Twitter Fined €450,000 Under GDPR Over ‘Protected’ Settings Bug

A bug in Twitter for Android discovered in late 2018 has come back to bite the microblogging company in the form of a hefty fine from the Data Protection Commission (DPC), the authority upholding EU citizens’ data protection rights.

A press release from the commission this week says its investigation into Twitter, launched after a receipt of a breach notification, has found that Twitter infringed Articles 33(1) and 33(5) of the GDPR “in terms of a failure to notify the breach on time to the DPC and a failure to adequately document the breach.”

The commission has thus fined Twitter €450,000 ($550,000) “as an effective, proportionate and dissuasive measure.”

So what happened two years ago that led to this week’s penalty? As some users might remember, a bug in Twitter for Android discovered in late 2018 led to some users exposing their Tweets to the world thinking they were “protected” – the setting that allows a user to let only a specific set of followers see those Tweets.

In the Background section point 1.11 of the decision (PDF), the DPC explains the bug as follows:

“The personal data breach that is the subject of this Decision (‘the Breach’) relates to a ‘bug’ in Twitter’s design. A user of Twitter can decide if their tweets will be “protected” or “unprotected”. In the former case, only a specific set of persons (followers) can read the user’s protected tweets. The bug that resulted in this data breach meant that, if a user operating an Android device changed the email address associated with that Twitter account, their tweets became unprotected and consequently were accessible to the wider public without the user’s knowledge.”

Twitter would have handled the problem in due time, had it not been understaffed at the time, the social media giant said in a statement to TechCrunch.

Sonoma Valley Hospital Informs 67,000 Patients of Data Breach

California-based Sonoma Valley Hospital (SVH) has sent out data breach notifications to about 67,000 patients whose personal health information may have been compromised during a ransomware attack on October 11.

According to an update by the hospital, the cyber-attack is believed to have been part of a more extensive ransomware campaign targeting healthcare facilities across the United States.

“As we reported recently, Sonoma Valley Hospital experienced a ransomware cyberattack on October 11, 2020, by what we believe is a Russian ’threat actor.’ This event was part of a broader attack on dozens of hospitals across the country,” SVH said.

Although the hospital promptly shut down all systems to protect sensitive data after the attack and has not paid the ransomware operators for a decryption key, the forensic investigation found that patient information may have been accessed during the attack.

The sensitive information comprises health claims data sent to insurers electronically, such as names, addresses, birthdate, insurer group number and subscriber number, diagnosis or procedure codes, date of service, place of service, amount of claim and secondary payer information.

However, in some cases, medical record data such as imaging tests may have also been compromised.

SVH said no credit card or Social Security numbers were accessed during the attack, and it’s not aware of any misuse of patient health information.

“Based on the reports of the forensics analysts, patient financial information (such as credit card or social security number) was neither accessed nor disclosed,” SVH added. “SVH is not aware of any misuse or attempted misuse of patient health information, and our forensics experts have searched for any potential redisclosures.”

The letter sent to possible victims includes security measures that patients can apply to protect against identity theft and fraud. It is highly recommended for patients to closely review their medical bills and records in upcoming months for mismatches and notify their medical provider and law enforcement if they suspect any fraudulent charges.

Were you a victim of a data breach? Time to find out with Bitdefender’s Digital Identity Protection tool. 

How can a Security Solution keep your Devices, Privacy and Personal Data Safe till Christmas and Beyond?

As the world prepares for a one-of-a-kind Christmas celebration, cybercriminals are rolling up their sleeves for one of their busiest and most profitable times of the year. Bad actors know you’re busy looking up last-minute gifts for your loved ones, and they take advantage of your increased online activity to compromise devices and online accounts to steal personal and financial data.

Seasoned cybercriminals have come up with new and creative ways to trick internet users into providing their personal data and money throughout the year. While you might think you’re up for the challenge and have honed your cybersecurity skills to fend off attacks, just one second of distraction can bring an end to all your Christmas cheer.

