CRM data breach leaks personal info tied to crypto accounts; Healthcare security breach affects 100K
While we are nearly three months into 2022, research detailing the scale and scope of data breaches, malware, ransomware, business email compromise, and other online fraud that occurred in 2021 is first coming in.
Recently, Politico revealed its research on data breaches affecting the healthcare industry In their analysis of data captured by the U.S. Department of Health and Human Services, Politico found that nearly 50 million Americans were impacted by healthcare data breaches in 2021, representing a threefold increase from the previous three years.
Cyberattacks targeting the healthcare industry aren’t going away any time soon. In this latest installment of BlackCloak’s Thursday Threat Update, we look at a recently announced healthcare data breach, as well as an incident that exposed personal information tied to cryptocurrency accounts.
Healthcare data breach exposes information of 100,000 patients
What we know: Washington-based Chelan-Douglas Health District revealed it experienced a data breach compromising the personal and medical information of 108,906 individuals. An investigation found that the incident took place in July 2021, however, the data breach was only disclosed earlier this month. The exposed information includes names, Social Security numbers, dates of birth, financial account information, medical account information, and health insurance policy information.
Recommendations: Whenever Social Security numbers and financial information are captured in a data breach, it’s important to vigilantly monitor your accounts for any fraudulent transactions. It’s also recommended that you strongly consider placing a credit freeze and online fraud alert on your accounts as well. Chelan-Douglas Health District said it is offering one-year memberships to credit monitoring services for all individuals who had their Social Security numbers exposed.
CRM platform’s security breach leaks Bitcoin users’ personal data
What we know: Customer relationship management platform HubSpot was hit by a data breach, which leaked the personal information of thousands of Bitcoin users. HubSpot said the attack specifically targeted cryptocurrency customers.. BlockFi, Swan, and NYDIG confirmed they were among those attacked. In an initial statement, BlockFi and Swan said that while personal information was exposed, financial information and crypto funds were safe. A follow up statement from Swam further revealed “a limited historical snapshot of USD deposits” were exposed. BlockFi did not disclose what information was affected, but said funds, client account passwords, and Social Security numbers were not impacted.
Recommendations: HubSpot is advising affected individuals to contact their crypto companies to determine what information was stolen and what steps they should take. While funds may not have been stolen in the data breach, it’s a good idea to strengthen the security around your cryptocurrency accounts. Stolen crypto can be very difficult to recover, and to protect your assets, you should consider changing your password out of an abundance of caution, and enable dual-factor authentication, for both your crypto and email accounts.
The threats are out there, but you can stay one step ahead
It may seem like it’s inevitable that you will fall victim to a data breach, but that does not mean you need to sit idly by. There are ways to proactively reduce your overall risk. Learn about six ways you can reduce your risk of data breaches, identity theft and financial fraud, as well as why you should enable dual factor authentication for your email accounts.