Healthcare Breaches Expose Sensitive Information; Twitter Users’ Data Leaked Online
The end of the year is upon us. You’ll soon begin to see plenty of articles recapping the biggest cybersecurity news stories of 2022.
You will also encounter articles that will look forward. You can read what some believe may be the most pressing cyberthreats to come in the year ahead, as well as the factors that could influence the privacy landscape in 2023.
However, the year isn’t over yet, and there are still cyberthreats to keep an eye on as the year comes to a close.
In this installment of the BlackCloak Thursday Threat Update, we cover a series of healthcare data breaches where sensitive information is at risk and why Twitter users should be on guard following a data leak.
Third-party breach affects 119 pediatric practices, 2.2 million patients
What we know: The personal information of more than 2.2 million patients was exposed after cybercriminals gained unauthorized access to the network of Connexin Software. The health tech company creates pediatric-specific health IT solutions. 119 pediatric healthcare organizations were affected by the breach. The exposed information included Social Security numbers and billing and claims data, as well as personal information belonging to pediatric patients, parents and guardians. Connexin has listed all of the affected pediatric practices in its notice on the incident.
Recommendations: As Social Security numbers were among the data points exposed in the breach, it’s highly recommended that you place a credit freeze and fraud alert on any accounts that may be at risk. This is advisable even if you have not received a data breach notification from Connexin. The software company is also offering a year’s worth of child identity monitoring services free of charge. You must activate the services within six months of receiving the data breach notification letter.
Information belonging to millions of Twitter users leaked online
What we know: Information belonging to more than 5.4 million Twitter users has been shared, for free, on a hacker forum. The data had previously been for sale in August after unknown hackers were able to compromise an API vulnerability. The affected data points include users’ email address, phone number and other information related to their Twitter profile. Additionally, security researcher Chad Loder warned millions of other Twitter users may be at risk, as hackers were able to exploit the same vulnerability as early as 2021.
Recommendations: If you are a Twitter user, immediately change your password and enact two-facto authentication if you haven’t done so already. Be on the lookout for suspicious emails that may be part of a phishing campaign. Phishing emails will try to scare you into turning over sensitive information. Remember: Twitter will never ask you for your login credentials or any other personal information. If you receive an email from someone claiming to be from Twitter asking for these data points, do not engage with it any further. Additionally, cybercriminals can conduct phishing attacks through your phone. One tactic involves sending phishing messages via SMS text messages, a tactic known as “smishing.”
Stay on top of risk this holiday season
As the year comes to an end and we enter the holiday season, now’s not the time to turn your attention away from cyberthreats. In fact, cybercriminals are more active than ever during this part of the year, particularly with the popularity of online shopping.Learn how you can protect yourself and your loved ones from holiday phishing scams, as well as the best ways to protect your children’s online privacy.