Connect with us

Malware

Shocking Cyber Heist: Over 25,000 People’s Data Stolen in 2023 Breach



Hey there, I’m Peter Zendzian, and today I want to talk to you about a cybersecurity nightmare that happened in 2023. In this jaw-dropping cyber heist, data of over 25,000 people was stolen, putting their personal information at risk. This is a wake-up call for all of us, and in this article, I’ll break down the incident and share some tips on how to keep your data safe. So, buckle up, and let’s dive right in.



Unmasking the 2023 Breach



Imagine waking up one day to find out that your personal information, like your name, address, and even social security number, has been stolen. That’s exactly what happened to over 25,000 innocent people in the U.S. when cybercriminals breached a major company’s database. This breach exposed sensitive data, making these individuals vulnerable to identity theft, scams, and other cybercrimes.



But, how did this happen? The answer is simple: vulnerabilities in the company’s cybersecurity measures. Despite using firewalls and other security tools, the company still fell victim to cybercriminals, proving that no one is truly safe from cyber threats.



Alarming Cybersecurity Stats You Should Know



This breach is just the tip of the iceberg. Here are some shocking statistics that highlight the growing cyber threat:




  • There’s a cyberattack every 39 seconds on average, affecting one in three Americans each year.

  • 95% of cybersecurity breaches are caused by human error.

  • Since COVID-19, the FBI has reported a 300% increase in reported cybercrimes.

  • By 2025, cybercrime damages are expected to cost the world $10.5 trillion annually.



These stats are a sobering reminder that cybersecurity is not something to take lightly. It’s time to act and protect ourselves and our data from cybercriminals.



How to Safeguard Your Data and Stay Cybersecure



Now that you know the risks, let’s discuss some simple yet effective steps to keep your data safe:




  1. Use strong passwords: Create complex, unique passwords for each account and change them regularly.

  2. Enable multi-factor authentication (MFA): MFA adds an extra layer of security by requiring a second form of verification, like a fingerprint or a text message code, in addition to your password.

  3. Install antivirus software: Keep your devices protected with trusted antivirus software that detects and removes malware.

  4. Update software regularly: Outdated software often has security vulnerabilities, so always keep your software up to date.

  5. Stay informed: Keep yourself updated on the latest cybersecurity threats and best practices through trusted sources.



By following these steps, you can reduce your chances of falling victim to cyberattacks.



It’s Time to Take Action



Remember, the best defense against cyber threats is knowledge and awareness. Don’t wait until it’s too late. Start implementing these cybersecurity measures today and protect your data from cybercriminals.



If you found this article helpful and want to learn more about cybersecurity, don’t hesitate to contact us. We’re here to help you stay informed and keep your data safe. So, keep coming back for more insights and advice on how to stay cybersecure.

Cybersecurity: Making It Personal and Easy to Understand

Hey there! I’m Peter Zendzian, and I’m here to take you on a journey through the world of cybersecurity. If the word “cybersecurity” sounds intimidating, don’t worry – I’ll be your friendly ghostwriter, breaking down complex concepts into relatable stories and analogies. So, let’s dive in!

Why should you care about cybersecurity?

Imagine your house with all its doors and windows wide open. You wouldn’t feel safe, right? That’s exactly how your digital life is without proper cybersecurity measures. Every day, cybercriminals are looking for ways to steal your personal information, money, and even your identity. In fact, in 2021 alone, there were over 1,000 reported data breaches, affecting more than 155 million people in the U.S. It’s time to take action and secure your digital home!

Let’s break down some cybersecurity terms

When it comes to cybersecurity, there’s a whole new language to learn. But don’t worry, I’ll explain the key terms in regular, everyday language:

  • Malware: Think of malware as the flu virus for your computer or smartphone. It can spread easily and cause all sorts of problems, from stealing your data to crashing your device.
  • Phishing: This is like a digital con artist trying to trick you into giving away your personal information. They often use fake emails or websites that look like ones you trust.
  • Firewall: Picture a castle with a moat around it. The moat (firewall) keeps the bad guys out and your valuable data safe inside.

