In our monthly roundup of data breaches and security incidents, we take a closer look at some of the biggest headlines you need to know. Let’s get started.
COVID-19 phishing scams on the rise
The Centers for Disease Control (CDC) and the World Health Organization (WHO) are both warning the public about new phishing attempts. Readers are urged to click links promising the latest Coronavirus news and reports. These emails can appear convincing, with some including the organizations' logos. In reality, the emails are designed to steal a victim’s information, download harmful files onto their computer, or — in some instances — both.
It’s important to remember the CDC and WHO will never email, call, or text you about the Coronavirus or to request a donation.
MGM Resorts guests' personal data found on hacker forum
On February 19, 2020, MGM Resorts confirmed a data breach that exposed 10.6 million guests' personal information. The compromised data, which was reportedly uploaded to a hacker forum the same week, includes guests' first and last names, addresses, phone numbers, and dates of birth. MGM reports that no financial information or passwords were exposed.
Once the breach was discovered — during the summer of 2019 — the company says it began working with two cybersecurity forensic firms to internally investigate, review, and remediate the incident. They then notified guests potentially impacted by the incident and took steps to strengthen their network security.
As of yet, it’s unclear who was behind the MGM Resorts hack.
New details emerge in 2017 Equifax data breach
Back in 2017, Equifax experienced one of the largest data breaches in recorded history. Nearly 150 million Americans had their personal information, like home addresses and Social Security numbers, exposed.
For years, many details of the breach remained unclear, including answers to the most obvious questions: who did it and why? That changed on February 10, 2020, when the Department of Justice indicted four members of the Chinese military for their role in the Equifax hack. The hackers’ efforts appear to be part of China’s well-documented effort to obtain as much information on U.S. citizens and businesses as possible.
On February 11, 2020, China denied playing a role in the Equifax breach.
Millions of Microsoft customer records compromised
On January 22, 2019, Microsoft announced a security incident that exposed around 250 million customer service records and support logs. Microsoft says personally identifiable information (PII) was redacted prior to the incident. However, there are a few exceptions — like when data entries contained a non-standard format (e.g. an email address containing spaces).
Still, security experts fear criminals might use victims’ case details from the customer service records and support logs to more successfully perpetrate fraud. For tips on identifying and avoiding Microsoft technical support scams, you can view this article.
Facebook users’ data found on the dark web
On December 14, the personal details of 247 million Facebook users were discovered in a public database. The sensitive data included users’ names, phone numbers, and user IDs — which cybercriminals can decode to reveal a victim’s username and other sensitive profile information.
According to the researchers who discovered the database, the data was accessible for nearly two weeks before Facebook restricted access. They believe it was enough time for hackers to upload its content to at least one dark web forum.
A Facebook spokesperson says the company is actively researching the breach, though the data was likely harvested prior to changes the company made to better protect user information.
This marks the latest in a long line of Facebook incidents involving user data, including the Cambridge Analytica breach, a Facebook API loophole that exposed the personal details of more than 50 million Americans, and the alleged logging of some users’ texts and calls.
Cybercriminals targeting state and local governments
Earlier this year, the state of Louisiana was forced to make two emergency declarations due to widespread cyberattacks causing outages that disabled many government agencies and services. Now, there's been a third incident.
Last week, New Orleans' emergency alert twitter account, "NOLA ready," warned that there had been "suspicious activity" on city networks. The city has activated its Emergency Operations Center and is working with the FBI, Secret Service, and National Guard to investigate. It's unclear how widespread this attack is or which local agencies and services have been affected, but additional tweets from the "NOLA ready" account confirm emergency services and emergency communications have not been affected.
Ransomware attacks on local governments also continue to occur, with evidence of previous attacks this year in Atlanta, Baltimore, Tallahassee, and other major cities. These ransomware attacks often involve cybercriminals using tools to lock computer networks, affect city services, and demand a ransom from state or local governments.
Telcom breaches are on the rise
Earlier this month, a contractor for a major cell phone provider reportedly exposed hundreds of thousands of customers' cell phone bills from multiple cell phone carriers.
Over 261,300 documents, dated as far back as 2015, were held online in cloud storage without password protection, making the contents accessible to anyone online. The bills were stored as part of a promotion to encourage users to switch to a new cell phone service.
The exposed information included account holders’:
- Bank statements
- Cell phone account PINs
What can you do?
For tips on protecting your online privacy, you can download Protecting Your Privacy: Best Practices for Mobile, Social, and Search Settings. If you’re a PrivacyArmor participant, be sure to activate critical features like credit monitoring within your portal.