on affecting “ a small percentage of our Radisson Rewards members ” . Business Traveller was alerted to the incident by one of our readers , who had received an email from Radisson confirming that his details had been compromisedAttack.Databreach. Radisson says that it identified the breach on October 1 , although it ’ s not clear exactly when the incident occured . A statement on the group ’ s website states : “ This data security incident did not compromiseAttack.Databreachany credit card or password information . Our ongoing investigation has determined that the information accessedAttack.Databreachwas restricted to member name , address ( including country of residence ) , email address , and in some cases , company name , phone number , Radisson Rewards member number and any frequent flyer numbers on file . “ Upon identifying this issue Radisson Rewards immediately revoked access to the unauthorized person ( s ) . All impacted member accounts have been secured and flagged to monitor for any potential unauthorized behavior . “ While the ongoing risk to your Radisson Rewards account is low , please monitor your account for any suspicious activity . You should also be aware that third parties may claim to beAttack.PhishingRadisson Rewards and attempt to gather personal information by deception ( known as “ phishingAttack.Phishing” ) , including through the use of links to fake websites . Radisson Rewards will not ask for your password or user information to be provided in an e-mail . “ Radisson Rewards takes this incident very seriously and is conducting an ongoing extensive investigation into the incident to help prevent data privacy incidents from happening again in the future. ” Radisson says that affected members will have receives an email notification from Radisson Rewards either yesterday ( October 30 ) or today ( October 31 ) . In the FAQs Radisson stresses that credit card data was not exposed by the breachAttack.Databreach, nor were members ’ passwords or travel histories / future stays . The hotel group is the latest in a line of travel companies to suffer data breachesAttack.Databreach, with British Airways and Cathay Pacific both admitting to compromisedAttack.Databreachdata in the last couple of months .
INDIANAPOLIS — Officials at Scotty ’ s Brewhouse are scrambling to deal with a data breachAttack.Databreachthat leakedAttack.Databreachthousands of employee W-2 forms to an unknown scammer . That 's according to our news reporting partners at CBS4 Indy . Company officials called police about the leak Monday afternoon . Somebody posing asAttack.PhishingCEO Scott Wise emailedAttack.Phishinga payroll employee , asking her to send all 4,000 W-2 forms to him . The e-mail wasn ’ t really from Wise , but the employee did send all the forms , giving the scammer personal finance information for all those employees . Scotty ’ s Brewhouse executives contacted the IRS and Indianapolis Metropolitan Police Department about the breach . They ’ re now working to notify all their employees and give them steps to protect their financial information . IMPD and other agencies are involved in the investigation into who sentAttack.Phishingthe bogus email . This email scamAttack.Phishingmatches a phishing schemeAttack.Phishingthat prompted a warning from the IRS last year during tax season . At that time , the agency recorded a 400 percent increase in this kind of scam . The IRS has a website to use if your W-2 or other information has been leakedAttack.Databreach. Tuesday evening , Scotty 's Brewhouse issued a statement on the situation : Yesterday Scotty ’ s Holdings , LLC and its subsidiary , affiliate and managed entities were the victims of an email phishing scamAttack.Phishingthat resulted in the disclosure of 2016 W-2 information . Scotty ’ s has confirmed that no customer information was obtainedAttack.Databreachby the scammers in yesterday ’ s phishing scamAttack.Phishing. Scotty ’ s is working closely with federal and local law enforcement and the credit bureaus to limit any potential misuse of the information that was obtainedAttack.Databreachand to identify and apprehend the scammers . “ Unfortunately , Scotty ’ s was the target of and fell victim to scammers , as so many other companies have , ” said Scott Wise , CEO of Scotty ’ s Holdings , LLC . “ Scotty ’ s employees and customers are of tremendous importance to the company and Scotty ’ s regrets any inconvenience to its employees that may result from this scamming incident . Scotty ’ s will continue to work with federal and local law enforcement , the Internal Revenue Service and credit bureaus to bring the responsible party or parties to justice. ” Scotty ’ s alerted authorities immediately after it learned of the scam . A toll-free number was set up by the company to answer employee questions . The company will also make available to affected employees one year of credit monitoring at no cost to employees , in addition to providing information regarding available resources for its employees to monitor their credit .