Installing a comprehensive and easy-to-use security solution can help you breathe easy and concentrate on what matters most – the well-being of you and your family.

Here’s what to look for when upgrading or installing a security solution on your internet-enabled devices:

Complete anti-malware and ransomware protection

A security solution providing multi-layered protection to keep your devices and data safe from new and existing cyber threats is vital in this year’s cybersecurity landscape. Whether you’re accessing a spoofed website created for fraud or downloading a malware-infected app on your device, local security software will immediately block the threat and protect your devices from becoming compromised.

Attacks ranging from banker Trojans aiming to steal financial info to ransomware infections that encrypt user devices until you pay a ransom have increased considerably since the beginning of the health crisis. These attacks are expected to proliferate well beyond Christmas and New Year’s, with the continuation of remote-work in many industries.

Secure your online presence and shopping using a VPN

Adding a VPN to your cybersecurity toolbox will further expand your online safety, as the software automatically encrypts network traffic every time you go online, whether to watch your favorite movie, shop or bank. Fraudsters won’t be able to spy on your conversations, steal your login credentials, or direct you to malicious websites that mimic your favorite retailers.

Moreover, if you plan to spend the holidays on vacation, the feature can protect your devices from unsecured Wi-Fi networks, allowing you to browse safely.

Online fraud protection while shopping

Fraudsters make the most of the season of giving by bombarding inboxes and social media with fake ads and scams to steal credit card information and account passwords. A security solution with advanced anti-phishing protection can keep you out of danger by sniffing out websites that masquerade as trustworthy ones. You can do your online banking and shopping safely without spending time researching the vendor’s validity or offer.

Home scanner to fend off intruders on your network

Smart devices in your home are not excluded from a cybercriminal’s target lists. Regularly scanning your home network for vulnerable or unwanted connected devices and security flaws can protect against network hijacking and attacks. You will be alerted in real-time and given security recommendations whenever a new device connects to your home network.

Letting your guard down this festive season can prove devastating, especially now when you’re focused on making plans to get together with family and friends. Don’t let your first digital Christmas get stolen! See how we can help you stay safe during the holiday season and beyond.

New Ransomware MountLocker Uses Extortion and Data Exfiltration

Security researchers have identified a new piece of ransomware named MountLocker specializing in infection and data exfiltration, following the trend set in 2020 by similar threats.

MountLocker is distributed on a ransomware-as-a-Service (RaaS) model, which means its makers don’t use it themselves to attack organizations. In 2020, the ransomware threat has evolved into a new beast, moving from just encrypting systems to more complex procedures that involve stealing data and blackmail.

Another infamous example of similar ransomware is Maze, a group that claims to have shut down the service. Some of their more famous targets include SpaceX and Cognizant. It’s difficult to tell if the Maze operators actually stopped, or are rebranding under a different name.

On the other hand, the MountLocker ransomware is newer, and is still under development. It received a significant update in November as the operators try to evade cybersecurity tools. The ransomware encrypts the victims’ files using ChaCha20, and the file encryption keys are encrypted using RSA-2048.

“The ransomware appears to be somewhat secure; there are no trivial weaknesses allowing for easy key recovery and decryption of data,” says the security researchers from BlackBerry Incident Response Team. “MountLocker does however, use a cryptographically insecure method for key generation that may be prone to attack.”

Like Maze, the MountLocker ransomware uses the FTP protocol to steal data, allowing attackers to blackmail their victims, in addition to demanding payment for the decryption key. The blackmail is a direct response to the use of backup tools and cyber insurance.

“Since its inception, the MountLocker group have been seen to both expand and improve their services and malware,” the researchers also said.

Even if their tools are not as advanced as some older ransomware groups, this is not likely the last time we hear about MountLocker, as the group seems to be adapting and warming up for aggressive campaigns.

