Happy Friday and first day of August! Here’s what you might have missed in terms of cybersecurity news this week:
A massive data breach affecting on-premises Microsoft SharePoint servers has compromised many critical sectors including US nuclear facilities, the Department for Education, and governments across Europe and the Middle East.
Microsoft addressed the issue in a blog post earlier this week and rolled out updates to fix the security gap. Users are urged to apply this patch immediately to avoid further damage. Many cybersecurity experts are concerned that the response to this incident has not been large enough given the seriousness of the threat and the attack on high-profile targets.
(–Source: Fast Company on MSN
Read More: The Microsoft SharePoint breach was massive. The response has been minimal )
Information belonging to a majority of Allianz Life Insurance customers has been exposed in a cyberattack on the company that occurred earlier this month.
Through social engineering tactics, hackers gained access to a “third-party, cloud-based” system the company uses, giving the attackers access to personal customer information. While Allianz has not disclosed the exact number of affected individuals, the company stated that the majority of customers in the US have been affected.
24 months of identity theft protection, restoration, and credit monitoring are being offered to customers whose information was compromised in the attack.
(–Source: USA Today on MSN
Read More: A majority of customers’ personal information stolen in data breach at Allianz Life )
NASCAR detected unauthorized access to its systems in early April of this year in which the hackers were able to steal personal information files.
No details about the nature of the attack or the number of people affected has been released, but NASCAR is providing victims with one, two, or three years of free credit and identity monitoring services. Notification letters have started to be sent out impacted individuals.
(–Source: Security Week
Read More: NASCAR Confirms Personal Information Stolen in Ransomware Attack – SecurityWeek )
Tea, a dating security app for women, experienced two data breaches within the past week. The first breach exposed 72,000 photo ID and selfie images used for account verification, as well as photos from posts and messages.
The images were shared around 4chan, and a map was even created showing the images and locations of the Tea app’s users.
A second breach exposed even more user information including over 1.1 million messages, contact information, and deeply personal conversations.
(–Source: TechCrunch on MSN
Read More: Tea app’s second data breach exposed over a million private messages )
