Tag Archives: breach

10Fold Reveals 10 Largest Data Breaches of 2016

Nearly Three Billion Personal Records Breached Around the World

SAN FRANCISCO, CA–(Marketwired – Jan 19, 2017) – 10Fold, a full-service B2B technology public relations agency with a specialization in cybersecurity, today announced that in 2016, more than 2.8 billion personal records were breached on social and file-sharing platforms, email providers and government databases around the world. In its second annual year-in-review, 10Fold analyzed the largest data breaches of 2016, then ranked the top 10 from greatest to least.

“If 2015 was the year of the healthcare data breach — breaches impacted nearly 40 million people — then 2016 was the year of the social media breach. Four of the top 10 breaches were social media related and impacted more than 640 million people,” said Angela Griffo, vice president of the cybersecurity practice at 10Fold. “But the biggest surprise of the year was Yahoo revealing that the information of more than 1.5 billion people had been stolen by attackers. Regardless of an attacker’s motive, any compromised information leaves users susceptible to identity theft and fraud.”

News reports about the 10 largest data breaches discovered in 2016, which are listed below, indicated that each attack affected 49 million users or more. 10Fold selected these data breaches based on independent research collected throughout 2016 and cross-referenced the information with third-party resources, including ID Theft Resource Center and Information is beautiful.

10 Largest Data Breaches of 2016:

1. Yahoo: 1.5 Billion Users — The Yahoo data breach is possibly the largest email provider data breach in history. When Yahoo first confirmed the breach in September 2016, the company revealed the breach impacted 500 million user accounts. The stolen account information included names, dates of birth, telephone numbers, passwords, and security questions and answers. In December, the company revealed an additional one billion users had been affected by the breach, bringing the grand total of affected users to 1.5 billion.

2. FriendFinder Network: 412 Million Users — In October, a number of sites in the FriendFinder Network were hacked, resulting in a data breach that affected 412 million users. According to LeakedSource, the sites affected included Adult Friend Finder, Cams and Penthouse. The breached data encompassed 20 years of user information and included user names, emails, passwords, joining dates and the date last visited. A significant amount of the user information released was the stored data of users who had previously attempted to delete their accounts. Of the total records breached and released, 15 million came from deleted accounts.

3. Myspace: 360 Million Users — In May, the prolific cyberhacker Peace sold the data of 360 million Myspace users. Released user information included names, passwords and secondary passwords. According to Time Inc., the information was from an older 2013 Myspace platform. Only those profiles that existed prior to the site’s relaunch were affected. The new site now includes stronger user account security.

4. LinkedIn: 117 Million Users — In May, it was announced that cyberhacker Peace had sold 117 million emails and encrypted passwords on the dark web for roughly $2,200.

5. VK Russia: More than 100 Million Users — In June 2016, it was reported that hacker Peace was selling the data of 100 million VK users for roughly $570. The information released contained usernames, emails, unencrypted passwords, locations and phone numbers. What’s more, the original hack occurred between 2011 to 2013.

6. Dailymotion: 87.6 Million Users — In October 2016, France-based video sharing site Dailymotion reports indicated that hackers released the usernames and emails of 87.6 million users. According to the Dailymotion blog post, the breach was due to an external security problem. While the company claimed the hack was limited — roughly 18.3 million user accounts were associated with encrypted passwords — all partners and users were still advised to reset their passwords for safekeeping. Dailymotion is the 113th most-visited website in the world.

7. Tumblr: 65 Million Users — In May, 65 million Tumblr accounts were found for sale on the dark web. A cyberhacker using the alias Peace sold the data for $150. According to security researcher Troy Hunt, the data contained email and password information.

8. DropBox: More than 60 Million Users — In August 2016, Dropbox announced that it had reset the passwords of more than 60 million users after the company discovered that an old set of Dropbox user credentials was taken. While the company suspects that the records were originally obtained in 2012, the breach was not discovered and users were not notified until 2016. The released information contained usernames and encrypted passwords. It has been reported that a senior Dropbox employee verified the released data is legitimate.

9. Philippines’ Commission on Elections: 55 Million Voters — On March 27, a hacker group posted the entire database of the Philippines’ Commission on Elections (COMELEC) online. The attackers also shared three links where the information of 55 million registered voters in the Philippines could be downloaded. The distributed data included email addresses, passport numbers and expiration dates, and fingerprint records — information that cannot be replaced or reset. Various reports suggest this breach is the biggest government-related data breach in history.