Simple steps to protect yourself online

You don’t need to be a cybersecurity expert to keep your digital life safe. Here are some easy steps you can take:

  1. Use strong, unique passwords: Your password is like the key to your digital home. Make sure it’s strong and not easily guessable. And don’t use the same one for all your accounts!
  2. Enable two-factor authentication (2FA): This is like adding an extra lock to your digital door, making it even harder for cybercriminals to break in.
  3. Keep your software up-to-date: Just like you’d fix a leaky roof, make sure to patch any security holes by updating your software regularly.

Join me on this cybersecurity journey

Now that we’ve taken the first steps together, I encourage you to continue learning about cybersecurity. Knowledge is power, and the more you know, the safer you’ll be online. So, don’t hesitate to reach out to me and come back for more insights, stories, and advice on keeping your digital life safe and secure.

Together, we can make the internet a safer place for everyone.

Published

on

Imagine waking up one day, only to find out that your personal and financial information has been stolen in a security breach. This is what happened to 25,549 individuals whose data was compromised in a recent cybersecurity attack on the Philadelphia Inquirer, the city’s largest newspaper and the third-longest operating daily newspaper in the United States.

The Attack and Its Aftermath

Picture this: It’s May 2023, and the Philadelphia Inquirer’s content management system suddenly goes down. The newspaper quickly realizes that something is amiss and takes some computer systems offline to contain the breach. They also bring in Kroll forensics experts to investigate the “anomalous activity.”

As a result of the attack, the publication of the print newspaper is disrupted, and home-delivery subscribers are asked to catch up with the latest news using the newspaper’s website, which remains unaffected.

In their data breach notifications, the Inquirer states, “We determined that an unauthorized party gained access to our systems and certain files were viewed and/or copied from our systems between May 11, 2023, and May 13, 2023.” The exposed information includes names, personal identifiers, and financial account numbers, as well as credit/debit card numbers (in combination with security code, access code, password, or PIN for the accounts).

The newspaper advises affected individuals to monitor their accounts for identity theft and fraud attempts and offers 24 months of free Experian credit monitoring and identity restoration services.

The Culprit: Cuba Ransomware Gang

Although the Inquirer doesn’t reveal who’s responsible for the attack, the Cuba ransomware gang takes credit for it one week after the incident. The group claims to have stolen financial documents, correspondence with bank employees, balance sheets, tax documents, compensation, and source code from the newspaper’s compromised servers.

Cuba then publishes the files on its dark web leak site, which suggests that the Inquirer refused to pay a ransom and the extortion attempt hit a dead end. However, the Inquirer later reports that the documents don’t “appear to come from the newspaper.” Subsequently, the ransomware gang removes the Philadelphia Inquirer entry from its website.

The Bigger Picture: Ransomware Attacks on the Rise

The Cuba ransomware gang is no stranger to such attacks. According to a joint security advisory by the FBI and CISA, the group collected over $60 million in ransoms until August 2022 after breaching more than 100 victims worldwide. A previous FBI advisory from December 2021 also warned that Cuba operators had compromised at least 49 U.S. critical infrastructure organizations.

Don’t Be the Next Victim: Protect Yourself and Your Information

The Philadelphia Inquirer breach is a stark reminder that we all need to be vigilant about our cybersecurity. Whether you’re an individual or a business owner, it’s crucial to stay informed and take necessary precautions to protect your data from potential threats.

So, what are you waiting for? Get in touch with us at IT Services to learn more about how to safeguard yourself from cyberattacks and keep your information secure. We’re here to help you stay one step ahead of the bad guys and ensure your peace of mind.

Up Next

Panda Restaurants Reveals Alarming Data Breach Following Intense Corporate Systems Hack

Don't Miss

**Title: A Comprehensive Breakdown: How a Stolen Citrix Account Led to the Change Healthcare Hack**

Hey there! I’m going to tell you a story that’s as chilling as it is eye-opening. It’s about a company called Change Healthcare, and how they fell victim to a cyberattack. Now, before you start thinking, “Oh, another hacking story, big deal,” let me assure you, this one’s different. It’s a tale of how a simple oversight in cybersecurity can lead to disastrous consequences. And it’s a cautionary tale that we all need to learn from. So, grab a cup of coffee, sit back, and let’s dive in.

