Blog

GettyImages 905301022

Microsoft Accounts Targeted For Months, Hackers Serve A Security Reminder

Microsoft Outlook Security Breach

Microsoft began notifying Outlook.com users of a 2019 security breach that occurred between January 1st and March 28th. Hackers were unintentionally given unauthorized access to some accounts, where they were then able to view subject lines, email addresses, and folder names. While no login details—including passwords—were directly accessed as part of this breach, Microsoft did warn users to reset their passwords.

Although the hackers could not view the actual content in the bodies of emails nor download attachments, this incident still represents a major—and disturbing—security incident. This breach serves as a reminder to every business to tighten up its security measures and protect its assets.

Use multi-factor authentication

Do not leave this as an optional measure for your employees; require it. Multi-factor authentication uses more than one form of identity confirmation—this is the “multi-factor”—to prove the identity of the person attempting to access a particular platform—this is the “authentication.”

Depending on where in the product the Microsoft breach happened, multi-factor authentication could even have possibly prevented or limited the breach. In general, this authentication process adds a strong layer of security. Hackers don’t usually have both the password and the PIN, secret questions, or other ability to verify their identity.

When vetting which type of authentication to implement—if you have this option—consider using the one that is easiest for employees to have on hand, but hardest for others to get a hold of. Trying to make this relatively convenient for your employees will make it easier for them to comply, which will keep your business more secure. Multi-factor authentication is a measure that should go hand-in-hand with training your employees to use strong passwords.

Account for all devices—including mobile—in your security processes

Very few companies still limit employee access to business assets strictly to desktops at work. There is a growing trend of employees being able to work remotely, even if it is not full-time. A recent study showed that as many as 70% of employees work remotely at least once a week. Whether working from home, a rented office space, or on-the-road, they are using their devices to log in from a distance, well beyond the secured confines of your office. This figure was accounting for full-time employees; contractors only increase the number of remote workers further.

The security processes implemented at your company needs to account for how all of your employees are accessing company resources. Email access on mobile devices is one of the most common ways in which employees take their work on-the-go, and so it’s a strong starting point for building out these protocols. Because confidential company information is being accessed on these devices via networks over which companies have no control, it is critical that both the email servers as well as the devices being used have robust security systems in place.

While new improvements continue to roll out to tackle these issues, solutions that work across all devices are the norm. Security software, as well as encryption tools, can help protect data regardless of the device, particularly when combined with encouraging employees to log-in via secure VPN networks. Cloud options for data storage are offered by providers with a menu of security options; it’s worth walking through your needs and investing in top-quality solutions.

Document your security processes

With all of the work that goes into developing security processes, even more needs to be carried out to maintain their implementation and ensure that they remain up-to-date with new tech trends and emerging risks.

This is a vast and complex undertaking. All existing assets must be brought onto any updated infrastructure. Employees must be set-up for and onboarded to the security procedures, and checkpoints must be established so that their compliance may be monitored. Systems must be monitored for any breaches, as well as smoothly updated across all users and data to accommodate any new vulnerabilities that arose since the previous update. Different components, whether hardware (including different devices, such as mobile) or software, may experience issues with any updates. New members of the internal information technology must be introduced to the systems while existing members must stay abreast of any new developments; even team members working simultaneously on the same project must address potential communications issues.

Thorough documentation of processes helps achieve this by providing an objective record of the systems in place. This can be used for onboarding; for internal audits; for evaluating alternatives or potential improvements; and even for reviewing the source of vulnerabilities and providing accountability should an issue arise. This sort of record-keeping is an essential component of transparency in company policy and helps enforce quality control on internal processes. Of course, it must also be protected with the highest measure of security since it arguably contains “the keys to the castle.” Decentralizing its storage and scattering protected, encrypted components of it across multiple storage solutions can help protect company assets from the sort of large-scale breach that could otherwise bring your data assets to their knees.