FTC and Law Enforcement Agencies Partner up against Fraudulent Income Schemes Targeting Consumers

The Federal Trade Commission (FTC), in partnership with 19 law enforcement agencies, recently disclosed a nationwide clampdown on fraudulent income schemes, including fake jobs, pyramid schemes and investment opportunities targeting US consumers.

It’s no secret that the economic condition created by the pandemic economic conditions has fueled the spread of income scams targeting individuals who either lost their jobs or need extra income to support their household.

According to an FTC report, consumers have lost more than $610 million to scammers since 2016, with more than $150 million reported losses in the first nine months of the pandemic.

The operation dubbed “Income Illusion” saw more than 50 law enforcement actions since the start of 2020 against fraudsters promising remote work opportunities, employment scams or fake coaching courses. The FTC’s efforts are expected to end these deceptive income schemes while returning victims’ money.

“Scammers are preying on the unemployment and anxiety arising from the pandemic by making false promises of big income working from home,” Andrew Smith, director of the FTC’s Bureau of Consumer Protection said. “If someone promises you guaranteed income, but then tells you to pay them, tell the FTC right away so we can work to shut them down.”

The most common tactic used by income scammers includes a fake job listing involving fake checks. According to reports, individuals who apply for these bogus jobs go through the hiring process very quickly.

“Scammers tell people hired as ’mystery shoppers’ to buy gift cards as they evaluate a retailer (the scammers get the gift card PIN numbers, of course),” the FTC explained. “People hired as ’virtual personal assistants’ are told to send some of the money to a supposed supplier of home office equipment. Other people have even reported that their so-called boss told them to use some of the funds to buy gift cards for co-workers sick with COVID-19.”

By the time the bank uncovers that the check is fraudulent, the employee must pay back the funds, reaching a median of $2,300.

The agency also reported that investment cons targeting individuals in their 50s and 60s racked up a median loss of nearly $24,000 per victim. Consumers are advised to watch out for deceptive income schemes by researching the online company that is “hiring” and avoiding advertised success stories on social media that promise overnight wealth.

Cruise line operator Hurtigruten crippled in ransomware attack

Cruise line operator Hurtigruten crippled in ransomware attack

  • IT systems worldwide said to be affected
  • Business, already suffering during pandemic, now has a cyber attack to contend with

Norwegian shipping and cruise line Hurtigruten has revealed it is the latest maritime firm to suffer at the hands of cybercriminals, following a crippling ransomware attack that it sustained on Monday leaving some of its systems down around the world.

Prospective travellers visiting the company’s website are currently met with a terse message: “Sorry, the website isn’t working right now”

The company’s IT chief, Ole-Marius Moe-Helgesen, described the incident as “a serious attack” gainst its global IT infrastructure, according to a report by Reuters.

It’s not been a good year for Hurtigruten, as the global pandemic has understandably impacted its business activities, forcing it to suspend its cruise operations and laying off hundreds of employees.

No details have been shared of the strain of ransomware which has hit the firm, but in the very best scenario it will be juggling whether to pay its extortionists a handsome fee in order to have its data decrypted or attempt to restore its systems from its own backups.

In the worst case it may also be facing the possibility that its attacks have exfiltrated sensitive data and are threatening to release it publicly if a ransom is not paid in a timely fashion, potentially damaging Hurtigruten’s image further and its relationships with customers and partners.

Clearly the cruise line is not feeling entirely despondent, however. Hurtigruten has told the Oslo Stock Exchange in a statement that it does not “expect a material financial effect from the cyber attack.”

Hurtigruten says that it is working with the Norwegian authorities to investigate the scale of the incident, and limit its impact within the organisation.

Other maritime victims of cyber attack include cruise line operator
Carnival, shipping giant CMA CGM, and the United Nations International Maritime Organisation (IMO).

Your Digital Persona at Risk: Around 26 Unique Data Items from Your Digital Footprint Exposed Online

The marks we leave in the digital world create and add to our existing digital footprint every time we connect, post or share information via social media or other online platforms. In many instances, these acts may seem meaningless, with no immediate consequences or risks. However, online exposure should not be taken for granted, especially now, when most daily tasks require even more digital interactions.

