WEEK OF JUNE 27, 2022
Cyber security threats are biggest risk to National security: NCSC
- Awareness and building cyber hygiene followed by audits is very important, says the National Cyber Security Coordinator.
- Microsoft India, group head and director, government affairs, Ashutosh Chadha said that cybercrime costs economies more than $6 trillion each year and it is expected to increase to $10 trillion by 2025, according to Cybersecurity Ventures.
- “This signals across the industry that every company needs to create a culture of security,” Mr. Chadha said.
UK’s largest housing association hit by cyber attack
- Clarion, which owns and manages 125,000 homes, said on its website that it was working urgently with its cyber security partner to restore systems after the attack.
- It added that it was too early to tell whether any tenant data may have been impacted at this stage.
- The landlord said the attack had affected a number of its phone lines and it is now advising residents not to contact it by phone unless they need to book an emergency repair, which is anything that affects a tenant’s health and safety.
Carnival is fined $5 million by New York for cybersecurity violations
- New York’s Department of Financial Services said Carnival violated a state cybersecurity regulation by failing to use multi-factor authentication.
- A New York state regulator on Friday fined cruise line operator Carnival Corp $5 million for “significant” cybersecurity violations, following four security breaches from 2019 to 2021 that exposed substantial amounts of sensitive customer data.
- New York’s Department of Financial Services said Carnival violated a state cybersecurity regulation by failing to use multi-factor authentication that would make it harder for wrongdoers to access its internal network.
- It also said Carnival failed to report one breach and conduct adequate cybersecurity awareness training for employees.
US Bank data breach impacts over 1.5 million customers
- Its data breach notification letter revealed the firm experienced unauthorized access to its network several months ago.
- “After an extensive forensic investigation and manual document review, we discovered on June 2, 2022 that certain impacted files containing your personal information were accessed and/or acquired from our network between December 3, 2021 and December 4, 2021,” it noted.
- However, the letter, published on the Maine Attorney General’s Office website, lacked detail of exactly what information was taken.
$100 million worth of crypto has been stolen in another major hack
- Hackers have stolen $100 million in cryptocurrency from Horizon, a so-called blockchain bridge developed by crypto start-up Harmony.
- Bridges allow users to transfer tokens from one blockchain to another. They’ve become a prime target for hackers due to vulnerabilities in their underlying code.
- It follows a series of similar attacks on blockchain bridges, including the $600 million Ronin Network heist and the $320 million stolen from Wormhole.
IU Health has sensitive data breach
- Unknown perpetrators have accessed sensitive health care data and personal information of more than 1 million hospital patients nationwide, including those treated at Indiana University Health.
- One of IU Health’s vendors, Seattle-based MCG, has sent letters to patients informing them an unauthorized party accessed patients’ personal information including names, medical codes, postal addresses, telephone numbers, email addresses, dates of birth and Social Security numbers.
- MCG said in the letters that it is coordinating with the FBI.