And so, the large-scale Microsoft breach serves as a reminder that active vigilance must always be maintained over internet security, without relying entirely on one single individual, provider, or service. No single entity can be trusted to be entirely safe when major players like Microsoft are clearly vulnerable, despite the teams of brilliant engineers hired to implement safeguards and the millions of dollars invested in diverse preventive measures. Every business needs to be proactive in protecting itself through rigorous internal standards, ranging from staff training through the implementation of mandatory security precautions, to minimize the risk of vulnerabilities being exposed and exploited. Factoring in every employees’ data paths and employing multiple layers of overlapping security efforts at every step of the way—and documenting these processes for easy internal accountability and refinement—are critical for business informational security in this highly connected digital age.

Microsoft Accounts Targeted For Months, Hackers Serve A Security Reminder Read More »

GettyImages 948535788

Malware attack hits US accounting firms

Malware Threat

A major accounting software and cloud services company has been hit by malware, affecting their many clients across the US.

Wolters Kluwer, a major provider of tax accounting software and cloud services, has been hit by malware. The many financial software services they offer to clients across the country have been down since Monday, May 6.

The software provided by Wolters Kluwer is extremely popular in the US accounting industry. Users include every one of the top 100 American accounting firms, as well as 90% of the top banks worldwide, and 90% of Fortune 500 companies.

This malware attack comes at an especially vulnerable time when many accounting firms (and their clients) are intending to file their taxes. With their primary accounting systems offline, they won’t be able to do so, or at least not with Wolters Kluwer software.

However, it’s not as simple as just using different accounting software. Wolters Kluwer also provides cloud services to their clients, which means that necessary client financial data is stored in their servers, and inaccessible by the accounting firms during this outage.

Since the attack began Monday morning, Wolters Kluwer took many of its systems offline to slow the spread of the malware. According to representatives, they have since been working non-stop to try to eliminate the malware and bring their systems back online. They have contacted authorities and third-party forensic teams to investigate the attack.

“We’re working around the clock to restore service, and we want to provide [clients] the assurance that we can restore service safely,” said Elizabeth Queen, vice president of risk management for Wolters Kluwer, to CNBC. “We’ve made very good progress so far.”

However, end-users have still not been able to access their tax documents that are stored in Wolters Kluwers cloud servers. The many systems that Wolters Kluwer took offline on Monday include the customer services lines that end users have relied on to get info from the software provider.

When a backup customer service number was finally provided, users were told that there is no estimated window in which the services will be fully restored. For the time being, thousands of accountants at numerous firms across the US are being expected to wait and see.

Malware attack hits US accounting firms Read More »

GettyImages 1020375664

Quest Diagnostics Breach: Latest News

Are You One Of Many Affected By The Quest Diagnostics Breach?

Financial & Medical Information of 12 Million Exposed

Quest Data Breach

Quest Diagnostics reports that almost 12 million people could have been affected by a data breach.

On Monday, June 3, 2019, Quest Diagnostics said that American Medical Collection Agency (AMCA), a billing collections provider they work with, informed them that an unauthorized user had managed to obtain access to AMCA systems.

Quest Diagnostics is one of the largest blood-testing providers in the U.S.

Anyone who has ever been a patient at a Quest Diagnostics medical lab could be affected by the breach.

AMCA provides billing collection services to Optum360, which is a Quest contractor. AMCA first notified Quest about the breach on May 14th. Quest reports said that they are no longer using AMCA and that they are notifying affected patients about the data exposure.

The information included in the breached system includes:

  • Bank account information
  • Medical information
  • Credit card information
  • Social Security Numbers
  • Other personal information

In its filing, Quest reported:

“Quest Diagnostics takes this matter very seriously and is committed to the privacy and security of patients’ personal, medical and financial information.”

What Should You Do?

Anyone who was affected by the data leak should freeze their credit report to prevent criminals from opening credit card accounts in their name. They should also be concerned that their Social Security numbers were exposed.

If you believe that your information has been leaked, you can contact Quest Diagnostics’ customer service at 1 (866) 697-8378 or on their contact page.

Quest Diagnostics Breach: Latest News Read More »

GettyImages 1037881150

LabCorp Data Breach: What We Know

Labcorp Data Breach

Are You One Of Many Affected By The LabCorp Data Breach?