10. Turkish Citizenship Database: 49.6 Million Citizens — In April 2016, the entire Turkish citizenship database was hacked. Attackers released the personal information of 49.6 million citizens. The information released included details that are found on a standard Turkey identification card, including national identifier, name, parents’ names, gender, birthdate, city of birth and full address. According to reports, hackers validated the data by publishing details of Turkey’s president and former prime minister Recep Tayyip Erdogan. It’s suspected that the hack was politically motivated, based on the following statement found in the released database: “Who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure?”

Visit 10Fold at Security Never Sleeps During RSA
This year 10Fold is hosting its seventh annual Security Never Sleeps luncheon at RSA, which features a moderated panel discussion and audience Q&A with the cybersecurity industry’s leading executives, media and analysts. The event takes place on Wednesday, February 15 from 11:30 a.m. to 1:30 p.m. PST. Interested in attending this – Invitation Only – event ? Please send an email to: events@10fold.com and we’ll contact you to discuss your potential participation.

About 10Fold
10Fold is a leading North American public relations firm with regional offices in San Francisco, Pleasanton and Capistrano Beach, California. As a privately owned company founded in 1995, 10Fold provides strategic communications and content expertise to B2B organizations that specialize in networking, IT security, cloud, storage, Big Data, enterprise software, AppDev solutions, wireless, and telecom. The award-winning, highly-specialized account teams consist of multi-year public relations veterans, broadcasters and former journalists. 10Fold is a full-service firm that is widely known for its media and analyst relations, original content development, corporate messaging, social media and video production capabilities (through its division ProMotion Studios). For more information, visit www.10fold.com or follow us on Twitter (@10FoldComms) and Facebook (www.facebook.com/10FoldComms).

10Fold – Security Never Sleeps – 97

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: A remote desktop access service called GoToMyPC was hacked this weekend and is urging all users to immediately change their passwords; The number of network infections generated by some of the most prolific forms of malware — such as Locky, Dridex, and Angler — has suddenly declined; on Friday night a hacker made off with $50 million of virtual currency after hacking the DAO (Decentralized Autonomous Organization); and a new variety of ransomware called RAA has been discovered.

GoToMyPC hit with hack attack; users need to reset passwords – Publication: PCWorld – Reporter name: Nick Mediati

According to a post published to GoToMyPC’s system status page, the remote desktop access service experienced a hack attack this weekend, and it’s now requiring all users to reset their passwords before logging in to the service.


Malware infections by Locky, Dridex, and Angler drop — but why?  – Publication: ZDNet – Reporter name: Danny Palmer

The number of network infections generated by some of the most prolific forms of malware — such as Locky, Dridex, and Angler — has suddenly declined. Instances of malware and ransomware infection have risen massively this year, but cybersecurity researchers at Symantec have noticed a huge decline in activity during June, with new infections of some forms of malicious software almost at the point where they’ve completely ceased to exist.


A $50 Million Hack Just Showed That the DAO Was All Too Human – Publication: WIRED- Reporter name: Klint Finley

Sometime in the wee hours Friday, a thief made off with $50 million of virtual currency. The victims are investors in a strange fund called the DAO, or Decentralized Autonomous Organization, who poured more than $150 million of a bitcoin-style currency called Ether into the project.


New RAA ransomware written in JavaScript discovered – Publication: SC Magazine UK – Reporter name: Doug Olenick

A new variety of ransomware called RAA has been discovered that has the somewhat unusual attribution of being coded in JavaScript instead of one of the more standard programming languages making it more effective in certain situations.

10Fold – Security Never Sleeps – 81

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: Today’s news sweeps revolve the data breach of Qatar National Bank and successful hack attempts of the iPhone via biometrics. Additionally, Symantec CEO Michael Brown will be stepping down from office, and research has found that work productivity holds priority over security measures.

Qatar National Bank claims customer data released by hackers is authentic – Publication: PCWorld – Reporter name: John Ribeiro

Qatar National Bank has admitted that its systems were hacked but said that the information released online was a combination of data picked up from the attack and from other sources such as social media.


