The Rippleshot Data Breach Blog

Data Breach Ripples: Week of September 11

Written by Zach Walker | Sep 11, 2015 7:00:00 PM

Today is the 14th anniversary of the 9/11 attacks. Our thoughts are with all those affected by the tragic events of that day.

In this week's issue: eighty-one percent of healthcare organizations say they have been compromised, Costco's photo center reopens after security concerns, Yahoo ads have been used to spread malware, California State University suffers a data breach and for this week's Rippleshot content, we get you up to date on everything you need to know about card cracking.

Report: 81% of Health care organizations say they have been compromised

Following the massive data breach that compromised the personal information of roughly eighty million individuals, organizations in the healthcare industry are more aware of the lasting impact of a data breach. However, it appears that it may be too late for said organizations to beef up their security portfolios. In a new report conducted by KPMG, eighty-one percent of healthcare executives polled admitted that their organizations had been victim of a security incident in the past two years. In the report, thirteen percent of executives stated that their organizations are targeted by at least one external hack attempts daily.

Costco photo center open after seven weeks amid security concerns

Nearly two months ago, Costco took down its online photo center in midst of concerns of a security breach involving one of the retailer's third party vendors. In mid-July, news broke that cybercriminals had targeted PNI Digital Media, a company that handles online photo ordering for various sites. PNI Digital Media also provides theses services to companies in North America, including CVS, Rite Aid, Sam's Club and Walmart in Canada.

In a statement issued by the retailer, Costco's online photo center is operational after determining that a security incident took place, compromising the personal and payment information of an undisclosed number of customers. While Costco believes that customer photos were not compromised, they have confirmed that a small percentage of its members had their credit card information stolen.

Researchers discover hackers spread malware via yahoo ads

As cybercriminals look to new ways to reinvent themselves and their tactics to stay ahead of security professionals, a new attack method has been discovered by a group of researchers. This new method allows hackers to leverage Yahoo's websites and ads to deliver an exploit kit to unsuspecting visitors. Security researchers at Malwarebytes have discovered that the very same vulnerabilities that hampered Adobe Flash allow Yahoo's websites to be infected with malware.

The exploit allows a hacker to trick Yahoo's automated ad network into delivering malicious software that is embedded in various re-marketing ads. Due to the large amounts of traffic generated across Yahoo's sites, this exploit is appealing to cybercriminals. According to Fraser Howard, a security researcher at SophosLabs, the hacking kit associated with this exploit has seen its market share grow from 25 to 83 percent this year alone.

California state university data breach hits nearly 80,000 students 

The personal information of nearly 80,000 students has been compromised in a data breach related to an online class offered by Cal State. The nearly 80,000 students across Cal State's eight campuses enrolled in an online course that covers sexual violence prevention that is required of all students under California state law. Cal State officials said on Tuesday that the university system had hired three third party vendors to conduct the online class, when it was discovered that one of three vendors had been breached.

At this time, Cal State does not know how the data breach occurred but is working with forensic investigators to determine the cause. While sensitive information such as Social Security numbers or credit card information was not stolen in the breach, student login information as well as demographic identifiers such as gender, race and sexual identity were compromised.

Rippleshot Content: what you need to know about card cracking

This week, the Rippleshot team covers one of the latest fraud schemes that target millennials through social media. Card cracking occurs when fraudsters promise quick and easy money to college students or recent graduates. In exchange for a quick buck, the targeted consumers are asked to hand over their checking account information and other banking information in order to commit fraud via counterfeit checks. Click here to learn more about how fraudsters are targeting one of the most discussed generations in recent history.

 SHARING IS CARING. TO GET YOUR FRIENDS AND COWORKERS SUBSCRIBED, SEND THEM HERE.