Michael Johnson

Are You One Of Many Affected By The LabCorp Data Breach?

Financial & Personal Information of 7.7 Million Exposed

Just yesterday we wrote about the Quest Diagnostics’ breach affecting nearly 12 million. Today we’re writing to tell you about a LabCorp breach affecting 7.7 million people. Both of these breaches were caused by a third-party; the American Medical Collection Agency (AMCA). AMCA provides billing collection services to both LabCorp and Quest Diagnostics.

AMCA has informed LabCorp that it is in the process of sending notices to approximately 200,000 LabCorp consumers whose credit card or bank account information may have been accessed. AMCA has not yet provided LabCorp with a list of the affected LabCorp consumers or more specific information about them.

In a filing with the U.S. Securities and Exchange Commission, LabCorp said the breach happened between August 1, 2018, and March 30, 2019.

A section of the filing reads:

“AMCA’s affected system also included credit card or bank account information that was provided by the consumer to AMCA for those who sought to pay their balance. LabCorp provided no ordered test, laboratory results, or diagnostic information to AMCA. AMCA has advised LabCorp that Social Security Numbers and insurance identification information are not stored or maintained for LabCorp consumers.”

The information included in the breached system includes:

• Bank account information,
• Credit card information,
• First and last name,
• Date of birth,
• Address and phone,
• Date of service and provider, and
• Balance information.

Forensic experts are investigating the breach. It’s possible that the AMCA breach could impact other companies and millions of more consumers.

What Should You Do?

Anyone who was affected by the data breach should freeze their credit report to prevent criminals from opening credit card accounts in their name. They should also be concerned that their Social Security numbers were exposed.

If you believe that your information has been leaked, you can contact LabCorp customer service on their contact page.

 CBD Reports 100,000 Photo and License Plate Breach

The U.S. Customs and Border Protection (CBP) reported today that nearly 100,000 travelers’ photos and license plate data were breached. If you’ve driven in or out of the country within the six-week period where the data was exposed, you could have been victimized.

The department said on June 10^th that the breach stemmed from an attack on a federal subcontractor. CBP learned of the breach on May 31^st.

CBP report:

“Initial reports indicate that the traveler images involved fewer than 100,000 people; photographs were taken of travelers in vehicles entering and exiting the United States through a few specific lanes at a single land border Port of Entry over a 1.5 month period.”

CBP hasn’t reported when this 6-week period was.

Who Was The Subcontractor That Was Affected By The Breach?

CBP hasn’t said who the subcontractor was either. But the Register reports that the vehicle license plate reader company Perceptics based in Tennessee was hacked. And, these files have been posted online.

Additionally, the Washington Post reports that an emailed statement was delivered to reporters with the title: “CBP Perceptics Public Statement.”

Perceptics’ technology is used for border security, electronic toll collection, and commercial vehicle security. They collect data from images on license plates, including the number, plate type, state, time stamps and driver images.

Where Were The License Plate Readers Installed?

Perceptics license plate readers were installed at 43 U.S. Border Patrol checkpoint lanes in Texas, New Mexico, Arizona, and California.

CBP reports that “No passport or other travel document photographs were compromised and no images of airline passengers from the air entry/exit process were involved.”

CBP uses cameras and video recordings at land border crossings and airports. The images they capture are used as part of a growing agency facial-recognition program designed to track the identity of people entering and exiting the U.S.

Do We Know Whose Data Was Exposed?

No, we don’t. And to date, CBP hasn’t said if this data will be released. If we hear differently, we’ll be sure to report any updates, so keep watching this space.

Is Facial-Recognition A Security Threat?

Facial-recognition is a hot topic right now. The American Civil Liberties Union states:

“This incident further underscores the need to put the brakes on these efforts and for Congress to investigate the agency’s data practices. The best way to avoid breaches of sensitive personal data is not to collect and retain such data in the first place.”

Congressional lawmakers have questioned whether the government’s expanded surveillance with facial recognition could threaten constitutional rights and open millions to identity theft.

Today’s technology can recognize and track us without our knowledge or an option to prevent it. It’s inevitable that a new battle between surveillance and privacy will be taking place as more breaches occur.

Hackers Now Using HTTPS To Trick Victims Via Phishing Scams

Everything you’ve heard about the safety of https sites is now in question. According to a recent FBI public service announcement, hackers are incorporating website certificates (third-party verification that a site is secure) when sending potential victims phishing emails that imitate trustworthy companies or email contacts.

These phishing schemes are used to acquire sensitive logins or other information by luring people to a malicious website that looks secure.

Can You Still Count On HTTPS?

The “s” in the https along with a lock icon is supposed to give us an indication that a website is secure. And your employees may have heard this in their Security Awareness Training. All training will now need to be updated to include this latest criminal tactic.

What Should You Do?

Be Suspicious of Email Names and Content

The FBI recommends that users not only be wary of the name on an email but be suspicious of https links in emails. They could be fake and lead you to a virus-laden website. Users should always question email content to ensure authenticity.

• Look for misspellings or the wrong domain, such as an address that ends in “com” when it should be “org.” And, unfortunately, you can no longer simply trust that a website with “https” and a lock icon is secure.
• If you receive a suspicious email that contains a link from a known contact, call the sender or reply to the email to ensure that the content is legitimate.
• If you don’t know the sender of the email, the FBI warns that you shouldn’t respond to it.
• Don’t click links in any emails from unknown senders.