Your phone’s biggest vulnerability is your fingerprint – Publication: The Verge- Reporter name: Russell Brandom

In five minutes, a single person faked a fingerprint and broke into my phone. It was simple, a trick the biometrics firm Vkansee has been playing at trade shows for months now. All it took was some dental mold to take a cast, some play-dough to fill it, and then a little trial and error to line up the play-dough on the fingerprint reader. We did it twice with the same print: once on an iPhone 6 and once on a Galaxy S6 Edge. As hacks go, it ranks just a little harder than steaming open a letter.


IT leaders pick productivity over security – Publication: NetworkWorld – Reporter name: Sarah White

Results from two recent studies suggest that cybersecurity needs an overhaul at most companies with root causes of the problem including poor communication, a lack of employee awareness, slowed productivity and a lack of budget.


Symantec CEO Brown’s Exit Highlights Company’s Continuing Struggles – Publication: Dark Reading – Reporter name: Jai Vijayan

News this week that Symantec Corp. CEO Michael Brown will step down from office barely two years after being appointed to the role highlights the vendor’s continuing struggles turning its business around.

10Fold – Security Never Sleeps – 64

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to considerHackers broke into the networks of the country’s top law firms who represent fortune 500 companies and Wall Street banks; no confirmation of what data has been stolen, but expert warn this could result in insider trading.  CNBC published a story on password security with a tool on the page that allowed readers to enter their password to see if it was secure, security researchers determined that this tool actually kept all of the passwords and then sold them to third party advertisers. The National Institute of Standards and Technology (NIST) published a new computer security standard that could potentially secure credit card numbers and healthcare records by various methods of format-preserving encryption. MedStar Health has now been forced to turn patients away due to the ransomware cyberattack, without paying the ransom the healthcare network is forced to operate without any patient records.

Hackers Breach Law Firms, Including Cravath and Weil Gotshal – Publication: The Wall Street Journal – Reporter name: Nicole Hong & Robin Sidel

Hackers broke into the computer networks at some of the country’s most prestigious law firms, and federal investigators are exploring whether they stole confidential information for the purpose of insider trading, according to people familiar with the matter. The firms include Cravath Swaine & Moore LLP and Weil Gotshal & Manges LLP, which represent Wall Street banks and Fortune 500 companies in everything from lawsuits to multibillion-dollar merger negotiations. Other law firms also were breached, the people said, and hackers, in postings on the Internet, are threatening to attack more.


CNBC just collected your password and shared it with marketers – Publication: CSO – Reporter name: Jeremy Kirk

CNBC inadvertently exposed peoples’ passwords after it ran an article Tuesday that ironically was intended to promote secure password practices. The story was removed from CNBC’s website shortly after it ran following a flurry of criticism from security experts. Vice’s Motherboard posted a link to the archived version. Embedded within the story was a tool in which people could enter their passwords. The tool would then evaluate a password and estimate how long it would take to crack it.  A note said the tool was for “entertainment and educational purposes” and would not store the passwords. That turned out not to be accurate, as well as having other problems. Adrienne Porter Felt, a software engineer with Google’s Chrome security team, spotted that the article wasn’t delivered using SSL/TLS (Secure Socket Layer/Transport Layer Security) encryption. SSL/TLS encrypts the connection between a user and a website, scrambling the data that is sent back and forth. Without SSL/TLS, someone one the same network can see data in clear text and, in this case, any password sent to CNBC.


New NIST Security Standard Can Protect Credit Cards, Health Information – Publication: National Institute of Standards and Technology – Reporter name: Chad Boutin

For many years, when you swiped your credit card, your number would be stored on the card reader, making encryption difficult to implement. Now, after nearly a decade of collaboration with industry, a new computer security standard published by the National Institute of Standards and Technology (NIST) not only will support sound methods that vendors have introduced to protect your card number, but the method could help keep your personal health information secure as well. Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption, specifies two techniques for “format-preserving encryption,” or FPE. The publication addresses a longstanding issue in many software packages that handle financial data and other forms of sensitive information: How do you transform a string of digits such as a credit card number so that it is indecipherable to hackers, but still has the same length and look—in other words, preserves the format—of the original number, as the software expects?