Most netizens believe their identity consists solely of the information provided in the real world. However, the internet knows more than you might think, leaving users susceptible to identity-theft related crimes and impersonation attempts that can damage their online reputation.

An in-depth analysis of Bitdefender’s Digital Identity Protection community has revealed an alarming rate of personal data exposure of users over the past eight months. Only 19.48% of users have between one and five data entry points exposed online, including a home address, names, usernames, emails and job titles. 20.20% of users have between six and 12 data entry points made public. For the remaining 57.49%, more than 12 data entry points are exposed, with 16.13% of users having more than 50 instances of personal identifiable information on display in the virtual world.

The data repository amounts to a pool of 7100 users, 43.7% of which are from the United States, 15.9% from Canada, 12.3% from the UK, 9% from Australia, and 4.9% from Romania.

Check now if your personal info has been stolen or made public on the internet, with Bitdefender’s Digital Identity Protection tool. 

On average, a user’s digital footprint exposes 26 data items, with a record-breaking exposure count of 277 items for a single user, who also suffered the largest number of data breaches over the past 10 years.

Home address, URLs and job titles or workplaces are the top trends observed in online exposure of users’ personal information. According to our data, 29.35% of exposed data is linked to social media URLs, 19.42% represent home or physical addresses, and 19.92% point to job titles or user workplaces.

Additional data entry points include:

  • 7.49% for names
  • 7.32% for usernames
  • 6.74% for gender
  • 5.36% for education
  • 2.75% for email addresses
  • 2.48% for dates of birth
  • 1.28% for phone numbers

Personal data exposure is not limited to what users willingly share in the virtual world. It also encompasses leaked personal identifiable information (PII) from data breaches that continue to fuel cybercrime and fraud in underground marketplaces.

Over a quarter (27.78%) of Bitdefender Digital Identity Protection users have suffered more than 12 data breaches, with one user facing a record-high of 87 data breaches in the past decade. Additionally, 36.60% have appeared in one to five data breaches, and only 35.61% of users remain in the six to 12 data breach exposure count.

Impersonation attempts are also on the list, with 3.99% of users confirming that real online impersonators leveraged their digital identity. While it may not be clear if these attempts exploit users’ online popularity for financial gain, there has been one instance of 15 online impersonations for one user.

The truth is that the safety of personal and financial information has become a “luxury” that nobody can genuinely afford. Throughout our digital endeavors, we willingly and unknowingly expose data that cybercriminals and scammers can use in nefarious ways. It has become imperative for users to understand their digital persona and the implications of oversharing information via social media or other online platforms. There may be no quick fix or antidote to provide bulletproof protection. However, the way users chose to limit their digital footprint in future online interactions can go a long way to protecting against identity-theft-related crimes and impersonation attempts.

Check now if your personal info has been stolen or made public on the internet, with Bitdefender’s Digital Identity Protection tool.

FBI and CISA Warn of Increased Malicious Attacks against K-12 Schools

A recent cybersecurity advisory released by the FBI, CISA and Multi-State Information Sharing and Analysis Center (MS-ISAC) warns of increased cyber threats targeting K-12 schools in the United States.

The alert emphasizes that attacks aimed at educational institutions are expected to continue throughout the academic year. Specifically, ransomware, Trojans and distributed denial-of-service (DDoS) attacks may lead to data theft and disruption of online learning services.

“According to MS-ISAC data, the percentage of reported ransomware incidents against K-12 schools increased at the beginning of the 2020 school year,” the advisory reads. “In August and September, 57% of ransomware incidents reported to the MS-ISAC involved K-12 schools, compared to 28% of all reported ransomware incidents from January through July.”

Ryuk, Maze, Nefilim, AKO and Sodinokibi/REvil were the top five ransomware variants to have caused major disruptions to K-12 schools in 2020.

