Cybersecurity

Canada – Data Deposit

Cybersecurity researchers identified an unsecured database containing thousands of customer files uploaded to the company’s secure cloud storage service. The exposed records include information dating back to 2016, which the company eventually secured. However, it’s unclear how long cybercriminals could have accessed this data or why it took Data Deposit Box nearly a week to…

Read more
Cybersecurity

United States – St. Louis Community College

Several employees fell for a phishing scam that compromised students’ personal information. The phishing scam, which took place on January 13th, happened just weeks before the school implemented 2-factor authentication on January 31st. If this effective defensive measure was in place sooner, hackers would not have been able to access employee accounts, even after they…

Read more
Cybersecurity

United States – Altice USA

A phishing scam tricked an employee into providing hackers with email credentials that were used to access and download inbox content remotely. Although the breach was announced on February 5th, the phishing scam was executed in November 2019. It wasn’t discovered until December 2019. As a result, Altice USA will have a difficult time restoring…

Read more
Cybersecurity

United States – The Heritage Company

An October ransomware attack ultimately forced The Heritage Company to close its doors. Shortly before Christmas, the company informed the staff that their operation was no longer tenable, even noting that the CEO was paying salaries out-of-pocket in an attempt to keep business going while systems were unavailable. Unfortunately, three months after the attack, The…

Read more
Cybersecurity

United Kingdom – London Stock Exchange

Authorities are reexamining an August outage at the London Stock Exchange that was initially attributed to a software glitch. The disruption prevented traders from buying or selling shares for more than 90 minutes, and impacted prices on two stock indexes. The incident could have been caused by hackers trying to destabilise markets for their own…

Read more
Cybersecurity

Alert for Potential Iranian Cyber Response to U.S. Military Actions

If you’ve been following the news lately, you’ve heard about the recent events between the United States and Iran. The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert in regard to cybersecurity and Iran’s historic use of cyber offensive activities as retaliation. Patterns of known Iranian threat techniques include: credential dumping, obfuscated files or information,…

Read more
Cybersecurity

UniCredit – Italy

UniCredit recently discovered an exposed database containing the personal information for millions of the company’s customers. Shockingly enough, the database had been accessible since 2015. The breach sent their share price down by 4%. The bank is spending a significant amount of money to update its IT infrastructure to prevent such an event in the…

Read more
Cybersecurity

Kalispell Regional Healthcare

Several employees fell for a phishing campaign that compromised their login credentials and patients’ personally identifiable information. Hackers accessed the data between May 24, 2019 and August 28, 2019. As a result, the company will bear the cost of identity and credit monitoring services for all victims, and they will face intense regulatory scrutiny. Check…

Read more