MedStar Health turns away patients after likely ransomware cyberattack – Publication: The Washington Post – Reporter name: John Woodrow Cox

MedStar Health patients were being turned away or treated without important computer records Tuesday as the health-care giant worked to restore online systems crippled by a virus. By Tuesday evening, MedStar staff could read — but not update — thousands of patient records in its central database, though other systems remained dark, a spokeswoman said. MedStar officials have refused to characterize the attack as “ransomware,” a virus used to hold systems hostage until victims pay for a key to regain access. But a number of employees reported seeing a pop-up message on their computer screens seeking payment in bitcoins, an Internet currency. One woman who works at MedStar Southern Maryland Hospital Center sent The Washington Post an image of the ransom note, which demanded that the $5 billion health-care provider pays 45 bitcoins — equivalent to about $19,000 — in exchange for the digital key that would release the data.

10Fold – Security Never Sleeps – 63

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: A new sneaky form of malware can be found on USB devices. This week, personal data from thousands of foreign nationals living in Thailand was leaked and appeared on the dark web. Six people have been charged with tampering a lottery terminal to produce more winning tickets. An art gallery is highlighting the intrusive nature of live surveillance cameras by spotting people jaywalking and allowing random people to report her jaywalker.

Dangerous New USB Trojan Discovered – Publication: Dark Reading – Reporter name: Jai Vijayan

The Internet and the growing interconnectedness of networks have made it incredibly easy for threat actors to deliver and propagate malware. But not all cyber threats are Internet-borne. Take USB Thief, new malware sample that researchers at security firm ESET recently discovered.  As its name implies, the malware is completely USB-borne, meaning it spreads exclusively through devices that plug into the USB port of computers.


Data Breach Reveals Expat Details in Thailand – Publication: SecurityWeek – Reporter name: STAFF

The personal details of thousands of foreign nationals living in southern Thailand were briefly leaked online in what the site’s developer admitted Monday was a data breach during a test for police. The gaffe was spotted by social media users late Sunday when a database appeared online containing the names, addresses, professions and passport numbers of more than 2,000 foreigners living in Thailand’s southern provinces.


Cops: Lottery terminal hack allowed suspects to print more winning tickets – Publication: Ars Technica – Reporter name: Dan Goodin

Six people have been charged in what prosecutors say was a scheme to hack Connecticut state lottery terminals so they produced more winning tickets and fewer losing ones. Of tickets generated at one liquor store, for instance, 76 percent were instant winners in one sample and 59 percentin another sample. The state-wide average, meanwhile, was just 24 percent. After manipulating the terminals, the suspects cashed the tickets and took the proceeds, prosecutors alleged.


Turning Live Surveillance Feeds Into Unsettling Works of Art – Publication: Wired – Reporter name: Andy Greenberg

The webcam’s public feed, like thousands of others like it, is accessible to anyone who can find its URL with a Google search. At an art gallery thousands of miles away, a tiny Raspberry Pi computer is streaming the video to a monitor while it analyzes the footage with a simple computer vision algorithm. It instantly snitches, flashing, “WOULD YOU LIKE TO REPORT THE JAYWALKER?” on the screen. If you’re a visitor at this gallery, you’ll face a choice: hit a red button in front of the computer, and it will send a screenshot of the incident in an email to the nearest police precinct, potentially costing her a $42 fine. Or you can let the oblivious lawbreaker go on her way.

10Fold – Security Never Sleeps – 58

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to considerThe US DoJ is now pressuring WhatsApp for access to a series of encrypted messages. Security professionals are being urged to look into how to better use their security solutions. As more and more healthcare organizations are suffering data breaches and ransomware attacks, security professionals are being held responsible for securing privacy and making steps to improve the process.

WhatsApp Faces Standoff With Feds Over Its Message Encryption – Publication: CNet – Reporter name: Lance Whitney

WhatsApp, the Facebook-owned maker of an instant-messaging app, may face the same legal conundrum as Apple in a case that centers on the thorny issue of privacy versus security. The US Department of Justice is eager to view a series of WhatsApp messages for a criminal investigation, a move that has been given the go-ahead by a federal judge, The New York Times reported Saturday. But the messages are encrypted, meaning no one, not even WhatsApp, can unscramble them so that they’re readable.


Defense In Depth: Stop Spending, Start Consolidating – Publication: CSO – Reporter name: Kacy Zurkus

When it comes to layered defense and security tools, less is often more just as more can sometimes be less. The average enterprise uses 75 security products to secure their network. That’s a lot of noise and a lot of monitoring and testing for security practitioners. To make sure that the security tools not only work but work in harmony with each other, some security professionals recommend taking a closer look at the layers of the security ecosystem to eliminate redundancies that contribute to alert overload.