“In these attacks, malicious cyber actors target school computer systems, slowing access, and—in some instances—rendering the systems inaccessible for basic functions, including distance learning,” the alert explained. “Adopting tactics previously leveraged against business and industry, ransomware actors have also stolen—and threatened to leak—confidential student data to the public unless institutions pay a ransom.”

DDoS attacks and video conference disruptions have also increased this past year. As the report notes, DDoS attacks have frequently prevented students and teachers from conducting distance-learning classes. Verbal assaults against students and exposure of sensitive information during disrupted video conference sessions also made the cybersecurity advisory threat list.

“Numerous reports received by the FBI, CISA, and MS-ISAC since March 2020 indicate uninvited users have disrupted live video-conferenced classroom sessions,” the alert notes. “These disruptions have included verbally harassing students and teachers, displaying pornography and/or violent images, and doxing3 meeting attendees.”

To minimize security risks and further disruptions of the remaining school year, the report provides a list of best practices for educational institutions and individuals alike. Students, faculty members and parents are advised to report suspicious or cybercriminal activity to local FBI field offices, providing as much information as possible.

‘Tis the season for online fraud: Cybercriminals are on the prowl as consumers aim to spend big this Christmas

With Covid-19 raging across the globe, one might see little jolly to celebrate this holiday season. However, despite social-distancing measures and spikes in coronavirus cases, the world is preparing for a repackaged Christmas that could soothe post-lockdown anxiety. And so are cybercriminals.

The holiday season offers cyber-crooks new opportunities to defraud people, and we can expect a proliferation of online scams leveraging the ongoing health crisis that’s pushing consumers to be more digitally active than ever.

More clicking and online shopping could stimulate fraudsters even more

Digital transactions have surged 250% since the beginning of the pandemic, accelerating online fraud by 11% from early March. Americans have lost $177.32 million to online fraud this year, while British consumers are down £16 million due to online shopping fraud.

Online shopping peaked, with recent reports revealing that 87% of global consumers will still be shopping for items on their Christmas gift list. Specifically, 65% of UK consumers have shopped more online since COVID-19, and 73% plan to stick to online shopping, with over half of shoppers expected to be on mobile devices.

With soaring Covid infection rates, in-person Christmas browsing in shopping centers is also expected to be delayed, providing fraudster with a perfect storm to exploit the hype surrounding the 2020 Holiday shopping season.

Bad actors will use this opportunity to try to dupe shoppers into disclosing their financial and personal information via spoofed websites, phishing emails, social media ads and messages.

No fishing allowed this Christmas

While high Covid infections rates are driving additional lockdowns and social-distancing measures globally, cybercriminals have been preparing for an even larger payday, exploiting every nook and cranny of the digital transformation. UK consumers reported more than 2 million suspicious emails between April and August 2020, leading to the removal of tens of thousands of malicious websites and scams.

However, don’t be fooled by this apparent success. According to researchers, users play a dangerous cat and mouse game when accessing unknown links they receive in emails. Although 78% of users claim to be aware of the risks associated with unsolicited emails, more than half can’t fight their curiosity and click the links anyway.

Cybercriminals are not just luring consumers with deals that lead to fraudulent websites. In the months preceding the “season of giving,“ charity organizations reported £3.6 million in losses due to fraud or cybercrime. So, if you plan to pull out your wallet to donate to those in need, do some research. Scammers and phony charities are also ready to collect from unsuspecting citizens, so look closely at the website and call the organization for additional information. Abort any financial transfers if you are asked to provide any personal identifiable information such as a Social Security number.

Stay-at-home-holiday or Christmas-cottage rental?

Nobody is sure what Christmas will look like this year, but alternative holiday breaks are already popping up for people in need of a change in scenery. Fraudsters follow the latest trends and, being excellent social engineers, speculate on consumer behavior to fuel their financial gain.

