We’re rapidly closing in on the end of 2018. The information security industry always seems to ramp up around this time, as companies look to get risk assessments, scans, and other InfoSec projects completed. As the industry ramps up, so does the information security news. Here’s a snapshot of the stories we saw unfold in the month of August.
- Popular internet browsing site, Reddit, experienced a breach this month. The vulnerability compromised usernames, passwords, and email addresses. If you’ve not yet changed your Reddit password, you should do so immediately.
- Cyber threats targeting football? As the sports industry becomes more data-driven, the opportunity for hackers increases. Teams routinely face financial threats and risk of personal and reputational attacks.
- Members of the Armed Forces are being warned about their use of online dating. Attackers recently attempted to steal secrets about a British fighter jet through the popular dating app, Tinder.
- Fortnite is now available on Android, but the developers have decided to bypass the Google Play Store. This has caused concern for the security of the children who will download the app to play it.
- An Iowa health group is notifying 1.4 million people of a breach that happened recently. Luckily for the patients, the attack looks to have been focused on diverting the organization’s funds, rather than on stealing patient data.
- Healthcare organizations continue to get hit hard with cyber attacks. Between April and June of this year, there were 142 healthcare data breaches. This impacted an astounding 3.14 million patient records.
- The 142 healthcare breaches in Q2 was a 29% increase over Q1 of this year. Even scarier, 30% of these organizations have been breached once before. It’s clear that training and bandwidth need to improve to make serious changes to the security of this industry.
Information Security in Government
- The biggest county in Minnesota fell victim to a phishing attack in August. The attack compromised the emails of 20 employees and was used to send malicious emails in an attempt to get sensitive information from citizens. The FBI has been called to investigate this attack.
- Tensions are growing between cybersecurity experts and elected officials. Attendees of DefCon believe they can fix some of the security gaps with voting machines, but elected officials and the machine manufacturers remain skeptical.
- Half of all businesses have seen the volume of phishing attacks increase over the last twelve months, but c-suites aren’t taking proper concern. In a recent survey, 20% of respondents said their C-level executives sent sensitive data in response to a phishing attack, and 49% admitted that their management and finance teams aren’t knowledgeable enough to identify and stop an impersonation attempt.
- Office 365 attacks are on the rise. During the second quarter of 2018, email breaches accounted for almost a quarter of all incidents.
- An error in Salesforce’s APIs left its marketing cloud data vulnerable. There is no word whether the data left exposed was altered or tampered with.
- Think your WiFi is safe? It might be time to think again. A new attack was discovered by accident and would allow hackers to access your WiFi— regardless of how strong your password is.
- It feels like the education industry is in the news more frequently than normal lately. Augusta University in Georgia suffered a data breach in August. The breach exposed almost half a million people’s sensitive data.
- Yale University disclosed a breach this month that was nearly a decade old. 119,000 individuals were impacted by this attack. This further proves how
incidentresponse is just as important as incident prevention.
- Some institutions are taking notice. The University of Minnesota’s law school has added courses in cybersecurity, data privacy law, and more. Improving the bandwidth of security experts is certainly beneficial for businesses all over.
Understanding information security trends is important. It gives you an idea of what’s going on in the industry so you can continue to protect you and your business. Follow FRSecure on Twitter and LinkedIn for consistent updates on information security news like this, and visit our site to learn how your organization can continue to make improvements to its security measures.