Cancer Center Breach Another Symptom Of Healthcare’s Growing Epidemic – Publication: Dark Reading – Reporter name: Kelly Jackson Higgins

Healthcare organizations suffer about one cyberattack per month on average as well as the loss or exposure of patient data, according to a new Ponemon Group report published last week. About 13% of healthcare organizations in the US don’t know for sure how many attacks they have experienced, the report found. A recent analysis by Trend Micro of 10 years of data breaches catalogued by nonprofit Privacy Rights Clearinghouse found that more than one-fourth of all reported data breaches since 2005 came from healthcare organizations. And those are only the ones that were reported; experts believe this is only the tip of the iceberg today in healthcare, where patient financial and insurance information is financially lucrative for the bad guys.


North Korea Slams Seoul’s Cyber-Attack Accusations – Publication: Security Week – Reporter name: STAFF

North Korea on Sunday blasted Seoul’s accusation that Pyongyang had launched a series of cyber attacks targeting South Korean government officials, calling the allegation a “bullshit” fabrication. Seoul’s National Intelligence Service (NIS) last week accused North Korean agents of hacking into the smartphones of dozens of key South Korean officials, stealing phone numbers and texts. The accusation follow claims earlier this year from the NIS that North Korean hackers sent phishing emails to the South’s state railway authorities in preparation for cyber terror attacks on traffic control systems. The North’s state-run Rodong Sinmun newspaper lashed out at the hacking accusations, saying they were cooked up by Seoul to shore up support for controversial surveillance legislation.

10Fold – Security Never Sleeps – 57

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: The Obama Administration has announced that Iranian hackers were responsible for the cyber-attack against the New York dam. Adobe has released an emergency patch for the Flash media player that fixes two dozen critical vulnerabilities. An ISIS flash drive was stolen and the 22,000 personal files of IS fighters were exposed. An ex-employee of OFcom has released significant amount of stolen information to their current employer.

First on CNN: U.S. Plans To Publicly Blame Iran For Dam Cyber Breach – Publication: CNN – Reporter name: Evan Perez and Shimon Prokupecz

The Obama administration is preparing to publicly attribute a 2013 cyber attack against a New York dam to Iranian hackers, according to U.S. officials familiar with the investigation. The Justice Department has prepared an indictment against people thought to be behind the attack, according to the officials. An announcement could come in the next week.


Adobe Issues Emergency Patch For Actively Exploited Code-Execution Bug – Publication: Ars Technica – Reporter name: Dan Goodin

Adobe has issued an emergency update for its Flash media player that patches almost two dozen critical vulnerabilities, including one that’s being maliciously exploited in the wild. CVE-2016-1010 is the common vulnerabilities and exposures designation for an integer overflow vulnerability that allows attackers to remotely execute malicious code on vulnerable computers. Adobe credited Anton Ivanov of Kaspersky Lab with discovering the zero-day vulnerability but provided no additional details.


ISIS Data Breach: Money, Misinformation Or Mutiny? – Publication: ZDNet – Reporter name: Charlie Osborne

This week, law enforcement, intelligence agencies and journalists alike rejoiced at the revelation that a store of sensitive Islamic State information had been stolen from under its nose from a bitter defector. Sky originally reported that the personal information of 22,000 IS fighters were exposed in the cache of documents, given to the outlet by a man called Abu Hamed, an alleged former Islamic State convert and Free Syrian Army member. “The files were passed to Sky News on a memory stick stolen from the head of Islamic State’s internal security police, an organization described by insiders as the group’s SS,” the publication declared. “He had been entrusted to protect the organization’s core secrets and he rarely parted with the drive.”


Ex-Employee Leaks Six Year’s Worth Of Ofcom’s Sensitive Data – Publication: Information Age – Reporter name: Chloe Green

It has come to light that Ofcom, the media regulator, has suffered the largest data breach in its history after a former employee offered a significant amount of sensitive information about various TV companies to his new employer, a major broadcaster. It has not yet emerged what the sensitive data contained, only that it could help give competitive advantage over rivals. Companies like Ofcom hold huge quantities of confidential data and this will no doubt be a big wake-up call for the communications regulator, and for other companies that hold hoards of sensitive information.