There are plenty of genuine holiday booking websites, so avoid being lured-in by phony holiday gift vouchers you receive via email or ads on social media. In many scams, the crooks will urge you to contact them directly and not use the website’s booking services. More often than not, they offer below-market rates for rentals and ask you to send money via wire transfer directly to their account. Once the transaction is complete, the scammers disappear, with your money.

Tips for a Grinch-free Christmas

The holiday season is the worst time of the year to fall victim to cyber-theft or fraud. Thus awareness and careful planning are vital for keeping your personal and financial information safe from cybercriminals.

  1. Beware of fake websites – cybercriminals create spoofed websites that mimic official retailers to deliver fake deals and steal your personal and financial information. It’s best to stick to your usual retailers when shopping for Christmas season deals, and always check the URL of the website you are directed to. Make sure that the link starts with ‘https’ and look for a padlock on the left of the browser.
  2. Use a credit card and activate any payment alerts – It’s crucial to avoid shopping on any websites that ask you to pay via wire transfer. By enabling alerts on your credit card, you can protect against attempts at fraud. If you suspect your banking information has been compromised, contact your financial institution immediately.
  3. Don’t click on links from unsolicited emails – phishing remains the most common tool used by cybercriminals to steal sensitive information from users. Most phishing emails are designed to appear from a trusted organization or retailer and always ooze a sense of urgency to compel recipients to click on fraudulent links or download malware to their devices. Be wary of any emails that offer too-good-to-be-true deals or prizes.
  4. Don’t fall for ‘freebies’ advertised on social media – be highly skeptical of any deals you see posted via Facebook, Twitter or Instagram that ask users to provide personal details to win the latest iPhone, PS5 or shopping voucher. Scammers often create official-looking adverts to fool users into sharing information that can be used for fraud.
  5. Avoid connecting to public Wi-Fi networks while shopping – Internet hotspots available in shopping malls and cafes are highly vulnerable to cyberattacks. To make sure that your online shopping, personal, and banking information remain safe, disable any automatic Wi-Fi connections on your device.
  6. Reset passwords and enable two-factor authentication (2FA) or multi-factor authentication (MFA) for your online accounts – Before delving into the best Christmas deals, change the passwords for your online accounts and enable an extra layer of security to protect against fraud.
  7. Install a local security solution on your devices – Keeping your Internet-enabled devices secure will protect against malware and hackers trying to steal sensitive information.

Holidays are the best time for sharing pleasant moments with family and friends, no matter where they are. Don’t let your first digital Christmas get stolen! See how we can help you stay safe during the holiday season and beyond.

Alabama School District to Replace Student and Teacher Devices after Ransomware Attack

The Huntsville City Schools district in Alabama hasn’t fully recovered from a ransomware attack that disrupted its IT network on November 30.

After confirming the attack on school districts’ servers, officials shut down schools and campuses, announcing that students and teachers will not engage in remote learning activities.

Students and employees were urged to turn off their district- issued devices to mitigate the spread of the ransomware infection. Families were also advised to watch out for phishing emails asking for HCS student information.

“Families will not receive any district correspondence requesting their student’s name or personal information,” the district warned. “HCS encourages families to be extremely cautious in sharing personal information with anyone.  Avoid opening any emails and do not click on any links from unfamiliar email accounts.”

In a letter posted yesterday by HCS Superintendent Christie Finley, families were told that no student information appears to have been compromised.

“Our IT Team, in conjunction with our outside cybersecurity experts, has confirmed the third-party systems hosting student information were not compromised as part of this threat,” Finley said. “These systems include iNow and PowerSchool.”

However, it appears that Windows operating systems used by high school students and teachers are at risk, and the school district plans to replace them.

“There is no evidence at this time to suggest that Chromebooks used by students in grades K-8 were impacted,” Finley added. “Our main area of focus is for Windows devices, which are used by high school students and teachers. As a precautionary measure, we are making plans to collect all high school student devices and replace all teacher devices. We will be working to re-issue high school student devices as quickly as possible.”

Posts navigation

1 2 3 4 5
Scroll to top