Tag Archives: phone numbers

Breach Brief – Ticketfly, MyHeritage

Concert ticketing service Ticketfly reported last week that it was hit by a major data breach involving the personal information of 26 million customers.

According to Ticketfly “some customer information has been compromised including names, addresses, emails, and phone numbers.” Tech news blog Engadget reported that the hacker behind the attack has uploaded much of the data to a public server and is threatening to release more.

Prior to the breach Ticketfly was warned of a flaw in its systems by the hacker. According to Motherboard.com the hacker notified Ticketfly then requested a ransom of one bitcoin in exchange for a fix. When the ransom was not paid as requested Ticketfly suffered the consequences.

Ticketfly has not said if customer’s credit card information and passwords has been compromised. However, the hacker has threatened to release more information if the ransom is not paid.

At the time this article was written the website is back online. Ticketfly is owned by San Francisco based Eventbrite.

MyHeritage.com

 

 

 

MyHeritage, an Israeli based genealogy and DNA testing service, has suffered a major data breach of its user information. According to a MyHeritage statement over 92 million customer account details were found on a server outside of MyHeritage. The data is that of of people who signed up to use the service right up to the day of the breach, October 26, 2017.

MyHeritage stated that the chief information security officer “received a message from a security researcher that he had found a file named myheritage containing email addresses and hashed password, on a private server.” Hashed passwords are encrypted representations of passwords. This means companies don’t have to store the actual password on their network but, depending on the algorithm used, hackers could still crack them.

MyHeritage claims that no other user data, such as credit cards, were compromised and DNA data are stored separate systems.

Breach Brief – SunTrust Bank

SunTrust Bank has reported a data breach that may have compromised the personal information of up to 1.5 million customers. According to reports the bank believes a former employee may have stolen customer information to give to a criminal third party.

SunTrust first became aware of improper access to customer records in February. An internal investigation implicated the ex-employee for the alleged theft. According to the Wall Street Journal the employee tried to print the records and share them with a “criminal third party.”

According to SunTrust the names, addresses, phone numbers and account balances of 1.5 million customers were breached. However the bank does not believe that Social Security numbers, account numbers, passwords, and driver’s license information were accessed. SunTrust also stated that there’s no indication that fraudulent activity has occurred with the affected accounts.

The bank has begun  the process of contacting customers whose info may have been compromised. SunTrust is also planing to provide free identity protection to all its customers whether they have been impacted by the breach or not. 

SunTrust customers can go to this website to see if they are affected by the breach.

The incident is under investigation and the bank continues to work closely with law enforcement and outside experts.

Experian Scans the Dark Web for Your Information

ExperianIn case you haven’t heard there is such a thing as the dark web, This is the side of the Internet that is not where you want to go. Here is where the child molesters, pedophiles, drug dealers, terrorist, human traffickers and other nasty people go to do business. The dark web is where you buy stolen information among other things. The dark web is aptly named, it is dark, hidden, dangerous and mostly illegal.

The AACR did a report on the dark web and we found that much of the Internet is indeed dark. According to DeepWeb.com only about 4 percent of the information on the web is available to search engines like Google or Yahoo! This is known as the “Visible Web” or “Surface Web.” So if you did the math you can see that 96 percent of information online is hidden from sight.

But now the question must be asked; how much of that information is yours? Your home address, phone number, email address, your social security number, your medical records, you passport number, and who knows what else. Most information you read about as being hacked or stolen ends up on the dark web.

There are ways and methods to scan the dark web for your information. Some legitimate companies and websites are eager to help you find and secure your information. Experian for example is offering to scan the dark web for your email address. The credit reporting company offers this website that will scan the dark web for your email address. The scan takes just a few seconds and the results are emailed to the email address you entered and it is completely free. At least the the email scan is. Experian will scan for your medical records, Social Security number, bank accounts, phone numbers, credit and debit cards, driver’s license and passport for a fee of $9.99 a month. You can try it for 30 days free. Its not a bad deal, and let’s be real, with all the data breaches happening you need to know. 

Now you know.

 

 

 

ALERT! Hospital Network Hacked ALERT!

CHS-logo

Community Health Systems, a for profit hospital network operating hospitals across the nation announced today that hackers recently broke into its computers and stole data on 4.5 million patients.

Hackers broke into the company’s network and gained access to patient names, Social Security numbers, physical addresses, birthdays and telephone numbers.

Patients who received treatment from any of the company’s hospitals or were referred to the hospital by their doctor in the last five years is affected by this breach.

Data breaches of this size leave the former and current patients at risk of identity fraud. With the stolen data criminals can open bank accounts and credit cards or take out loans in the victims name and potentially destroy the victims personal credit history.

Community Health  Systems operates hospitals in 28 states with most of their facilities located in  Alabama, Florida, Mississippi, Oklahoma, Pennsylvania, Tennessee and Texas.

In response to the breach Community Health Systems (CYH) has enlisted the help of cybersecurity experts Mandiant to investigate the hack. Mandiant experts determined the hackers were in China and used highly sophisticated malware to launch the attacks in April and June this year.

FBI representatives said that the agency is working closely with the hospital network and “committing significant resources and efforts to target, disrupt, dismantle and arrest the perpetrators.”

For more information please visit

Hospital network hacked, 4.5 million records stolen

Community Health says data stolen in cyber attack from China

Community Health Systems Data Breach Affects 4.5M Patients