Unfortunately, even springtime winds can’t blow away data breaches. As we’ve seen previously, companies of every size and in any industry can be affected by attacks.
Here are the recent data breaches that were making headlines in May:
Major Email Account Data Up for Sale
In early May, an exclusive report from Reuters revealed 272.3 million user names and passwords for email accounts were stolen in a major data breach — and the information is already being sold and traded in hacker online forums.
In what is considered one of the biggest stashes of stolen credentials since cyberattacks hit banks and retailers a few years ago, the breach affects the big three email providers: Gmail, Microsoft and Yahoo. A security expert noted that such large-scale data breaches can be used to engineer break-ins or phishing attacks by using each user’s email contacts. That could multiply the damage exponentially.
Although LinkedIn, the social networking site that focuses on business, was originally hacked in 2012, new reports just came out that the breach was much worse than reported. The initial estimate was 6.5 million credentials exposed, but based on a recent exposé, it turns out the number is closer to 170 million.
That means attackers likely obtained virtually all LinkedIn usernames and associated passwords. The extent of the breach came to light when the information was offered up for sale on hacker websites. This serves as a great reminder to change passwords regularly for all your social media sites as well as email accounts and other online destinations.
Children’s National Health System
Another day, another healthcare-related data breach: Washington state’s Children’s National Health System is blaming a medical transcription company’s poor file-server practices for a data breach that exposed thousands of patient records.
One security expert noted that constant changes and upgrades to systems can leave any health system vulnerable, especially if security controls aren’t in place. In notifying patients’ parents of the breach, Children’s National claimed the case transcriptions were leaked in a way that made them accessible online and able to be found via a simple Google search.
Seeing so many healthcare breaches emphasizes the importance of staying protected against medical identity theft. Since medical identities are 20 to 50 times more valuable to criminals than financial identities, it pays to be more aware of how your information is being used.
Check back next month to stay up to date on the most recent data breaches.