This Week In Cybersecurity | August 2nd

"This week in Tech" with "Tech" crossed out and replaced with "Cybersecurity"

We’re switching things up and transitioning our This Week In Tech blog to focus more on cybersecurity! Join us every Friday for a weekly recap of the latest cyber security incidents, hacks, and outages. Let’s dive in! 
 
Earlier this year, HealthEquity, a health savings account (HSA) provider experienced a cyberattack which left the personal information of 4.3 million US HealthEquity users exposed online. A partner’s credentials were compromised, allowing hackers to gain access to users’ health data. The collected information varies from user to user, but includes names, addresses, phone numbers, employers, social security numbers, and other similar pieces of data. HealthEquity confirmed this occurrence in June and has recently announced that impacted users will begin receiving notices at the beginning of August.  
 
(–Source: Tom’s Guide on MSN 
Read More: 4.3 million people hit in massive healthcare data breach — full names, addresses and SSNs exposed online (msn.com) ) 
 
It’s well known that dating apps are not the most secure social networking platforms out there, but recently, a group of researchers found that popular dating apps like Bumble and Hinge can be taken advantage of by malicious users for stalking other users. These apps contain a number of filters, including general location, to better find your ideal partner, but these filters can be used for malicious purposes. It was discovered that the exact location of a user could be pinpointed within 2 meters using Oracle trilateration. The attacker can then use this to walk around in the proximity shown and identify the location of the victim.  
 
The researchers reached out to each dating app that had this issue and the distance filters have all been changed to make this no longer possible. 
 
(–Source: TechCrunch 
Read More: Bumble and Hinge allowed stalkers to pinpoint users’ locations down to 2 meters, researchers say | TechCrunch ) 
 
Just over a week after Microsoft devices experienced an outage due to a CrowdStrike update containing faulty code, Microsoft’s Azure platform was hit with an attempted hack that caused some of its apps to go offline for approximately 10 hours on Tuesday. This was a distributed denial-of-service (DDoS) attack, in which hackers flood a platform with traffic until it can no longer cope and is knocked offline. Microsoft has resolved the issue, but said that an error of its own defenses initially “amplified the impact of the attack rather than mitigating it.” 
 
(–Source: The Independent on MSN 
Read More: Microsoft down: Outage was caused by cyber attack, company says (msn.com) ) 

 

The Resource Hub

Get Complete Managed Services Insights

Visit our Resource Center for up-to-date news and stories for technology and business leaders.

Three IT Service Techs Working together at desks in office

Move Forward with IT Services for Business

Use managed services for small and mid-sized businesses that help you reach your goals.

Work With Us