In this week's issue: live streaming website Twitch experiences a data breach, a national data security breach bill moves one step forward, a Hilton HHonors security flaw exposed all of its users' accounts, nearly seven in ten U.S. patients would avoid healthcare providers that suffer a data breach and in this week's Rippleshot blog post, we take a look at data breach fatigue and its impact on consumers.
Twitch Resets All Password After Suffering Data Breach
Twitch, a popular live streaming service, announced that the company had suffered a data breach giving unauthorized access to a number of its user’s accounts. Due to the security breach, Twitch was forced to have all of its users change their passwords and disconnected all accounts from Twitter and YouTube. Amazon acquired Twitch for nearly $1 billion late last year due to Twitch’s enormous popularity on the Internet.
While the total number of affected users is still unknown to the public, its worth noting that Twitch is reportedly the fourth largest site on the Internet in terms of peak traffic. Only Apple, Google and Netflix bring in higher peak traffic than Twitch.
Data Breach Bill Moves Forward In The U.S. House
The House Energy and Commerce Subcommittee, tasked with creating a national data security breach notification standard, has moved one step closer implementing the new legislation. Before the legislation is presented to the full committee, additional changes will have to be made due to disagreements over state data security and breach notification standards.
In its current form, companies in the United States would have to maintain sufficient security practices and inform customers within 30 days if their personal or financial data might have been stolen during a data breach.
Hilton Honors Flaw Exposed All Accounts
In an effort to ensure the security of their customer’s personal information, Hilton Hotel & Resorts began to offer its Hilton HHonors Award members 1,000 free points for anyone that updated their current PIN, or current password, to a password of at least eight characters in length. However, two security consultants at Bancsec found a vulnerability that would let anyone gain unauthorized access to a Hilton HHonors account by knowing or guessing the valid 9-digit account number. After receiving a tip from KrebsOnSecurity about the vulnerability, Hilton World confirmed the vulnerability and temporarily prevented password resets.
Most Patients Would Switch Healthcare Providers After A Data Breach
In a recent TransUnion Healthcare survey, nearly seven in ten patients would avoid healthcare providers that have experienced a data breach. Out of the 1,000 U.S. consumers surveyed, 46 percent of patients expect either a response or notification within one day of the breach’s discovery. Following the massive data breaches at Anthem Blue Cross and Premera Blue Cross, the protected health information of hundreds of millions of Americans is at risk of being exposed to cybercriminals.
Rippleshot Content: What Is Data Breach Fatigue?
For this week’s Rippleshot blog post, we take a look at data breach fatigue and the effect it has on consumers and their shopping habits. When Target first announced the retailer had experienced a data breach, it was difficult to find someone who was not directly affected by the data breach or knew of someone that was.
Target lost 40 million payment cards due to the breach, causing a drop in consumer confidence, market share and the loss of the company’s CEO and CIO. Learn more about how the sheer number of data breaches we’re exposed to as consumers affects our memory and interest in these security incidents
Did you miss last week’s Data Breach Ripples? As always, you can get caught up here and share the latest information security news with your friends and colleagues.