LabCorp is the newest victim of the American Medical Collection Agency data breach. This news comes shortly after Quest Diagnostics had reported having their patient’s data stolen from AMCA’s database. The recent breach affects 7.7 million of LabCorp’s patients, which may have their information stolen as a result. A large concern for many of these patients is having their credit card data obtained by the hackers. According to the AMCA, the information that was compromised included not only credit card information, but addresses, phone numbers, and more. AMCA will be offering 24 months of prepaid identity protection and credit monitoring to LabCorp’s clients in light of the incident.
A vote by Riviera Beach officials lead to the decision to pay ransomware hackers 65 Bitcoins ($600,000) in order to gain access to their data. The attack occurred when a government employee clicked on a malicious link inside an email, leading to the city’s computer systems to be seized by a hacker. While they hope this payment will be enough to get their data turned back over to them, this isn’t always the case. Ransomware attacks are becoming more prevalent in local US government facilities such as schools and police stations, and hackers are getting their payday. It has been reported that over 20 public entities have been attacked this year, not counting unreported incidents.
The Cybersecurity and Infrastructure Security Agency has issued a warning to all Microsoft Windows users, claiming they may be in danger from the BlueKeep vulnerability. While just under one million internet-facing machines are susceptible to BlueKeep right now, these could easily be on the same internal networks as millions of other machines, which could lead to a disaster similar to that of WannaCry in 2017. With this information, the NSA is urging “Microsoft Windows administrators to ensure they are using a patched and updated system in the face of a growing threat.”
A warning has been issued by the US Federal Bureau of Investigations regarding a new tactic that foreign intelligence services (FIS) are using to target government employees. These foreign spies have been using social media as a means of “personal and intelligence gathering/operations purposes.” They create fake social media accounts on Twitter and Facebook to build online relationships and gain access to classified data from US military members, and US-based defense contractors. Some of these relationships began in person, and further developed after “crossing paths” on social media. After a relationship had formed, the FIS would attempt to retrieve sensitive information from the US government employee.
100,000 people may have had their information compromised in a digital breach of the US Customs and Border Protection agency. Records accessed included images of license plates and of drivers in their cars at a port of entry, over a 6-week period. So far, none of the data has been found online, but foreign governments could use this information to track Americans, or the procedures of the Customs and Border Patrol. Some civil liberties experts are questioning the agency’s ability to hold sensitive data, as this is not the first incident of its kind.