Weekly Cybersecurity Recap October 20
Table of Contents
- By Steven
- Published: Oct 20, 2023
- Last Updated: Nov 23, 2023
This week, we noticed increased targeting of medical information; surgeries, health centers, and clinics were all made victims by successful hacking plots. The most recent attack involved Chicago’s Cook County Health. Alabama and Virginia also had specialized assaults, resulting in three data breaches across the states. Shadow PC also suffered a breach, which may have put thousands of gamers around the globe at risk. Decathlon was also in the news; they announced the return of information from a breach years ago. Learn more about each breach below and take action to protect yourself if your details are involved.
Shadow PC
International gaming host Shadow PC kicked off this week by announcing hackers attacked one of their SaaS providers. The assault was a product of social engineering and compromised over half a million individual credentials. The stolen information included the customer’s date of birth, names, addresses, IP connections, emails, the last four of their credit cards, and the card expiration date. The breach is a significant issue for gamers, but they can likely protect themselves before the information is misused.
Decathlon
Haunted by a data breach from 2021, Decathlon reports employee information from that time may have surfaced. The assailants purportedly gained access to employee names, contact information, country of residence, usernames, authentication tokens, and photos. The breach didn’t happen within Decathlon’s systems but from third-party vendor Bluenove. Although the breach mainly targeted employees, consumers are likely to feel the impact of the data leak, too.
Fairfax Oral and Maxillofacial
Hackers also attacked a surgery clinic out of Northern Virginia, leaking 235,000+ patient records. The stolen information includes patient names and Social Security Numbers (SSN), health insurance, medical history, and driver’s license. The losses in this data breach were significant, made worse by the uncertain future of the data. As a result, Northern Virginia patients may have to look elsewhere for their treatments.
Cook County Health
Fairfax isn’t the only health-inclined victim this week. Cook County Health, which serves Chicago, also suffered a data breach. Like Decathlon, the breach source was a third-party vendor: Perry Johnson & Associates. The breach may have exposed patient names, addresses, medical record numbers, medical histories, dates of service, and SSNs. Upon discovering the cyber security incident, Cook County immediately terminated its relationship with PJ&A. Those who think the assailants may have exposed their information in the breach must take immediate steps to protect themselves.
AIDS Alabama Incorporated
The third reported medical facility reported this week, AIDS Alabama, is an emotional, community, and medical support provider. Their attack happened almost two years ago, but their discovery happened only recently. The threat actors may have accessed patient names, addresses, contact information, SSNs, diagnoses, health insurance, providers, and received services. The public is still waiting to learn more about the breach, but we know the attack may impact thousands. They could face significant losses. As more details come to light, those involved will receive notices; watch out for fakes. Confirm where the letter comes from before acting.
