This Week In Cybersecurity | December 6 2024

up close image of computer chip

Happy Friday! Here’s your weekly recap of cybersecurity news from this week:

 

 

PDF files containing 713.1 GB of personal information of 600,000 Americans have been leaked due to a company’s failure to adequately protect their database.

This database, which belongs to information research provider SL Data Services LLC, was publicly accessible with no password or encryption in place for protection. With file names containing sensitive information and the files being unprotected, anyone with the link could view and download this information.

The information in these files consisted of background checks, court records, vehicle and property ownership information, and sensitive personal data including names, addresses, contact information, family member details, criminal histories, and social media accounts.

(– Source: TechRadar on MSN
Read More: Huge data breach exposes over 600,000 records, including background checks, vehicle, and property records ) 

 

 

A ransomware attack targeting ENGlobal Corporation, a Houston-based engineering and automation services contractor for the energy sector and US government disrupted operations earlier this week.

ENGlobal detected the incident on November 25th and immediately took portions of its IT systems offline in an attempt to mitigate the attack and has since initiated other remediation efforts and an external investigation into the matter. So far, investigation efforts have indicated that the attacker gained access to the company’s IT system and encrypted data and files.

Details have not been released about compromised information from the attack.

(– Source: Infosecurity Magazine
Read More: Ransomw0are Attack Disrupts Operations at US Contractor ENGlobal – Infosecurity Magazine ) 

 

 

An Apple employee has filed a lawsuit against the company regarding its methods of monitoring the personal devices of employees.

For context, Apple offers heavily restricted company-issued Apple devices for employees to use for work, but employees can also opt to use their personal Apple devices for work or link their personal iCloud account to a work device to bypass some restrictions. Any phone that is used for work purposes, whether personal or company issued, requires the installation of a software that allows the company to search anything stored on the device or iCloud.

The lawsuit against Apple claims that the company is using its policies to monitor employees outside of working hours. Apple stated that it “strongly disagrees” with these claims.

(–Source: TechCrunch
Read More: An Apple employee is suing the company over monitoring employee personal devices | TechCrunch ) 

 

 

International development firm, Chemonics, discovered it had been targeted in an over 6 month long data breach that exposed sensitive information of over 263,000 people beginning in December of last year when an unauthorized third party gained access to their systems.

The investigation of this incident lasted almost a full year, with confirmation of which individuals had information compromised only confirmed on October 31st of this year. Breach notification letters were sent out to affected individuals this month, exactly a year after the attack was identified. Chemonics continues to closely monitor its systems for any suspicious activity.

(–Source: Cybernews
Read More: Massive breach exposes major USAID contractor | Cybernews ) 

The Resource Hub

Get Complete Managed Services Insights

Visit our Resource Center for up-to-date news and stories for technology and business leaders.

Three IT Service Techs Working together at desks in office

Move Forward with IT Services for Business

Use managed services for small and mid-sized businesses that help you reach your goals.

Work With Us