This week’s roundup looks over a busy streak from the cyber criminals that affected many organizations. It goes to show how any person or company online is a target for potential hacks. So remember to practice good cybersecurity: do not reuse passwords, always confirm whom you are sharing sensitive information with, and track where your digital identity may be exposed on HackNotice Personal for free HERE.

Share this post with your friends as a reminder to why their birth year should not be their password

Photo by Rahul Chakraborty on Unsplash

An Alexa bug could have exposed your voice history to hackers

Findings published on Thursday by the security firm Check Point reveal that Alexa’s Web services had bugs that a hacker could have exploited to grab a target’s entire voice history, meaning their recorded audio interactions with Alexa. Amazon has patched the flaws, but the vulnerability could have also yielded profile information, including home address, as well as all of the “skills,” or apps, the user had added for Alexa. An attacker could have even deleted an existing skill and installed a malicious one to grab more data after the initial attack.

Alexa is basically like your coworker that always gets your lunch order wrong, but also manages to loses your credit card at the same time.

Photo by Gabe Pierce on Unsplash

Looting Causes Data Breach at Walgreens

America’s second-largest pharmaceutical chain contacted impacted customers in July to disclose the data breach. Walgreens spokesperson Jim Cohn told the Philadelphia Inquirer that 180 Walgreens stores had been looted but declined to state which specific ones… Sensitive information exposed in the spate of looting included customers’ full name, address, date of birth/age, phone number, email address, balance rewards numbers and photo ID numbers. Vaccination information was also exposed along with prescription details and clinical and health plan information.

If you’ve had to pick up prescription medication and ended up buying snacks and a magazine while you wait, be sure to check if your information has been sold on the dark web.


 

Think your prescription info has been hacked and landed your personal information into the hands of hackers? If you suspect your information has been part of a data leak, use HackNotice Instant Check for free and see if your data is being shared by hackers. Simply click HERE and enter the information you want checked.


Photo by visuals on Unsplash

Addison Rae’s TikTok Account Disabled After Apparent Hack, Then Restored

Addison Rae is the highest-earning TikTokker, pulling in about $5 million for the 12-month period ending in June 2020, according to Forbes estimates. The 19-year-old joined TikTok in July 2019, starting out (like many TikTok creators) by sharing dance videos set to the platform’s trending songs. After quickly gaining a large following, she left Louisiana State U. to move to Los Angeles as a full-time TikTok creator.

It’s a good thing you never downloaded the app just to try that viral dance, right?

Photo by Adam Nowakowski on Unsplash

High-Speed Trader Virtu Discloses $6.9 Million Hacking Loss

Virtu Financial Inc. said it lost $6.9 million to hackers who seized control of the email account of one of its executives and used fake emails to send two fraudulent wire transfers to bank accounts in China…Virtu, one of the world’s largest high-speed trading firms, disclosed the May breach in a lawsuit filed Monday against Axis Insurance Co., in an effort to get the insurer to cover the loss.

C level employees and directors are prime targets for this very reason.

Photo by Stanislaw Zarychta on Unsplash

FBI Hacked Hamas, Al-Qaeda Websites to Seize Crypto Donations

US authorities… said they have located and seized a collection of bitcoin accounts that belong to three terrorist groups in the largest seizure of that cryptocurrency ever, worth millions of dollars at current exchange rates. The forfeiture complaints that were unsealed in a Washington federal court involve the military wing of Hamas, in addition to al-Qaeda and ISIS. The jihadist movements and some other violent jihad-related groups have been locked out of the traditional financial system. But over the last few years they developed an increasingly sophisticated campaign to raise money using Bitcoin, the US Justice Department said.

Hard to find hack-related news that aren’t negatively affecting the bank accounts of everyday people, but this counts as a win.

Photo by Sandra Grünewald on Unsplash

Gun Owners Beware—Hacker Offers 240,000 Stolen Records On Crime Forum: Report

An August 10 posting on a cybercrime forum says it is giving away stolen databases, containing a total of 240,000 records from the Utah Gun Exchange, for free. The same hacker is also offering two other smaller stolen databases, one from a hunting site and another from a “kratom” herb site, again with no payment required… What links all three, according to information supplied to the publication by threat intelligence specialists, is that all of the advertised databases were all from Utah-based businesses hosted on the same Amazon cloud server.

Guns don’t hack people, people hack people.

Photo by Hermes Rivera on Unsplash

Hackers Breach into Over 10,000 Canadian Government Accounts, Targeting COVID-19 Relief Package

Thousands of Canadian government accounts were compromised following cyberattacks, authorities confirmed on Saturday, August 15. The attacks were aimed at stealing COVID-19 relief packages. In two separate cyberattacks, usernames and passwords of 9,041 GCKey service were hacked. Around 30 government departments use GCKey service. In another attack, about 5,500 Canada Revenue Agency (CRA) accounts had been compromised.

Victims of the pandemic aren’t just the ones who get infected with the virus.

Photo by Marcel Strauß on Unsplash

Jack Daniel’s Manufacturer Was Target of Apparent Ransomware Attack

Brown-Forman Corp., a manufacturer of alcoholic beverages including Jack Daniel’s and Finlandia, said it was hit by a cyber-attack in which some information, including employee data, may have been impacted.The company, which is based in Louisville, Kentucky, said in a statement it was able to prevent its systems from being encrypted, which is normally caused by ransomware attacks. It provided few other details about the incident, including when it happened or how the hackers accessed the data.

Further proof that hackers hold nothing sacred if it means they can get some information they can sell and share on the dark web.

 


That’s this week’s roundup, showing that every industry benefits when good cybersecurity habits are followed. So wash your hands and keep your passwords secure. Thanks for reading, stay safe and we’ll see you next week!

Exclusive offer for Weekly Roundup readers. Get 30% off your first 3 months of HackNotice Premium with coupon code: summer30. Enter that code in the Premium Upgrade page before it expires quick!