The Rippleshot Data Breach Blog

Data Breach Ripples: Week of August 18

Written by Zach Walker | Sep 8, 2014 3:42:00 PM

We've put together the latest data breach news for the week of August 18, 2014:

South Korea – Several reports believe that over seventy percent of South Korea’s population between the ages of 15 and 65 may have had their personal information stolen in a data breach involving 27 million people and 220 million records. On Thursday, sixteen hackers were arrested for allegedly distributing the stolen records and conducting money laundering schemes, earning the hackers at least $390,000.

UPS – On August 20, UPS announced that 51 of its UPS locations have been affected by a malware breach. UPS was quick to do the math to assure customers that the breach only impacts about 1% of their 4,470 franchised stores. Bloomberg reports that the breach affected approximately 105,000 customer transactions. UPS' current assessment shows that the earliest evidence of the malware at any of the 51 breached locations is January 20, 2014. UPS believes the breach began at most locations after March 26, 2014. For more information on the UPS data breach, click here.

Backoff – On August 22, the Department of Homeland Security and the Secret Service announced that more than 1,000 U.S. businesses have been compromised by a Point of Sale (PoS) malware dubbed “Backoff.” While there are currently no data breaches that have been directly connected to this particular malware, experts believe that Backoff is tied to major breaches involving Target, Supervalu, and UPS.

Onsite Health Diagnostics – On August 18, the Kansas City Star reported that Children’s Mercy Hospital in Kansas City notified 4,076 individuals that they were victims of a data breach that occurred two years ago when the Kansas City hospital registered for a wellness program. The compromised information included names, addresses, dates of birth, phone numbers, and email addresses which was originally stored by Onsite Health Diagnostics. When Onsite discovered the breach, it deleted the old data that had been on its servers ever since 2012. This is the third reported breach involving Onsite this year.

JPMorgan Chase – The FBI and Secret Service are currently working with JPMorgan Chase & Co after a cyber attack was discovered compromising both checking and savings account information. While the scope of the data breach is still unknown, banks of JPMorgan's size are often the target of cyber attacks every day. Current reports believe that a group of Russian hackers were behind the cyber attack that targeted JPMorgan and another unnamed bank in the U.S. dating back to mid-August. As more information becomes available, we will update