Week of August 3, 2018


Week of August 3, 2018

New Chrome Extension Alerts Users to Hacked Sites*:

· A new HackNotice extension for Google Chrome notifies users when websites they access have been recently compromised.

· Nobody wants to enter their data on a hacked site, but unless they stay current on security news, most people don’t know which portals are safe and which are potentially harmful.

· HackNotice leverages a database of 20,000 hacks to alert users when a site they visit has been compromised.

· The start-up launched in July 2018 to make threat intelligence more accessible to the average user.

· HackNotice users can learn whether their data has been compromised in a breach and access practical advice: how and whether they should reset their password, check their credit card statement, and/or report a stolen card.

· HackNotice has rolled out a free Chrome extension designed to alert users when they access a recently hacked site before they enter any personal information on the site.

· If you visit a site that has been hacked within the previous 90 days, the tool will send a notification to let you know.

· HackNotice's breach database is updated daily with newly discovered incidents.

· Data is pulled from several sources: state government disclosure sites, privacy rights website, and news media.

· Hacks are reviewed and verified manually before they're added to the database, which contains both new cyberattacks and new information on earlier attacks.

· It's worth noting that 90 days is the extension's default timeframe for alerting users to recent hacks, but you can adjust the tool to display notifications on a site regardless of when it was hacked.

· The founder said, “We are starting with Chrome, but we are absolutely open to other browsers. We've already planned out how to release the extension for Firefox, so assuming there is a demand that would be our next browser.”

*Source: Dark Reading, August 01, 2018


Reddit Warns Users of Data Breach*:

· Reddit disclosed a security incident discovered on June 19, 2018 in which an attacker compromised employee accounts held with its cloud and source code hosting providers.

· Two-factor authentication was in place, but the SMS-based authentication was not as secure as they had hoped.

· The attacker did not gain access to Reddit systems, but did manage to infiltrate two key areas of user data: all Reddit data from 2007 and before as well as email digests Reddit sent in June 2018.

· Because the attacker also had read access to Reddit’s storage systems, they could reach other data including Reddit source code, internal logs, configuration files, and other employee workspace files.

· Reddit has reported the breach to law enforcement and is alerting affected users to change their passwords, whether or not they're currently using the site.

*Source: Dark Reading, August 01, 2018


Yale University Discloses Decade Old Data Breach*:

· Yale University revealed that hackers accessed one of its databases between 2008 and 2009 and accessed the personal information of 119,000 people.

· The intrusion happened between April 2008 and January 2009 and apparently affected a single database stored on a Yale server.

· The data breach was discovered on June 16, 2018, during a security review.

· The attackers extracted names, Social Security numbers, and, in almost all cases, dates of birth.

· In many cases, Yale email addresses were also extracted, and in some cases the physical addresses of individuals associated with the university were compromised as well.

· According to Yale, no financial information was stored in the database and almost all people impacted by the breach were affiliated with the university.

· Yale sent notices of the data breach to impacted members of the Yale community.

· Yale claims that there is no indication that the compromised information has been misused.

· However, it decided to offer identity monitoring services at no cost, to help users guard against identity theft.

· Because the intrusion occurred a decade ago, there is no information on how the attackers hacked the server.

*Source: Security Week, August 01, 2018


Data of Nearly 8 Lakh Chennai Students Stolen, Three Arrested*:

· In another shocking data leak, three persons have been arrested in connection with the alleged data theft of nearly 800,000 students in Chennai.

· The data theft was discovered when parents of examination candidates began receiving targeted phone calls for college admissions.

· The data was accessed through their schools and was sold on commercial websites.

· The Central Crime Branch is investigating data theft, personal identity theft, cheating, as well as conspiracy.

· The data, estimated to be of eight lakh students, was collected by the School Education Department for issuing hall tickets and declaring results.

· The implications of the data leak cannot be understated – a data leak of this sort puts minors at risk because a majority of the students writing Class 10 and 12 examinations are likely to be under the age of 18.

· The leaked databases of these students contain personally-identifiable information that would be a goldmine for miscreants.

· The names of their schools are known as well, so they could be physically stalked as a result.

*Source: The New Minute, July 30, 2018


Massive Singapore Healthcare Breach Possibly Involved Contractor*:

· Authorities in Singapore announced on July 20 that a sophisticated threat actor had gained unauthorized access to a database of SingHealth, the city-state’s largest group of healthcare institutions.

· The incident, described as Singapore’s biggest ever data breach, resulted in personal information and details on medication being compromised. Medical records, clinical notes, and financial information were not affected.

· The attackers are said to have used a malware-infected computer to access a SingHealth database between June 27 and July 4.

· Trustwave has been monitoring the incident and the security firm is convinced that the attack was launched by a nation-state actor.

· Over the weekend, Trustwave published a blog post detailing its analysis of two files published by unknown individuals on code and text storage website Pastebin.

· While they have not been able to confirm it, researchers believe these files are somehow linked to the SingHealth breach and noted that they could provide important clues about how the attackers gained access to the data.

· One of the files, an exception log from a Java server, shows a query for delegating access to a SingHealth Headquarters (SHHQ) database from a senior manager in the Medical Technology Office of Singapore’s Health Services to an employee of CTC, a major IT contractor.

· The security firm also discovered a series of SQL queries, targeting SingHealth medical data, uploaded to Pastebin on June 15.

· These queries suggest that whoever executed them was looking for sensitive information.

· While it’s possible that the files were uploaded to Pastebin by developers working on the SingHealth database, they may have also been posted by the attacker, possibly to share code with collaborators for troubleshooting purposes.

*Source: Security Week, July 30, 2018


Get in Touch With Us!

Are you interested in receiving more information about our products? Do you have questions about sensitive data security? Would you like a demo? Complete the details below and one of our specialists will get in touch with you.

We love to help our customers solve their data security problems. Please tell us about what you are trying to accomplish, details about your environment, and any other information that will help us understand your needs better.

scroll top