If You Run A Business Ask Your IT Service Company About New-School Security Awareness Training For Your Employees

This will give your staff the latest information about cyber threats and exploits. They’ll learn what they need to know to avoid being victimized by phishing and other scams.

Why Use New-School Security Awareness Training?

Your employees are the weakest link when it comes to cybersecurity. You need current and frequent cybersecurity training, along with random Phishing Security Tests that provide a number of remedial options if an employee falls for a simulated phishing attack.

New-School Security Awareness Training provides both pre-and post-training phishing security tests that show who is or isn’t completing prescribed training. And you’ll know the percentage of employees who are phish-prone.

New-School Security Awareness Training…

• Sends Phishing Security Tests to your employees to take on a regular basis.
• Trains your users with the world’s largest library of security awareness training content, including interactive modules, videos, games, posters and newsletters, and automated training campaigns with scheduled reminder emails.
• Phishes your users with best-in-class, fully automated simulated phishing attacks, and thousands of templates with unlimited usage, and community phishing templates.
• Offers Training Access Levels: I, II, and III with an “always-fresh” content library. You’ll get web-based, on-demand, engaging training that addresses the needs of your organization whether you have 50, 500 or 5,000 users.
• Provides automated follow-up emails to get them to complete their training. If they fail, they’re automatically enrolled in follow-up training.
• Uses Advanced Reporting to monitor your users’ training progress, and provide your phish-prone percentage so you can see it reduce as your employees learn what they need to know.  It shows stats and graphs for both training and phishing, ready for your management to review.

Your employees will get new learning experiences that are engaging, fun and effective. It includes “gamification” training, so they can compete against their peers while learning how to keep your organization safe from cyber attacks.

Add New-School Security Awareness Training To Your Current Employee Training

The use of https is just the latest trick that hackers are using to fool victims into falling for malicious emails. Hackers have many more “up their sleeves.” This is why regular, up-to-date New School Security Awareness Training is so important for any organization.

Capital One Data Breach Affects More Than 100 Million Customers and Small Businesses in The U.S. & 6 Million in Canada

On July 29, 2019, Capital One reported that their customers’ confidential information was compromised. This includes the Social Security and bank account numbers of more than 100 million people and small businesses in the U.S., along with 6 million in Canada.

The McLean, Virginia-based bank discovered the vulnerability in its system July 19 and immediately sought help from law enforcement to catch the perpetrator. They waited until July 29 to inform customers.

How Did The Hacker Get Into Capital One’s System?

According to court documents in the Capital One case, the hacker obtained this information by finding a misconfigured firewall on Capital One’s Amazon Web Services (AWS) cloud server.

Amazon said that AWS wasn’t compromised in any way. They say that the hacker gained access through a misconfiguration on the cloud server’s application, not through a vulnerability in its infrastructure.

Capital One says that they immediately fixed the configuration vulnerability that the individual exploited and promptly began working with federal law enforcement.

Who Breached Capital One’s Data?

Paige A. Thompson, a former software engineer in Seattle, is accused of stealing data from Capital One credit card applications.

Thompson was a systems engineer and an employee at Amazon Web Services from 2015 to 2016. In a statement, Amazon said that she left the company three years before the hack took place.

The FBI arrested Thompson on Monday, July 29 for the theft, which occurred between March 12 and July 17. Thompson made her initial appearance in U.S. District Court in Seattle and has been detained pending an August 1 hearing. Computer fraud and abuse are punishable by up to five years in prison and a $250,000 fine.

What Information Was Compromised?

Thompson stole information including credit scores and balances plus the Social Security numbers of about 140,000 customers and 80,000 linked bank account numbers of their secured credit card customers. For Capital One’s Canadian credit card customers, approximately 1 million Social Insurance Numbers were compromised.

The largest category of information obtained was that of consumers and small businesses when they applied for one of Capital One’s credit card products from 2005 through early 2019.

Capital One said, some of this information included names, addresses, phone numbers, email addresses, dates of birth and self-reported income.

Other data obtained included credit scores, limits, balances and transaction data from a total of 23 days during 2016, 2017 and 2018.

This is one of the top 10 largest data breaches ever, according to USA TODAY research.

What Is Capital One Saying About The Breach?

They will offer free credit monitoring services to those affected. Capital One said it was “unlikely that the information was used for fraud or disseminated by this individual” but committed to investigating the hack fully.

They’ve set up a consumer website about the breach at www.capitalone.com/facts2019 that you should refer to if you’re worried that your information was compromised.

Capital One expects that this hack will cost them approximately $100 million to $150 million in 2019.

What Should Capital One Customers Do?

If you’re a Capital One customer, you should check your account online. You should also freeze your credit through each of the three main credit bureaus: Experian, Equifax and TransUnion.

It’s important to remain vigilant. Businesses should sign up for Dark Web Scanning to detect whether your confidential business information is there for cybercriminals to use.

Prevention is always the best remedy. Ask your IT provider to ensure your that your firewall is properly configured and to continuously remotely monitor your network for intrusions.