10Fold – Security Never Sleeps – 55

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: Cancer treatment provider 21st Century Oncology Holdings has warned 2.2 million patients and employees that their sensitive data may have been stolen in a cyberattack. Home Depot Inc agreed to pay at least $19.5 million to compensate U.S. consumers harmed by a 2014 data breach affecting more than 50 million cardholders. According to the first-ever Dell Data Security Survey, nearly three in four (73%) of decision-makers are somewhat to very concerned about malware and advanced persistent threats (APTs)—despite the fact that most have anti-malware solutions in place. Guests who recently lodged at Rosen Hotels & Resorts properties in theme-park destination Orlando, Fla. must hope their data hasn’t been taken for a wild ride, after the hospitality company announced its properties have suffered a long-undiscovered payment card data breach.

Cancer Clinc Warns 2.2 Million Patients of Data Breach – Publication: ZDnet – Reporter name: Charlie Oborne

Cancer treatment provider 21st Century Oncology Holdings has warned 2.2 million patients and employees that their sensitive data may have been stolen in a cyberattack. The breach was revealed on March 4, but the Florida-based cancer clinic chain was informed of the cyberattack and information theft on November 13, 2015, by the FBI. The data breach may impact up to 2.2 million patients and physicians.


Home Depot Settles Consumer Lawsuit Over Big 2014 Data Breach – Publication: Reuters – Reporter name: Jonathan Stempel

Home Depot Inc agreed to pay at least $19.5 million to compensate U.S. consumers harmed by a 2014 data breach affecting more than 50 million cardholders. The home improvement retailer will set up a $13 million fund to reimburse shoppers for out-of-pocket losses, and spend at least $6.5 million to fund 1-1/2 years of cardholder identity protection services. Home Depot has said the breach affected people who used payment cards on its self-checkout terminals in U.S. and Canadian stores between April and September 2014.


Dell: Cloud, Mobility and Malware Keep Execs Up At Night – Publication: InfoSecurity – Reporter name:Tara Seals

According to the first-ever Dell Data Security Survey, nearly three in four (73%) of decision-makers are somewhat to very concerned about malware and advanced persistent threats (APTs)—despite the fact that most have anti-malware solutions in place. In fact, only about 20% of respondents said they are “very confident” in their ability to protect against sophisticated malware attacks. The report uncovered a clear trend of employers feeling that they have to limit mobility in order to protect data. The majority of respondents from mid-market companies (65%) said they are holding back plans to make their workforce more mobile, for security reasons.


Extended Stay: Data-Stealing Malware Hides On Rosen Hotels’ Payment Card Network For Over A Year – Publication: SC Magazine – Reporter name: Bradley Barth

Guests who recently lodged at Rosen Hotels & Resorts properties in theme-park destination Orlando, Fla. must hope their data hasn’t been taken for a wild ride, after the hospitality company announced its properties have suffered a long-undiscovered payment card data breach. Rosen confirmed that an investigation of its payment card network turned up malware capable of reading cards’ magnetic stripe data as it is routed through affected systems. Rosen did not indicate how many guests were likely affected; however the malware resided on its systems for well over a year, from Sept. 2, 2014 to Feb. 18, 2016. The company was finally alerted to the presence of malware in early February after receiving unconfirmed reports of fraudulent charges involving past guests.

10Fold – Security Never Sleeps – 25

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider:  Time Warner Cable says up to 320,000 passwords may have been stolen through a phishing attack that infected their system with malware. A research project funded in 2013 found out that attacks on only 9 power grids across the states would cause a blackout across the entire country; this has since been followed up by group of researcher trying to find out if that information could be sought by free and public source information, which is can – easily. Uber settled with New York Attorney General for a mere $20,000 in response to Uber violating the privacy rights of drivers and passengers. Further information surfaces over the Ukrainian power outage leading officials to believe the planned attack should have been much bigger but officials were able to intervene before the outage spread further; the entire power outage was due to a piece of malware called the BlackEnergy Trojan.

Time Warner Cable Says Up To 320,000 Customers’ Data May Have Been Stolen – Publication: Reuters – Reporter name: Mike Segar

Time Warner Cable Inc said on Wednesday up to 320,000 customers may have had their email passwords stolen. The company said email and password details were likely gathered either through malware downloaded during phishing attacks or indirectly through data breaches of other companies that stored Time Warner Cable’s customer information, including email addresses. The company said it has not yet determined how the information was obtained, but there were no indications that Time Warner Cable’s systems were breached.