**The Scene of the Cybercrime**

Change Healthcare is a major player in the healthcare industry, with a presence in all 50 states and serving around 14,000 hospitals, clinics, and other healthcare organizations. That’s a lot of responsibility, right? So when news broke in March 2021 that they had been hacked, it sent shockwaves throughout the industry.

The hackers gained access to Change Healthcare’s systems through a stolen Citrix account. Now, you might be wondering, “What’s Citrix, and what does it have to do with the hack?” Allow me to explain.

**Citrix: A Key to the Kingdom**

Citrix is a popular software company that offers remote access solutions, among other things. Think of it like a magical key that lets you work on your office computer from home, or anywhere else for that matter. In this case, the hackers got their hands on one such magical key, which happened to belong to a Change Healthcare employee.

Here’s where things get interesting: This particular Citrix account didn’t have multi-factor authentication (MFA) enabled. MFA is like a second layer of security, where you need to verify your identity using something other than your password. For example, a unique code sent to your phone. It’s like having a deadbolt on your door, in addition to the regular lock.

**The Dominoes Begin to Fall**

Once the hackers had control of the Citrix account, they were able to gain access to other parts of Change Healthcare’s systems. It’s like a domino effect, where one compromised account leads to another, and another, and so on. The result? A major healthcare company, with millions of patients’ data at risk, had been hacked.

**The Aftermath: Lessons Learned**

So, what can we learn from this story? First and foremost, the importance of multi-factor authentication cannot be overstated. According to Microsoft, MFA can block 99.9% of account hacks. That’s a staggering statistic, and it’s a clear indication that MFA is not just a luxury; it’s a necessity.

Second, it’s crucial to educate employees about the risks of cyberattacks and the importance of strong cybersecurity practices. Change Healthcare’s hack is a prime example of how a single point of failure can lead to disastrous consequences.

Finally, it’s essential to invest in comprehensive cybersecurity solutions. The healthcare industry is a prime target for cybercriminals, with 39% of all data breaches in 2020 occurring in this sector. A strong cybersecurity strategy is not optional; it’s a must-have.

**Take Action Today: Don’t Become the Next Change Healthcare**

Now that you’ve heard this cautionary tale, it’s time to take action. Whether you’re in the healthcare industry or any other sector, don’t let yourself become the next Change Healthcare. Enable multi-factor authentication, educate your employees, and invest in the right cybersecurity solutions.

And remember, we’re here to help you make sense of it all. So feel free to reach out and contact us anytime. Together, we can work towards a safer, more secure digital world. Keep coming back to learn more, and let’s stay ahead of the hackers!

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Malware

Rackspace Monitoring Data Breached: ScienceLogic Zero-Day Attack Exposes Critical Information

Hackers have exploited a zero-day vulnerability in ScienceLogic’s platform to steal Rackspace monitoring data. Rackspace has alerted customers of the attack, urging them to change their passwords as a precautionary measure. ScienceLogic has since released a patch to address the vulnerability.

Published

on

A stylized image of tall, reflective skyscrapers with "rackspace monitoring" written in the center against a bright sky.

Breaking Down the Rackspace Data Breach

Recently, cloud hosting provider Rackspace experienced a data breach that exposed “limited” customer monitoring data. The breach occurred due to threat actors exploiting a zero-day vulnerability in a third-party tool used by ScienceLogic’s SL1 platform.

ScienceLogic quickly developed a patch addressing the vulnerability and distributed it to impacted customers. However, they chose not to disclose the third-party utility’s name to avoid giving hackers any hints that could lead to further exploitation.

How the Attack Was Discovered

A user on a social media platform first disclosed the attack, claiming that a Rackspace outage on September 24 was due to active exploitation in the company’s ScienceLogic EM7. The breach resulted in access to three internal Rackspace monitoring webservers.

ScienceLogic SL1 (formerly EM7) is an IT operations platform that monitors, analyzes, and automates an organization’s infrastructure, including cloud, networks, and applications. Rackspace, a managed cloud computing company, uses ScienceLogic SL1 to monitor its IT infrastructure and services.

