We’re switching things up and transitioning our This Week In Tech blog to focus more on cybersecurity! Join us every Friday for a weekly recap of the latest cyber security incidents, hacks, and outages. Let’s dive in!
Earlier this year, HealthEquity, a health savings account (HSA) provider experienced a cyberattack which left the personal information of 4.3 million US HealthEquity users exposed online. A partner’s credentials were compromised, allowing hackers to gain access to users’ health data. The collected information varies from user to user, but includes names, addresses, phone numbers, employers, social security numbers, and other similar pieces of data. HealthEquity confirmed this occurrence in June and has recently announced that impacted users will begin receiving notices at the beginning of August.
(–Source: Tom’s Guide on MSN
Read More: 4.3 million people hit in massive healthcare data breach — full names, addresses and SSNs exposed online (msn.com) )
It’s well known that dating apps are not the most secure social networking platforms out there, but recently, a group of researchers found that popular dating apps like Bumble and Hinge can be taken advantage of by malicious users for stalking other users. These apps contain a number of filters, including general location, to better find your ideal partner, but these filters can be used for malicious purposes. It was discovered that the exact location of a user could be pinpointed within 2 meters using Oracle trilateration. The attacker can then use this to walk around in the proximity shown and identify the location of the victim.
The researchers reached out to each dating app that had this issue and the distance filters have all been changed to make this no longer possible.
(–Source: TechCrunch
Read More: Bumble and Hinge allowed stalkers to pinpoint users’ locations down to 2 meters, researchers say | TechCrunch )
Just over a week after Microsoft devices experienced an outage due to a CrowdStrike update containing faulty code, Microsoft’s Azure platform was hit with an attempted hack that caused some of its apps to go offline for approximately 10 hours on Tuesday. This was a distributed denial-of-service (DDoS) attack, in which hackers flood a platform with traffic until it can no longer cope and is knocked offline. Microsoft has resolved the issue, but said that an error of its own defenses initially “amplified the impact of the attack rather than mitigating it.”
(–Source: The Independent on MSN
Read More: Microsoft down: Outage was caused by cyber attack, company says (msn.com) )