Data Breach Ripples: Week of June 19

Posted by Zach Walker on Jun 19, 2015 1:00:00 PM
Find me on:

DBR-Email-Header-4215

In this week's issue: consumer call scams up are steadily increasing, a data breach was discovered at Fred's Super Dollar, Samsung Galaxy security exploit has been uncovered by security researchers, LastPass suffers a data breach, and for this week's Rippleshot blog post, we recap the Trustwave 2015 Global Security Report.

Study: 86.2m consumer call scams, enterprise incidents up 30 perecent

Security researchers at Pindrop Security released their annual The State Of Phone Fraud report earlier this week, shining light on phone fraud that financial institutions and retailers deal with daily. In the report, Pindrop Security notes that call centers for financial institutions and retailers have experienced a 30 percent increase in over-the-phone scams in the last two years. This increase in phone fraud has shown that nearly 1 in every 2,200 calls received was fraudulent. The report also found that fraudsters are targeting U.S. consumers directly, with more than 86.2 million calls monthly are some form of a scam or social engineering. 

For more insight into the report, download a copy of Pindrop Security’s latest report, click here.

Customer Data Breach at fred's super dollar

Discount general merchandise and pharmacy chain, Fred’s Super Dollar, joins the list of retailers to suffer a data breach. The retailer discovered that cybercriminals planted a strain of  malware on the point-of-sale (POS) systems at various Fred’s locations. At this time, the full scope of the data breach is still unknown as Fred’s works with forensic investigators to determine. According to Brian Krebs’ sources, fraudulent activity can be traced back to Fred’s locations located in the midwest and south. As more information becomes available, be sure to check back on our Twitter page.

Flaw lingers in samsung phones, illustrating hacking risk

Back in December of 2014, a mobile security researcher at NowSecure discovered a security flaw that would affect over 600 million Samsung mobile devices, including Samsung’s latest release, the Galaxy S6. The security flaw deals with the pre-installed keyboard that could allow an attacker to remotely access features of the phone such as GPS, camera and the microphone, and also allow one to eavesdrop on both incoming and outgoing phone calls. When NowSecure presented these findings to Samsung, the technology company asked NowSecure to wait three months before going public as it had sent a fix to wireless carriers for them to distribute to its users.

Fast forward to a week ago when researchers from NowSecure bought a new Samsung Galaxy S6 from both Sprint and Verizon Wireless. Both phones were found to still be vulnerable to the security exploit discovered nearly a year later. When initially reached for comment on Monday, Samsung did not immediately respond but has since released a statement to Business Insider.

LASTPASS SUFFERS A DATA BREACH

On Monday, a password management company divulged that it had been the victim of a cyberattack, compromising the personal information of its users. LastPass said that the company had found out that attackers gained unauthorized access into the company’s network systems. In a blog post on LastPass’ website, the attackers made off with user emails, password reminders and other data, while there was no evidence to indicate that encrypted user data was taken compromising LastPass user accounts.

It is highly recommended that if you use LastPass to manage your passwords, that you change your master password immediately.

Rippleshot Content: Trustwave 2015 global security report recap

In this week's Rippleshot blog post, we take a look at the annual Trustwave Global Security Report which provides a unique overview of the global security landscape, what trends emerged over the past year, and what the payments industry should k eep an eye on moving forward. We will cover the industries, regions and technological environments that have been severely impacted by data breaches in the past year.

SHARING IS CARING. TO GET YOUR FRIENDS AND COWORKERS SUBSCRIBED, SEND THEM HERE.

 

New Call-to-action  

Topics: Data Breach Ripples