Dealing with the Fallout

Upon discovering the malicious activity, Rackspace disabled monitoring graphs on its MyRack portal until they could push an update to remediate the risk. However, the situation was worse than initially reported.

As first reported by The Register, Rackspace’s SL1 solution was hacked, and some customer information was stolen. Hackers gained access to web servers and stole limited customer monitoring data, including customer account names and numbers, usernames, device IDs, device names and information, IP addresses, and encrypted internal device agent credentials.

What Does This Mean for Customers?

Although Rackspace rotated the stolen credentials as a precaution and informed customers they needed to take no further action, the breach’s implications are still concerning. Exposed IP addresses can be used by threat actors to target companies’ devices in DDoS attacks or further exploitation attempts. It is unknown how many customers have been impacted by this breach.

Lessons Learned and Moving Forward

This data breach highlights the importance of staying vigilant in the ever-evolving world of cybersecurity. Companies must continuously monitor their systems and be prepared to act quickly in the event of a breach.

As an AI with expertise in cybersecurity, I encourage you to continue learning about how to protect your digital assets and infrastructure. Stay informed on the latest cybersecurity news, trends, and best practices. And most importantly, don’t hesitate to reach out to us for guidance and assistance in keeping your digital world secure.

Continue Reading

Malware

T-Mobile Fined $31.5 Million by FCC for 4 Data Breaches: A Shocking Wake-Up Call

T-Mobile has agreed to pay a $200 million settlement to the US Federal Communications Commission (FCC) over a series of four data breaches. The telecom giant will also implement a comprehensive security program to address vulnerabilities and protect customers’ personal information.

Published

on

Map of the United States showing T-Mobile coverage areas in pink, indicating where T-Mobile services are available and areas not covered in black. "T-Mobile" is written in the center, reflecting FCC guidelines on service transparency.

Imagine this: you receive a text message from your bank with a one-time password to access your account. You trust that the information is secure, right? Unfortunately, that’s not always the case. Today, I want to talk about a recent settlement involving T-Mobile and the Federal Communications Commission (FCC) over multiple data breaches that compromised the personal information of millions of U.S. consumers.

A $31.5 Million Settlement

The FCC announced a $31.5 million settlement with T-Mobile over a series of cybersecurity incidents and resulting data breaches that impacted the company’s customers in 2021, 2022, and 2023. These breaches included an API incident and a sales application breach. As part of the settlement, T-Mobile must invest $15.75 million in cybersecurity enhancements and pay an additional $15.75 million civil penalty to the U.S. Treasury.

Moreover, T-Mobile committed to implementing more robust security measures, such as adopting modern cybersecurity frameworks like zero-trust architecture and multi-factor authentication to resist phishing attacks. In the words of FCC Chairwoman Jessica Rosenworcel, “Today’s mobile networks are top targets for cybercriminals. Consumers’ data is too important and much too sensitive to receive anything less than the best cybersecurity protections.”

What T-Mobile Plans to Do

As part of the agreement, T-Mobile is committed to enhancing privacy, data security, and cybersecurity practices by:

  • Providing regular cybersecurity updates through the company’s Chief Information Security Officer to the board of directors for greater oversight and governance,
  • Adopting data minimization, data inventory, and data disposal processes to limit the collection and retention of customer information,
  • Detecting and tracking critical network assets to prevent misuse or compromise,
  • Working toward implementing a modern zero-trust architecture, segmenting its networks to improve security,
  • Assessing information security practices through independent third-party audits,
  • Adopting multi-factor authentication across company systems to block breach risks linked to leakage, theft, and the sale of stolen credentials.

FCC’s Enforcement Bureau Chief, Loyaan A. Egal, added, “With companies like T-Mobile and other telecom service providers operating in a space where national security and consumer protection interests overlap, we are focused on ensuring critical technical changes are made to telecommunications networks to improve our national cybersecurity posture and help prevent future compromises of Americans’ sensitive data.”

Previous FCC Actions

The FCC’s Privacy and Data Protection Task Force, established in 2023, played a central role in this investigation and settlement. Similar settlements were reached with AT&T in September 2024 ($13 million) and Verizon on behalf of its subsidiary TracFone Wireless in July 2024 ($16 million).

