As we complete the 6th month of the year, unfortunately, news reports keep on coming of companies of all sizes being hit by data breaches and cyber attacks. Flipboard, Radisson Rewards, Dell and others, all find themselves affected by security issues.
Week 1 (June 1-8):
Flipboard reports two incidents of security breaches occurring June 2018 – March 2019 and April 21-22, 2019. Both security incidents affect all Flipboard users, account data exposed include:
- Flipboard usernames
- Email addresses
- Passwords and digital tokens used to connect Flipboard accounts to third-party accounts like Facebook or Google.
The company has identified accounts exposed and reset all users’ passwords and digital tokens.
Radisson Rewards may have leaked your data. In an email, Radisson Rewards confesses that it sent some emails to the wrong members. Information accidentally exposed:
- Members’ first names
- The last four digits of the sixteen-digit member’s number
- Point balance
- Member tier
- Number of hotel stays in 2019
- Members’ email addresses
The company request members to “delete any emails receive inadvertently.” They have identified the issue in May 23rd and immediately halted all email communications and investigated more deeply. The company is stating that their network wasn’t compromised.
LabCorp notified that personal and financial data on 7.7 million consumers were exposed by a breach at a third-party collections firm, American Medical Collection Agency. The security incident occurred between August 2018 through March 2019. The information exposed could include:
- First and last name
- Date of birth, address, phone,
- Date of service, provider, and balance information
Week 2 (June 9-15)
A cyber attack scam is targeting Gmail users through Google Calendar notifications with a link to a phishing URL. They particularly send them to smartphones and the recipient is encouraged to click on the link. The website where they’re directed then tells victims to enter their credit card. If you use Google Calendar be cautious when receiving notifications from the app and opening details on invited events.
Week 3 (June 16-22)
Major aircraft parts and aviation equipment maker Asco, breaks its silence, admitting it was hit by a “large-scale ransomware attack.” Its servers have fallen prey to a ransomware attack. The network went down in its main headquarters in Germany, then in Canada, where operations were disrupted. The ransomware attack caused a serious disruption to all its systems and the ability to communicate. The company has brought in forensic experts and is working to restore its systems. Asco has now stated that its priority is to provide clarity, continuity, and support to its staff, clients, suppliers, and partners.
Dells’s SupportAssist software comes pre-installed on its PCs now known to contain a security vulnerability. It affects millions of PCs, Dell has notified its software company, PC-Doctor and it has issued a patch to fix impacted devices. Impacted customers can find the latest version of SupportAssist (single PC users) or (for IT managers) on their website.
Users who have VLC media player installed on their computer need to install the latest update ASAP. The software version 3.0.7 contains two high-risk security vulnerabilities. It could allow hackers to remotely take full control over your computer. Update now and avoid opening or playing malicious video files from untrusted third parties.
WeTransfer, a popular online service for sharing large files, announced that for two days it was sending users shared files to the wrong people. The incident occurred June 16 and June 17. This security flaw and security incident has potentially ended up being a privacy issue for affected users. Any user who sent sensitive information including files containing social security numbers, bank accounts, credit card numbers or anything similar should change their account information where possible and keep an eye out for malicious activity involving their accounts.