Reading Time: ~ 2 min.
Quest Diagnostics Customers Affected by Third-Party Breach
The medical testing organization Quest
Diagnostics has fallen victim to a third-party data breach that could
affect nearly 12 million of their patients. AMCA, a collections agency that
works with Quest Diagnostics, noticed unauthorized access to their systems over
an eight-month period from August of last year through March 2019. The majority
of data targeted were Social Security Numbers and other financial documents,
rather than patient’s health records. The market offers a premium for such data.
Adware Installed by Millions of Android Users
Until recently, there were over 230 apps on the Google Play
store that had been compromised by a malicious
plugin that forced out-of-app advertisements on unsuspecting victims.
Globally, over 440 million individuals have installed at least one of these
compromised applications and have been affected by overly-aggressive
advertisements. While this SDK has been used legitimately for nearly a year, sometime
during 2018 the plugin began performing increasingly malicious behaviors, until
other developers caught on and began updating their own applications to remove
the plugin.
Chinese Database Exposes Millions of Records
A database belonging to FMC
Consulting, a headhunting firm based in China, was recently found by
researchers to be publicly available. Among the records are resumes and
personally identifiable information for millions of individuals, as well as
company data with thousands of recorded messages and emails. Unfortunately for
anyone whose information is contained within this database, in the two weeks
since being notified of the breach FMC has yet acknowledge the breach or take
steps to secure it.
Restaurant Payment Systems Infected
Customer who’ve patronized either Checkers
or Rally’s restaurants in recent months are being urged to monitor their
credit cards after the chain announced that they discovered card stealing
malware on their internal systems. While not all restaurant locations were
affected, the company is still working to determine the extent of the
compromised payment card systems and has offered credit monitoring services to
customers.
University of Chicago Medicine Server Found Online
Researchers have found a server belonging to University
of Chicago Medicine with personal information belonging to more than 1.6
million current and past donors. The data includes names, addresses, and even
marital and financial information for each donor. Fortunately, the researcher
was quick to inform the university of the unsecured ElasticSearch server and it
was taken down within 48 hours.
The post Cyber News Rundown: Medical Testing Service Data Breach appeared first on Webroot Blog.