Penetration Testing Archive
Cyber attacks are an increasingly serious risk for organizations, but many senior staff seem to believe that their organization won’t be targeted. They might say that their organization is too small to be on attackers’ radars, or that they don’t …
In addition to health issues, UConn Health patients are now fretting over their PII (personally identifiable information) being compromised. On December 24, 2018, UConn Health discovered that an unauthorized party had accessed nearly 1,500 employee email accounts. Breach at UConn …
At the beginning of the month, RMIA (Reproductive Medicine and Infertility Associates) in Woodbury, Minnesota informed its patients that a malware attack had potentially exposed their PII (personally identifiable information). In its announcement, RMIA said: “On December 5, 2018, we …
In January, Ascension’s server suffered a security lapse that allowed information on 24 million bank, mortgage and other loans to be accessed online. The server contained decades worth of data, but was not password protected. The lack of security allowed …
Attorney General of North Carolina Josh Stein and House Representative Jason Saine have introduced the “Strengthen North Carolina Identity Theft Protection Act,” mandating organizations to report data breaches within 30 days. What does the Act say? The Act updates the …
Oklahoma might have been “O.K.” in Rodgers and Hammerstein’s 1943 Pulitzer Prize-winning Broadway musical, but the state’s cybersecurity standards certainly aren’t. On January 16, the ODS (Oklahoma Department of Securities), which oversees and regulates Oklahoma’s securities business, announced “an incident …
For many, weekends mean lounging around with a cup of coffee and the newspaper. However, on December 29, 2018, readers of the Baltimore Sun, Chicago Tribune, Los Angeles Times, New York Times, San Diego Union-Tribune, and Wall Street Journal: Weekend …
As a result of a phishing attack, the San Diego Unified School District was forced to send an email to parents and former students notifying them that their PII (personally identifiable information) may have been accessed by an unauthorized party. …
On October 10, Sotheby’s Home discovered it had become a victim of the ‘Magecart’ hacking technique. ‘Magecart’ refers to a toolkit of malicious software deployed by multiple criminal hacker groups that intercept payment card information when a user attempts to …
Do you take your coffee black or regular? Do you remember when it was “time to make the donuts”? These are sweet memories. Unfortunately, recent events leave a more bitter taste. On October 31, Dunkin’ Donuts, the coffee and donut …