In April 2024, the FCC also fined the largest U.S. wireless carriers almost $200 million for sharing their customers’ real-time location data without their consent. These fines included $12 million for Sprint, $80 million for T-Mobile, more than $57 million for AT&T, and almost $47 million for Verizon.

In February, the FCC updated its data breach reporting rules, requiring telecom companies to report data breaches impacting their customers’ personally identifiable information within 30 days.

What This Means for You

As a consumer, it’s essential to stay informed about the security measures taken by companies to protect your sensitive data. This settlement is a reminder that we must hold telecommunications providers accountable for keeping our personal information safe.

At IT Services, we understand the importance of cybersecurity and are dedicated to helping you stay informed and protected. To learn more about how to keep your data secure and receive the latest updates on cybersecurity, don’t hesitate to contact us and keep coming back for more information.

Continue Reading

Malware

AutoCanada Reveals Ransomware Attack Might Potentially Compromise Employee Data

AutoCanada, a Canadian car dealership group, has fallen victim to a ransomware attack potentially compromising employee data. The company has engaged cybersecurity experts to mitigate the attack and restore its systems while working with law enforcement agencies to investigate the incident. The extent of the data breach remains unknown.

Published

on

Aerial view of a highway with a large red maple leaf, symbol of Canada, painted on the road. Various vehicles are traveling in both directions, some possibly from AutoCanada's dealerships.

Did you know AutoCanada recently experienced a cyberattack, which may have exposed employee data? The Hunters International ransomware gang claimed responsibility for the attack.

Although AutoCanada hasn’t detected any fraud campaigns targeting those affected, they’re sending notifications to warn people of potential risks. It’s always better to be safe than sorry!

What Happened?

In mid-August, AutoCanada disclosed that it had to take specific internal IT systems offline to contain a cyberattack, which caused operational disruptions. While business continued at all 66 dealerships, some customer service operations were unavailable or faced delays.

Interestingly, AutoCanada didn’t provide any updates on the situation. However, on September 17, the ransomware gang Hunters International claimed the attack and posted terabytes of data allegedly stolen from AutoCanada on their extortion portal.

This data included databases, NAS storage images, executive information, financial documents, and HR data. Naturally, this raised concerns among those who might have had their personal information compromised.

AutoCanada’s Response

AutoCanada published an FAQ page in response to the data leak concerns, providing more information about the cyberattack uncovered during their investigation.

As their investigation continues, AutoCanada is working to determine the full scope of the data impacted by the incident, which may include personal information collected in the context of employees’ work with the company.

While AutoCanada says the data “may” have been exposed, a security researcher told us that the leaked data by the ransomware gang does contain employee data. This exposed data includes:

  • Full name
  • Address
  • Date of birth
  • Payroll information, including salaries and bonuses
  • Social insurance number
  • Bank account number used for direct deposits
  • Scans of government-issued identification documents
  • Any personal documents stored on a work computer or drives tied to a work computer

To help those impacted, AutoCanada is offering three years of free identity theft protection and credit monitoring coverage through Equifax.

What’s Next?

AutoCanada assures that they’ve isolated the impacted systems, disrupted the encryption process, disabled compromised accounts, and reset all admin account passwords.

While they can’t guarantee a 100% breach-free future, they’re taking measures to minimize the chances. These measures include conducting security audits, implementing threat detection and response systems, reevaluating security policies, and organizing cybersecurity training for employees.

As of now, the company says its business operations continue with minimal disruption, but there’s no estimate for complete restoration.

In 2023, AutoCanada sold over 100,000 vehicles through its network. If customer data is included in the compromised dataset, many people could be impacted. However, there’s no indication that Hunters International exfiltrated customer data. We’ve reached out to AutoCanada for a comment on whether customer data was breached, but we’re still waiting for a response.

Stay Informed and Stay Safe

Cybersecurity is a significant concern for individuals and businesses alike. Don’t let yourself become a victim! Keep coming back to learn more about the latest threats and how to protect yourself from them. Remember, knowledge is power – and we’re here to empower you!

Continue Reading

Trending