Every week we share the notable news in cybersecurity and for the most part, attacks can be fairly predictable. Most efforts by hackers are for the goal of collecting account data, selling on the dark web, and building large scale cyber attacks from there. But this week there are a couple of stories that are a bit out of the norm. On the list of odd cyber attacks is one that we never saw coming: x-rays of male genitalia being leaked onto a Facebook group. It really goes to show that the internet will always foster new ways to utilize technology – for good and bad the same. So remember to practice good cybersecurity: do not reuse passwords, always confirm whom you are sharing sensitive information with, and track where your digital identity may be exposed on HackNotice Personal for free HERE.

Share this post with your friends as a reminder to why their birth year should not be their password

Photo by National Cancer Institute

X-rays of male genitalia may have been shared online by central Pa. imaging employee: police

Fairview Township police are investigating reports that a Quantum Imaging employee broke patient confidentiality to share X-rays of male genitalia in a Facebook group… In a press release posted to Facebook, Quantum said “reports of possible criminal activity involving a patient privacy breach” by a non-physician employee were received on Tuesday. The imaging company immediately shared this with the police, according to the release.

In a story such as this, the key takeaway is that risk isn’t always from outside of the organization – a company’s very own employees can be a cybersecurity risk.

Photo by Chris Murray on Unsplash

US actor casting company leaked private data of over 260,000 individuals

A popular website used to cast US talent in movies and television shows exposed the data of roughly 260,000 individuals online… New Orleans-based MyCastingFile.com is an online casting agency that recruits talent. Users can sign up — for free or on a subscription basis — to apply for casting notices. The company claims to have provided actors for productions including True Detective, Pitch Perfect, NCIS: New Orleans, and Terminator Genisys.

When databases that contain the personal information of hundreds of thousands of people aren’t secured they become a goldmine for hackers.


 

 

Think your path to Hollywood landed your personal information into the hands of hackers? If you suspect your information has been part of a data leak, use HackNotice Instant Check for free and see if your data is being shared by hackers. Simply click HERE and enter the information you want checked.

 


 

 

Photo by Adam Birkett on Unsplash

Iranian Spies Accidentally Leaked Videos of Themselves Hacking

Researchers at IBM’s X-Force security team revealed today that they’ve obtained roughly five hours of video footage that appears to have been recorded directly from the screens of hackers working for a group IBM calls ITG18, and which other security firms refer to as APT35 or Charming Kitten. It’s one of the most active state-sponsored espionage teams linked to the government of Iran. The leaked videos were found among 40 gigabytes of data that the hackers had apparently stolen from victim accounts, including US and Greek military personnel. Other clues in the data suggest that the hackers targeted US State Department staff and an unnamed Iranian-American philanthropist.

If you thought opening up a Facetime call by accident while you were in your pajamas is embarrassing… imagine filming yourself doing something illegal.

Photo by Jr Korpa on Unsplash

The Twitter Hack Shows a Major Cybersecurity Vulnerability: Employees

This was a particularly flashy breach, but in the end, it was just another in a long parade of cybersecurity incidents at high-profile and smaller companies alike. While cybersecurity advances have hardened IT infrastructure and made it increasingly difficult to hack systems remotely, criminals have a logical way around these measures: targeting the employees who are already inside the systems. This wasn’t even the first time Twitter has fallen victim to a social engineering attack. 

It’s not the size of the company that matters, it’s the systems in place that ensure all team members practice good cybersecurity.

 


That’s this week’s roundup, showing that every industry benefits when good cybersecurity habits are followed. So wash your hands and keep your passwords secure. Thanks for reading, stay safe and we’ll see you next week!

Exclusive offer for Weekly Roundup readers. Get 30% off your first 3 months of HackNotice Premium with coupon code: summer30. Enter that code in the Premium Upgrade page before it expires quick!