The details of the massive Capital One data breach, Louisiana school districts held up by ransomware, Reddit users being a hacker target, and more in This Week in CyberSecurity: where we highlight select top cybersecurity stories from each week and share them here. Don't forget to follow our daily blog for more in-depth cybersecurity and technology news.
If you would like to be the first to know about our Week in Cybersecurity reports and receive a FREE Webcam Cover, sign up here.
The Week of August 2nd, 2019:
- Capitol One has been the victim of a massive data breach, exposing the sensitive data of over 105 million of their banking customers and applicants. The timing could not have come any worse for the US and Canadian company as it occurred right after the major Equifax breach settlement took place. The hacker that broke through Capital One’s defenses made off with private data related to credit card applications that happened from 2005 to 2019, including names, addresses, credit scores, Social Security numbers, and roughly 1 million Social Insurance numbers. Capital One has stated that no credit card numbers or logins were divulged in the hack and will be contacting the customers that could have potentially been affected. (KrebsOnSecurity)
- We’ve reported about ransomware attacks on the states of Florida, Colorado, and now we can add Louisiana to the growing list of victims. Governor John Bel Edwards has declared a state of emergency after a string of ransomware attacks affected three school districts within the state. The districts that were affected, Sabine, Morehouse, and Monroe City, had all files stored on the School District’s Servers locked away. The districts do not believe any sensitive information was leaked out or any “unauthorized access” happened and that “all major systems are operational.” We will revisit this story once more information unfolds. (Ars Technica)
- A new study from Trend Micro was released and unveiled the recent rise in tech support scams involving social media. Twitter appears to be the largest target as the attackers are using social engineering and search engine manipulation by posing as IT support agents through fake tech-support Twitter accounts and phone numbers. When contacted, the cyber-criminals prompt the victim to install a Remote Administration Tool (RAT) to fool them into believing they are infected, then prompting them to pay for bogus tech support. Always verify before divulging any personal information! (Trend Micro)
- About 2,500 Los Angeles Police Department (LAPD) officers, trainees, recruits, and over 17,000 LAPD applicants have been stolen in a data breach. While the details of the data breach are not completely divulged, it’s known that names, birthdays, employee serial numbers, and login credentials are at risk after the hack. After the breach was found and resolved, the LAPD Protective Leagues enforced its IT Agency to apply an extra layer of security to their systems. (CNET Security)
- Reddit users and XDA Developers members that browse their forums through Android devices need to be aware of a ransomware attack that is lurking their site. The ransomware, Android/Filecoder.C, spreads through SMS attempts that contain a malicious link to a ransomware app, with the text claiming that their photos have been locked and found in the app. While researchers state that the impact of this ransomware is limited, if broader sectors of these pages become targeted, it could spread like wildfire. Even worse, if the victim deletes the ransomware app, their entire device will be encrypted. The ransom may be somewhat small (reportedly maxed out at $188), but it’s another sign to always be vigilant about the links you click. (InfoSec Magazine)
neoRhino’s Remote Managed Services and Advanced Security Packages are here so you can focus on your business needs. You can relax knowing that we are here to protect you. Call us at (281) 779-4850 for a FREE consultation and we can help your business today.