Cybercriminals may have different reasons for conducting cyberattacks, but the number one reason above all else is to make money.

The reason why these incidents are so common is due to the fact that cyberattacks can be incredibly lucrative for bad actors.

In its 2023 Internet Crime Report, the FBI’s Internet Crime Complaint Center found Americans lost $12.5 billion to cybercrimes in 2023, a 22% percent increase compared to 2022.

Cybercriminals have a lot to gain from these cyberattacks, and potential victims have a lot to lose. It’s why proper cyber hygiene and awareness of cyberthreats remains paramount. As long as cybercriminals can profit from these attacks, they will continue to happen at a breakneck pace.

In this installment of the BlackCloak Thursday Threat Update, we’ll look at a pair of healthcare related breaches affecting more than one million patients, as well as another incident involving Roku.

 

1.6M patients affected by healthcare data breaches

What we know: Around 1.68 million patients had their information stolen in a pair of data breaches. The breaches targeted healthcare data and other sensitive information. North Carolina-based Eastern Radiologists informed more than 886,000 patients their data was exposed in a breach, while New York-based labor union UNITE HERE said more than 791,000 were impacted by a cyberattack. In both breaches, Social Security numbers were compromised, along with various healthcare and other personal information.

Recommendations: Anyone tied to either organization should monitor their accounts for fraud, and place a credit freeze and fraud alert on their accounts as soon as possible. UNITE HERE is offering complimentary credit monitoring and identity theft protection to those affected by the incident. It also reset user passwords, thus, anyone impacted by the breach should take the time to create a strong, unique password, and consider storing it in a password vault for safe keeping.

 

Roku data breach impacts 15K customers

What we know: Roku disclosed it experienced a data breach affecting at least 15,000 customers. Cybercriminals were able to conduct the cyberattack by using login credentials gathered from previous breaches, according to Roku’s data breach notification letter. Using these credentials, cybercriminals would log into customers’ accounts, locking the customer out. From there, the bad actors could conduct transactions using the victim’s payment card information. In response to the incident, Roku changed customers’ passwords and canceled fraudulent transactions.

Recommendations: Out of an abundance of caution, Roku users should strongly consider resetting their passwords, even if they weren’t affected by the breach. Passwords should be strong and unique, as reusing passwords could put you in danger for similar attacks in the future. Affected individuals may want to consider canceling their payment card tied to their Roku account to prevent further transactions.

 

Protect your accounts and devices from bad actors

Cybercriminals target everyone, from the largest organizations, to each and every one of us. Bad actors want to access your accounts and devices and steal your valuable, sensitive information. Luckily, there are actions you can take to make it hard for them to do so.

 

Learn about the importance of enabling two-factor authentication and why you should regularly install software updates for your devices.

 

Get a demo