August Hacks of the Month
As we have an eye on all Tech news for anyone who missed it, here are the cyber-attacks and security vulnerabilities for the month. Read on for the August Hacks and Vulnerabilities of the Month
Camera Manufacturer Company, Canon, suffered a Maze ransomware attack end of July and released a press statement. The ransomware attack has taken the official website, email, Microsoft Teams down. Temporarily for six days impacting its employees and later addressing it to the public. Was the public affected? Yes, the public who uses image.canon the cloud photo and video storage services did lose data. Users with the featured free 10GB storage have lost data. And the maze ransomware stole 10TB of data from Canon. Another similar ransomware attack happened with Garmin databases last month, you can discover the breaking news on the ransomware attack in our July hacks of the month article.
A potential hack for TeamViewer has been patched in its latest update. The security vulnerability discovered could let remote attackers steal your system password and compromise it. We recommend to users who use TeamViewer to update the latest version to prevent this password hack.
The state of California CALREDIE, (California Reportable Disease Information Exchange) a data system failed for 3 days straight resulting in poor data reporting. The reporting had delayed all testing results and the governor addressed the server crash in his live press briefing. Mark Ghaly, California’s Health and Human Services secretary stated that the state made technical changes when the server crashed and reversed those changes resulting in an even longer delay in getting the server back up. In unexpected cases like this having reliable backups ready from which you can recover is important. As an MSP we proactively set up backup solutions for our customers to prevent data loss from such events like servers crashing, malware or ransomware infections which occur from time to time.
The world’s largest ship cruise operator discloses a cyber attack on two of its cruise lines, Princess Cruises, and Holland America. The company addresses an unauthorized third party gained access to personal information belonging to both employees and passengers. The information gained from the cyber attack includes:
- email accounts
- social security numbers
- government id numbers
- passport numbers
- health-related information
- credit-card information
The company has notified law enforcement and those affected by the attack. For more information and the handling of this cyber attack visit the carnival corporation webpage.
Unsecured databases left 235 million YouTube, Tik-Tok, and Instagram accounts exposed. The data was discovered from security researchers at Comparitech, resulting in how databases are not properly secured provides exposed information to be sold on the dark web. This goes to show how you never thought about the data we enter to log in to these accounts and how the companies store them can expose sensitive information. We urge all individuals who have social media accounts to enable 2 factor
Freepik Data Breach -August Hack
Popular online vector and graphics site Freepik suffers from a data breach. About 8.3 million users’ emails and passwords were hacked by an SQL injection attack. A Structured Query Language (SQL) is a language designed to manipulate and manage data in a database. It is a cybersecurity attack that targets databases using SQL statements and tricks on a system. Freepik stated the hacker managed to exploit an SQL vulnerability resulting in the data breach. Furthermore, the company sent out emails to those affected. Encouraging them to update and change their passwords and any other accounts if using a similar old password. Remember to use unique passwords when creating new user accounts for anything online. To store them in a secured password manager and setup or enable additional security measures within the platform found under the “settings” or “account” section.