Project ‘Gridstrike’ Finds Substations To Hit For A US Power Grid Blackout – Publication: Dark Reading – Reporter name: Kelly Jackson Higgins

Remember that million-dollar Federal Energy Regulatory Commission (FERC) study in 2013 that found that attacks on just nine electric substations in the US could cause a blackout across the entire grid? Well, a group of researchers decided to see just what it would take for a small group of domestic terrorists to identify the US’s most critical substations — using only free and public sources of information.


Uber To Settle With N.Y. Attorney General Over ‘God View’ Privacy Breach – Publication: Fortune – Reporter name: Kia Kokalitcheva

After a 14-month long investigation, New York Attorney General Eric Schneiderman is expected to announce on Thursday a settlement involving ride-hailing app Uber’s privacy practices, according to a report from BuzzFeed. The inquiry began after a series of BuzzFeed reports that revealed that Uber’s New York manager, Josh Mohrer, had accessed information about reporters’ use of the service without their permission, including through the company’s “God View” tool. The tool shows an aerial view of all passengers and drivers in a particular area.


Russians Have Learned How To Hack Power Grids – Publication: Bloomberg – Reporter name: Lonid Bershidsky

More specifics came from the Bratislava-based cyber-security firm ESET. The firm hedged its bets a little — that’s always wise in hacker attack analysis — but it essentially tied the Ivano-Frankivsk outage to a known piece of malware, the BlackEnergy trojan. In previous cases, it was used to steal sensitive information from infected computers. In 2014, however, the U.S. government’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) discovered a variant of BlackEnergy that could be used to compromise industrial control systems, such as those running power grids.

10Fold – Security Never Sleeps – 24

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider:  Hackers have completed the first-ever power outage sourced from malware within the power grid, the hacking group responsible is still unknown. Security flaw in Comcast’s Xfinity Home Alarm System allows anyone with a radio jammer to interfere with the security system enough to block the system from alerting the homeowner when there is someone breaking into the house. An opinion piece about the need to step up the technology and security for the upcoming voting this election year. Finally, CES releveled a variety of new connected healthcare products.

Hackers Shut Down Ukraine Power Grid – Publication: Financial Times – Reporter names: Hannah Kuchler & Neil Buckley

Hackers brought down the power supply to hundreds of homes in Ukraine last week, in a cyber attack believed to be the first ever to result in a power outage. The Ukrainian energy ministry said it was probing a “suspected” cyber attack on the power grid, targeting several regional power companies, which the country’s intelligence service blamed on “Russian special services”. Moscow has not responded to the allegation. Experts have warned for years that the industrial systems that control critical infrastructure such as power plants are vulnerable. Malicious software, known as malware, has previously been discovered on these networks, but no one has yet linked these infections to an outage.


Security Flaw In Comcast’s Xfinity Home Alarm System Leaves Windows, Doors Vulnerable – Publication: International Business Times – Reporter name: Jeff Stone

Vulnerabilities in Comcast’s Xfinity Home Security system could make it possible for burglars to break into someone’s home without triggering the alert that’s meant to notify someone when their home is at risk. Researchers at the cybersecurity company Rapid7 exploited a security hole in the Xfinity Home Security System, which includes door, window and motions sensors, that enables an outsider to make it seem as if a window or door is closed when it’s in fact open. A thief would only need to spend $100-or-so on radio jamming equipment to block the signal that normally emits from an open door. Then when the jammed signal is released it takes anywhere from just a few minutes to three hours to restore its connection.


Voter Data Breach Shows Need For Stricter Security Measures (Opinion) – Publication: Government Technology – By STAFF

For years, skeptical political theorists have warned that, although new technology held great potential for voting, it came with many potential threats to voter privacy and security. Unfortunately some of these valid concerns were hijacked by conspiracy theorists, especially after a notorious series of scandals were linked to Diebold voting machines in the 2004 presidential election. But given this week’s news [in late December], it’s time to return to the question of how technology can compromise voter security, with an eye to developing constructive solutions.


The Connected Medicine Cabinet: Bluetooth Pregnancy Test Makes Debut at CES 2016 – Publication: Wall Street Journal – Reporter name: Joanna Stern

The Consumer Electronics Show in Las Vegas this week won’t just feature tech giants. Health and personal care companies, including First Response and L’Oréal, also have descended on the annual gadget show. They’re hoping to wow customers with new sensor-equipped products coming soon to a drugstore near you.