This roundup is a long list of hacks that affect multiple industries. The key takeaway is that hackers are attracted to vulnerabilities and don’t care about who it affects – like hospital patients in urgent care. Nothing is safe, even dating apps and sex toys have gotten hacked recently; there’s literally no industry unaffected by hackers. The state of cybersecurity has gotten so bad that hackers are offering advice to organizations to make it more of a fair fight. So remember to practice good cybersecurity: do not reuse passwords, always confirm whom you are sharing sensitive information with, and be careful when clicking on suspicious links.

Share this post with your friends as a reminder to why “password” should not be their password

Photo by NESA by Makers on Unsplash

 

Santiago Lopez started invading corporate computer systems at age 16, after he learned to hack from YouTube videos and like-minded friends. Now 21, he says he never wanted to commit crimes. Rather, he is a bounty hunter, invited by companies to find holes in their business networks and burrow into their vulnerable data. The idea is that a company will then fix what’s wrong to harden itself against bad actors—“black-hat” hackers—looking to steal data, conduct espionage and disrupt business operations.

 

It says a lot when hackers are offering free cybersecurity advice to businesses.

 


 

Think sensitive information about your business has landed into the hands of hackers? If you suspect your information has been part of a data leak, use HackNotice Instant Check for free and see if your data is being shared by hackers. Simply click HERE and enter the information you want checked.

 


Photo by Will Porada on Unsplash


 

The US Treasury issued new guidance this month warning that victims of ransomware attacks could themselves face civil penalties if they pay ransom to hackers affiliated with a sanctioned nation-state. Countries including North Korea have previously been linked to ransomware attacks. Ransomware hackers often target local government agencies and hospitals, hoping that the organizations will feel pressured to pay ransoms in order to keep providing services to constituents or patients.

Penalizing organizations that are already suffering at the hands of hackers is a step backwards – so it’s even more important to prevent cyber attacks before they occur.

Photo by Marjan Grabowski on Unsplash


 

A hack on Grindr allowed anyone with the email address linked to a valid account to reset the user’s password and take over their profile. Security experts revealed the vulnerability online – and reported it the LGBT dating app. It enabled full access to an individual’s account, including images, messages and HIV status.

This adds another dating app that has been successfully targeted by cybercriminals.

Photo by Ben White on Unsplash

A security flaw in a hi-tech chastity belt for men made it possible for hackers to remotely lock all the devices in use simultaneously. The internet-linked sheath has no manual override, so owners might have been faced with the prospect of having to use a grinder or bolt cutter to free themselves from its metal clamp.


Many questions here but we can’t get into detail, it’s just hack-related.

Photo by Natanael Melchor on Unsplash

 

The hospital chain Universal Health Services said Thursday that computer services at all 250 of its U.S. facilities were hobbled in last weekend’s malware attack and efforts to restore hospital networks were continuing. Doctors and nurses at affected hospitals and clinics, many already burdened with coronavirus care, have had to rely on manual record-keeping, with lab work slowed. Employees have described chaotic conditions impeding patient care.

 

Care providers shouldn’t be targeted for cybersecurity holes, but cybercriminals attack wherever they see vulnerabilities.

Photo by Harlie Raethel on Unsplash

 

Mayo Clinic is notifying more than 1,600 patients that a former employee inappropriately accessed their health records, but apparently did not retain any information gleaned from them. The Rochester-based health system said in a statement Monday afternoon that an unnamed health care worker looked at electronic “data elements” including patient names, demographic information, dates of birth, medical-record numbers, clinical notes and, in some cases, medical images.


When hackers are looming from outside, it’s tough to also fight bad actors from the inside.

Photo by Sara Kurfeß on Unsplash

 

Two members of Team Executer, a hacking and piracy organization known for its Nintendo hacks, have been arrested and charged with fraud. Gary Bowser and Max Louarn were arrested in the Dominican Republic and are both known for allegedly leading the group to make tools such as the SX Pro USB that allows pirated games to run on the Nintendo Switch.

The hackers could face up to 20 years each for their intellectual property infringement for personal gain.

Photo by Sudan Ouyang on Unsplash

TechCabal Daily – Massive data breach in Uganda hits three big tech companies

A data breach in Uganda has affected some of the country’s biggest firms. How did that happen? Unidentified hackers gained access to the system of Pegasus technologies. The company’s flagship product, PegPay payments platform, is used by banks and telcos for “financial and billing solutions.” What did the hackers make away with? 

 

This breach is a cost of 800 million Ugandan shillings for these companies – at a minimum.

 


 

That’s this week’s roundup, showing that every industry benefits when good cybersecurity habits are followed. So wash your hands and keep your passwords secure. Thanks for reading, stay safe and we’ll see you next week!

Exclusive offer for Weekly Roundup readers. Get 30% off your first 3 months of HackNotice Premium with coupon code: fall30. Enter that code in the Premium Upgrade page before it expires quick!