Welcome to this week's "Data Breach Ripples" for December 01, 2014. In this issue, we focus on Sony's recent data breach, a data breach compromising parking facilities in Chicago, Philadelphia and Seattle, several banks in the Virgin Islands being hit by a security breach and the personal information of over 25,000 hospital patients in North Carolina has been accessible online for over 2 years.
More Details Emerge Following Sony Data Breach
In last week’s Data Breach Ripples, we covered the latest hack involving Sony. Since then, more details have become available and it appears that this data breach could be one of the worst breaches to date due to the sheer amount and sensitivity of the data stolen.
Brian Krebs of KrebsOnSecurity notes that along with shutting down the studio’s website, a group of cybercriminals calling themselves the Guardians of Peace leaked five of Sony Pictures’ films, sensitive data of Sony personnel including salaries of roughly 6,000 employees and executives, and Social Security Numbers of Sony’s U.S. employees. Be sure to check back on our blog as we continue to follow this story as more details become available.
Data Breach HIts Parking Garages in Chicago, Philadelphia and Seattle
InfoSecurity Magazine recently reported that parking facility provider SP+ announced that between September 29 and November 10 of 2014, payment card data was illegally accessed and stolen from parking garages in Chicago, Philadelphia and Seattle. SP+ noted on their website that 17 of their parking facilities were affected with the earliest breach going back as far as April of 2014. While the amount of cards affected is still unknown at this time, SP+ is working with their payment processor to help notify affected customers.
Security Breach Hits Banks in Virgin Islands
Tripwire’s Security Blog, The State of Security, reports that several banks in the U.S. and British Virgin Islands including Banco Popular, FirstBank and Scotiabank have uncovered a security breach involving their cardholders’ accounts. At this time, none of the affected banks have reported how many cardholders have had their payment information exposed but Virgin Islands Daily News estimates that as many as 10,000 FirstBank cardholders may have been affected in the breach.
Patient Info at North Carolina Hospital Accesible via Internet for Longer than 2 Years
Over 25,000 patients are being notified by Highlands-Cashiers Hospital in North Carolina that their personal information including Social Security numbers has been available on the Internet for over two years. According to Highlands-Cashiers Hospital’s website, servers containing the personal information of the compromised patients was left accessible by a third party IT vendor. At this time, Highlands-Cashiers Hospital has stated that they have no knowledge of any patient information being accessed or used in any way.
Thanks for reading this week’s newsletter! If you missed last week’s email or want to share these with friends or colleagues, click here.