Recent Data Breaches February 2020

Data breaches February 2020
13 Feb

The US Government investigates Google’s “Project Nightingale”, suspects mass collection of medical data

As first reported by The Wall Street Journal and later corroborated by The New York Times, A partnership between tech giant Google and Ascension, the second largest healthcare provider in the US, allowed the secret collection of the health records of millions. According to the report, Google employees had access to the private records, with some even suspected of actively downloading the information from Google’s Cloud servers.

The US federal authorities have launched an investigation, aiming to examine how pervasive was the breach and whether the Health Insurance Portability and Accountability Act (HIPAA) protections were implemented. 

The partnership between Google and Ascension was dubbed “Project Nightingale”, and granted Google access to private medical data and personal details of the healthcare provider’s clients across the US. After news broke about the deal, Google published a blog post arguing that such access was “standard practice” and doesn’t breach HIPAA regulations.

Grindr is dropped from Twitter ad network after ‘GDPR breaches’

Grindr was recently suspended from Twitter ad platform, after a study carried out by the Norwegian Consumer Council (NCC), found that the popular dating app was using their subscribers’ personal data in a manner banned under the EU’s General Data Protection Regulation (GDPR).

The NCC study claimed that Grinder was collecting and providing its users’ private information to advertisers, but did not ask nor receive the users’ explicit consent to do so. The study also found the app had a very unclear privacy policy, described by the council as “vague”.

As it turned out, if Grinder users’ wanted to find out how their data was used, the apps’ privacy policy instructed them to check with the company’s partners. However, only one partner was named – MoPub, an ad network owned by Twitter. The problem was that MoPub lists over 160 partners to which the data can be passed.

Following the study’s publication, Twitter dropped the dating app from its ad network and announced it would investigate the allegations.

The Russian hacking group “Fancy Bear” attack anti-doping agencies ahead of 2020 Olympics

The Russian hacking group named “Fancy Bear” has recently carried out “significant cyber attacks” against more than a dozen anti-doping authorities and sporting organisations around the world, security researchers have revealed.

According to a report published by the Microsoft Threat Intelligence Center, The Russian hacking group launched a cyber attack on multiple international anti-doping authorities and sporting organisations. The attack followed reports that the World Anti-Doping Agency (Wada) was considering action against Russian athletes ahead of the 2020 Tokyo Olympics.

The US Attorney General Jeff Sessions commented on the attacks, saying that the aim of the hacks was to “spread the personal information of hundreds of anti-doping officials and athletes as part of an effort to distract from Russia’s state-sponsored doping program”.

Microsoft announced that most of the attacks were unsuccessful, but added that they did notify all the organizations that were affected.

2.4 million users exposed in Wyze server leak 

According to Twelve Security, a cybersecurity firm, the data of around 2.4 million Wyze customers was exposed by an unsecured server. The security breach took place over a period of three week, during which users’ information like usernames, email addresses, camera nicknames, device models, profile photos, WiFi router names, and API tokens was left unprotected. It seems that client’s health information, like height, weight, and daily protein intake, was also compromised.

The leak was first discovered by the cybersecurity firm on December 26th. As later admitted by the security camera manufacturer, an employee error led to the server’s security protocols being removed on December 4th, leaving the data exposed for three whole weeks. Wyze issued a forum post, informing users of the incident and saying the affected server was a “flexible database” created to allow for rapid customer data query.

WhatsApp calls on users to update their app ASAP in fear of spy-video

The popular messaging app WhatsApp has been urging its users to update to the latest version of the app, following suspicions that spy agencies are using a malicious video to snoop around users’ phones. WhatsApp has recently acknowledged a security bug allowing hackers to access users’ messages by sharing an infected MP4 file. A security advisory posted by the messaging app regarding the bug, called CVE-2019-11931, said it affects earlier Android and iOS app versions.

The Facebook-owned app has already fixed the bug, but anyone who has not updated to the latest version is still vulnerable to the hack.

Hackers hold foreign exchange company Travelex to 6 million dollar ransom

A hacker gang called Sodinokibi is behind the attack launched on New Year’s Eve, forcing Travelex to turn off all computer systems across 30 countries to contain “the virus and protect data”. The hackers are now holding the foreign exchange firm to a 6 million dollar ransom.

The gang, also called REvil, claims it was able to access Travelex’s computer network six months ago and managed to download 5GB of sensitive customer data, like credit card and national insurance numbers. The hackers group announced that “In the case of payment, we will delete and will not use that [data]base and restore them the entire network … The deadline for doubling the payment is two days. Then another seven days and the sale of the entire base.”

Turk Telekom internet access restored after attack on DNS addresses

Turkey’s largest telecommunications company, Turk Telekom, has recently announced that it has been hit by a cyber attack, targeting DNS addresses and causing internet connection disruptions. Fortunately, Internet access was restored later the same day. 

A statement by Turk Telekom read: “The problem caused by an operator abroad has been solved, with domestic and international internet traffic returning to its normal flow.” The telecom company did not specify who was behind the attack, but said it was working on limiting any ongoing impact of the attack on its users.

No Comments

Post A Comment