ensure data protection.
Finally, always back up your data! In the occurrence that your hard drive is compromised, backing up your information to a cloud or storage unit will allow for easier data recovery.
For more information on IT Security you can visit our website and schedule a free consultation today!
Monica Elfriede Witt, a former U.S. Air Force counterintelligence agent, has been charged for organizing spear-phishing campaigns with the intention of compromising the devices of various U.S. intelligence agents. The veteran was indicted alongside four Iranians who are said to have been involved in the scheme.
Data Breach Today wrote, “The former agent…defected to Iran in 2013, the DOJ says. She also stands accused of revealing the identity of a highly classified U.S intelligence program and an intelligence officer. Witt has been charged in federal court in Washington with three counts of espionage.”
The case against Witt required years of data collection and investigation. It is reported that the former agent took to Facebook to locate current US Agents and disperse numerous friend requests from falsely created accounts in hopes of hacking users’ locations and information.
“It’s unclear if any of the attempts were successful, but at least one of the messages sent by the group would have immediately raised suspicion. It asked the recipient to disable anti-virus software before opening what was purportedly a photo album.”
Witt’s charges were made public by the U.S. Department of Justice on Wednesday.