NEWS & UPDATES

There are masses of medical data stored on servers around the world and unfortunately hackers manage to find ways into these storage systems and gain access to this highly sensitive data.

This can be particularly relevant in the U.S., where their healthcare system means records are managed by a number of private organisations, or sourced to private entities whose responsibility is to manage medical records for several healthcare institutes. Although such ease of access can be beneficial from a medical perspective, the danger is the growing exposure of medical data to being hacked.
Read More

There is growing importance for organisations to protect against hacking. In light of a number of infamous hacks that have occurred in recent years, it’s clear that we’re all at risk of third-party actors hacking into our servers and systems.

We have seen millions of documents and files being hacked from a number of organisations worldwide. Malicious actors can get in with simple vulnerabilities, like an organisation’s failure to update their Outlook webmail system. One simple error like this could lead to the whole organisation’s data servers being accessed!
Read More

In recent years, the healthcare industry has been a big target for cyber-hackers, and there have been some huge cases reported. The healthcare industry leads the way in terms of the highest number of breaches and leaks in the U.K. and in other countries too, and in one example we’ll take a look at here, a hospital suffered a medical data breach that reportedly affected some 30,000 patients.

A medical breach involving 30,000 patients is absolutely monumental!
Read More

Cyberattacks and data breaches have soared in recent years, and the U.S. has suffered huge amounts of breaches that has also affected U.K. organisations and citizens too.

They’re a worry because they can identify weaknesses in a country similar to us in terms of technological reliance and development. In this article, we’ll take a quick look at seven of the biggest government data breaches from across the pond in the U.S.
Read More

Cybersecurity consultancy firm Accenture reportedly held an incredible amount of sensitive customer data on four cloud servers that were not password-protected. There were some 137GB of data on Amazon’s cloud bucket that included decryption keys, and without a password, the account was essentially available for access by the public.

The unsecured servers were discovered by a security research firm, UpGuard, in mid-September. They found:

• Secret Application Programming Interfaces
• Authentication credentials
• Certificates
• Decryption keys
• Customer information

Read More

The U.S. National Football League has reportedly seen a huge data leak where 1,113 players had their personal information posted online.

The website for the NFL Players Association also included contact information for the players and their agents in the reach. Exposed information apparently included:

• Email addresses and mobile telephone numbers
• Home addresses of agents
• IP addresses for users when signing in
• Logged information for the website was accessed
• Advisor fee percentages

Read More

It’s a potentially deadly combination: healthcare data and mobile apps.  In fact, one of the world’s largest diagnostics service providers had its security wall breached as a result of a mobile app exposing medical data. So, it has happened.

Reportedly, around 34,000 customers had personal and medical information accessed during the breach. The information included customers’ names, dates of birth, health records and some telephone numbers.

Thankfully, the breach did not include any financial details like bank account numbers, sort codes and NI numbers. But it raises serious doubts over whether the healthcare industry is really secure enough to combine with the mobile app industry. Is it just too risky?
Read More

Newkirk Products Inc, a company who provides ID cards for health insurance plans, revealed a data breach took place last year that allowed unauthorised access to a server that contained member information.

The server that was hacked reportedly contained the data for an estimated 3.3 million members.

Now, this is the kind of breach that can be very dangerous several years after the event. With cybercriminals known to hold on to information for future use, any victim of a data breach needs to be wary.
Read More

Last October, the Australian Red Cross Blood Service had 1.74 GB of backup data compromised. This reportedly included 1.3 million rows and 645 tables containing personal information belonging to some 550,000 online blood donor applications.

The following details were reportedly made publicly available: Name; Gender; Postal address; Email address; Gender; Phone number; Date of Birth; Country of Birth; Blood Type; Type of donation.

Other information relating to blood donations like donor eligibility answers and appointments were also revealed. Some of this can certainly be classed as very sensitive information indeed.
Read More

U.S. District Judge, Lucy Koh, has said Yahoo must face huge lawsuits brought against them on behalf of over a billion individuals who had their personal data compromised in the well-reported Yahoo breaches.

Verizon communications acquired Yahoo for $4.76 billion in June in a bid to limit liability, and contended that victims didn’t have any legal standing to sue. Judge Koh rejected this over a 93-page decision and held that victims who had their personal data breached by Yahoo’s apparent multiple failures as a data controller could pursue breach of contract as well as unfair competition.
Read More

Insurance and financial services giant Nationwide Mutual Insurance has agreed to pay out around £4 million to settle a colossal data breach that reportedly exposed personal data belonging to 1.27 million of their consumers.

Nationwide Mutual Insurance was attacked by hackers who managed to obtain a haul of personal data, including: Social security numbers; Driving licence details; Credit scores; and other personally identifiable information.

With this information, hackers and cybercriminals can be equipped with the tools required to commit identity fraud and therefore inflict huge harm and disruption to lives of the victims.
Read More

At the capital of the United States, the District of Columbia Circuit Court of Appeals ruled that customers are permitted to sue CareFirst for a data breach that reportedly compromised 1.1 million of their customers’ personal information.

A relatively small number of customers brought the class action (group action) lawsuit, alleging that the health insurance provider had attributed to the breach for their carelessness and lack of cybersecurity.
Read More