Financial & Personal Information of 7.7 Million Exposed

Just yesterday we wrote about the Quest Diagnostics’ breach affecting nearly 12 million. Today we’re writing to tell you about a LabCorp breach affecting 7.7 million people. Both of these breaches were caused by a third-party; the American Medical Collection Agency (AMCA). AMCA provides billing collection services to both LabCorp and Quest Diagnostics.

AMCA has informed LabCorp that it is in the process of sending notices to approximately 200,000 LabCorp consumers whose credit card or bank account information may have been accessed. AMCA has not yet provided LabCorp with a list of the affected LabCorp consumers or more specific information about them.

In a filing with the U.S. Securities and Exchange Commission, LabCorp said the breach happened between August 1, 2018, and March 30, 2019.

A section of the filing reads:

“AMCA’s affected system also included credit card or bank account information that was provided by the consumer to AMCA for those who sought to pay their balance. LabCorp provided no ordered test, laboratory results, or diagnostic information to AMCA. AMCA has advised LabCorp that Social Security Numbers and insurance identification information are not stored or maintained for LabCorp consumers.”

The information included in the breached system includes:

  • Bank account information,
  • Credit card information,
  • First and last name,
  • Date of birth,
  • Address and phone,
  • Date of service and provider, and
  • Balance information.

Forensic experts are investigating the breach. It’s possible that the AMCA breach could impact other companies and millions of more consumers.

What Should You Do?

Anyone who was affected by the data breach should freeze their credit report to prevent criminals from opening credit card accounts in their name. They should also be concerned that their Social Security numbers were exposed.

If you believe that your information has been leaked, you can contact LabCorp customer service on their contact page.

LabCorp Data Breach: What We Know Read More »

GettyImages 912221540

Was Your Photo and License Plate Number Breached?

 CBD Reports 100,000 Photo and License Plate Breach

The U.S. Customs and Border Protection (CBP) reported today that nearly 100,000 travelers’ photos and license plate data were breached. If you’ve driven in or out of the country within the six-week period where the data was exposed, you could have been victimized.

CBP License Plate Breach

The department said on June 10th that the breach stemmed from an attack on a federal subcontractor. CBP learned of the breach on May 31st.

CBP report:

“Initial reports indicate that the traveler images involved fewer than 100,000 people; photographs were taken of travelers in vehicles entering and exiting the United States through a few specific lanes at a single land border Port of Entry over a 1.5 month period.”

CBP hasn’t reported when this 6-week period was.

Who Was The Subcontractor That Was Affected By The Breach?

CBP hasn’t said who the subcontractor was either. But the Register reports that the vehicle license plate reader company Perceptics based in Tennessee was hacked. And, these files have been posted online.

Additionally, the Washington Post reports that an emailed statement was delivered to reporters with the title: “CBP Perceptics Public Statement.”

Perceptics’ technology is used for border security, electronic toll collection, and commercial vehicle security. They collect data from images on license plates, including the number, plate type, state, time stamps and driver images.

Where Were The License Plate Readers Installed?

Perceptics license plate readers were installed at 43 U.S. Border Patrol checkpoint lanes in Texas, New Mexico, Arizona, and California.

CBP reports that “No passport or other travel document photographs were compromised and no images of airline passengers from the air entry/exit process were involved.”

CBP uses cameras and video recordings at land border crossings and airports. The images they capture are used as part of a growing agency facial-recognition program designed to track the identity of people entering and exiting the U.S.

Do We Know Whose Data Was Exposed?

No, we don’t. And to date, CBP hasn’t said if this data will be released. If we hear differently, we’ll be sure to report any updates, so keep watching this space.

Is Facial-Recognition A Security Threat?

Facial-recognition is a hot topic right now. The American Civil Liberties Union states:

“This incident further underscores the need to put the brakes on these efforts and for Congress to investigate the agency’s data practices. The best way to avoid breaches of sensitive personal data is not to collect and retain such data in the first place.”

Congressional lawmakers have questioned whether the government’s expanded surveillance with facial recognition could threaten constitutional rights and open millions to identity theft.

Today’s technology can recognize and track us without our knowledge or an option to prevent it. It’s inevitable that a new battle between surveillance and privacy will be taking place as more breaches occur.

Was Your Photo and License Plate Number Breached? Read More »

Call Now Button