29-Apr-24: In Security News Today

Collection Agency FBCS Warns Data Breach Impacts 1.9 Million People

Financial Business and Consumer Solutions (FBCS) reported a data breach affecting 1,955,385 individuals in the U.S., with unauthorized access to their network systems. The breach, discovered on February 26, 2024, allowed intruders to view or acquire personal information like full names. FBCS specializes in debt collection across various sectors like consumer credit, healthcare, and student loans.

Kaiser Permanente Data Breach Impacts 13.4 Million Patients

Kaiser Permanente reported a data breach affecting 13.4 million patients, where personal data was inadvertently shared with third-party advertisers through tracking technologies on their digital platforms. The exposed data included names, IP addresses, and user interactions, but did not include sensitive financial details or Social Security numbers. The healthcare provider has since removed the implicated tracking technologies and added safeguards to prevent future incidents.

Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023

Google prevented 2.28 million policy-violating apps from being published on Google Play in 2023, blocked 333,000 bad accounts, and rejected or remediated almost 200,000 app submissions due to issues with sensitive data access. The company strengthened security features, policy updates, and machine learning processes, partnered with SDK providers to enhance privacy, and implemented real-time scanning and security badges in the Play Store to combat malware.

FBI Warns of Fake Verification Schemes Targeting Dating App Users

The FBI has issued a warning about fake verification schemes on dating apps that lead to costly recurring subscription charges. Fraudsters approach victims on dating platforms, establish trust, and redirect them to fake verification websites to obtain personal and financial information. To protect against these schemes, the FBI advises users to be cautious of sharing personal information online, report suspicious profiles, and use low-limit credit cards for online transactions.

London Drugs Pharmacy Chain Closes Stores After Cyberattack

London Drugs, a Canadian pharmacy chain, closed all its retail stores due to a cybersecurity incident and has hired external experts to investigate the attack. The company took immediate countermeasures to protect its network and data, with no evidence of customer or employee data being impacted. London Drugs has not yet notified authorities as there is no indication of personal information compromise, but will do so if necessary according to privacy laws.

Study Reveals Alarming Levels of USPS Phishing Traffic

A recent analysis by Akamai Security researchers revealed a concerning trend of phishing and smishing attacks targeting the United States Postal Service (USPS) during peak shopping periods like Thanksgiving and Christmas. Illegitimate domains mimicking USPS websites attracted significant traffic, with deceptive domains like ‘usps-post[.]world’ and ‘uspspost[.]me’ garnering over 100,000 hits each. The study emphasized the need for continued monitoring and reporting of such threats to protect consumers and enhance cybersecurity efforts.

JP Morgan Employees Access Sensitive Information They Weren’t Supposed to See

JP Morgan disclosed a data security issue where three employees, authorized to access certain system reports, inadvertently viewed sensitive information of about 450,000 individuals not intended for them. The breach, which occurred over a span from August 2021 to February 2024, involved personal and financial details like social security numbers and bank account information. The bank has since resolved the software issue, offered credit monitoring services, and stated there’s no evidence of misuse of the information.

ICICI Bank Glitch Gave Access to other Clients’ Credit Cards

A technical glitch in ICICI Bank’s mobile app displayed other clients’ credit card information, affecting around 17,000 cards, including full card numbers, expiry dates, and CVV. The glitch also allowed unauthorized users to manage settings for international transactions. ICICI has blocked the affected cards, issued new ones, and promised compensation for any financial loss, with no misuse reported yet.

Hackers Claim to Have Infiltrated Belarus’ Main Security Service

A Belarusian hacker group, identifying as Cyber-Partisans, claimed to have breached the Belarusian KGB’s network, accessing personal files of over 8,600 employees. They also disrupted the KGB’s website and published sensitive data online to expose and counteract what they describe as severe political repressions by the Belarusian government. This action is part of ongoing efforts to challenge government authority, with the group vowing to continue their cyber activities against state institutions involved in suppressing opposition.

Disclaimer: Titles and summaries are AI-generated. Please refer to the linked content for more details.

Leave a Reply

Your email address will not be published. Required fields are marked *