Cybersecurity experts and companies on Long Island are looking for ways to shore up the weakest link on company computer networks : the employee . Local cybersecurity professionals are creating interactive comic books , testing employees with simulated phishing emails — tailored messages that seek to obtain key information , such as passwords — and seeking to convince top executives that the threat of business disruption from hacking requires their attention . “ The biggest problem is not the technology ; it ’ s the people , ” said Laurin Buchanan , principal investigator at Secure Decisions , a division of Northport software developer Applied Visions Inc. Sixty percent of cyber-assaults on businesses can be traced to insiders ’ actions , either inadvertent or malicious , according to a 2016 study by IBM Security . The average cost of a data breachAttack.Databreachfor U.S. companies is $ 7.4 million , or $ 225 per lost or stolen record , a June 2017 study by IBM and the Ponemon Institute , a Traverse City , Michigan , researcher , found . Costs related to data breachesAttack.Databreachcan include the investigation , legal costs to defend against and settle class-action lawsuits , credit monitoring for affected customers , and coverage of fraud losses . Harder to gauge is the cost to a company ’ s reputation . One of the largest hacksAttack.Databreachever was disclosed this month , when credit reporting company Equifax Inc. revealed that sensitive data from 143 million consumers , including Social Security numbers and birth dates , was exposedAttack.Databreach. A stock analyst from Stifel Financial Corp. estimated that the attack will cost Equifax about $ 300 million in direct expenses . Investors seem to think the incident will have a much greater impact on At a seminar in Garden City this month , Henry Prince , chief security officer at Shellproof Security in Greenvale , explained how in a ransomware attackAttack.Ransom— one of many types — cybercriminals can buy specialized tools such as those used to sendAttack.Phishingphishing emails . The easy availability of that software means that hackers require “ no programming experience , ” Prince said . Phishing emails can be blocked by company email filters , firewalls and anti-virus software . But if one gets throughAttack.Phishingand an employee clicks on the link in the phishing email , the business ’ network is compromised . Hackers can then encrypt files , preventing access to them by the company and crippling the business , Prince said at the seminar . Hackers then can demand paymentAttack.Ransom, typically in an untraceable cryptocurrency like Bitcoin — a digital asset that uses encryption — before agreeing to decrypt the files . “ Ransomware is a business to these people , ” Prince said . “ Ninety-nine percent of the time , ransomware requires user interaction to infect. ” Della Ragione echoed that sentiment : “ The greatest risk at a company is the employees . Training employees is one of the best steps in shoring up your defenses. ” In response , many local experts and companies focus on teaching employees how to resist hackers ’ tricks . Secure Decisions has developed interactive comics to teach employees ways of detecting “ phishing ” emails and other hacking attempts . The company has gotten more than $ 1 million for research related to the interactive comic project , known as Comic-BEE , from the Department of Homeland Security , as well as a grant for $ 162,262 from the National Science Foundation . The comics , inspired by children ’ s “ Choose Your Own Adventure ” books , feature different plots depending on the reader ’ s choices . “ If you can give people the opportunity to role-play , some of the exhortations by the experts will make more sense , ” Buchanan said . The comics are being field-tested at several companies and Stony Brook University . They were featured in July at a DHS cybersecurity workshop in Washington , D.C. Radu Sion , a computer science professor at Stony Brook and director of its National Security Institute , which studies how to secure digital communications , acknowledged that security is far from a priority for most users . “ Ultimately , the average Joe doesn ’ t care , ” he said . “ You [ should ] treat the vast majority of your users as easily hackable. ” Northwell Health , the New Hyde Park-based health care system that is the largest private employer in New York State , is trying to find and get the attention of those inattentive employees . Kathy Hughes , Northwell vice president and chief information security officer , sends out “ phishing simulations ” to the workforce . The emails are designed to mimicAttack.Phishinga real phishing campaignAttack.Phishingthat seeks passwords and personal information . In April , for instance , Northwell sent outAttack.Phishingphishing emails with a tax theme . Hughes collects reports on which employees take the baitAttack.Phishingby user , department and job function . “ We present them with a teachable moment , ” she said . “ We point out things in the email that they should have looked at more carefully. ” The emails are supplemented with newsletters , screen savers and digital signage reminding users that hackers are lurking . Another tool : Non-Northwell emails have an “ external ” notation in the subject line , making it harder for outsiders to pretend to beAttack.Phishinga colleague . “ We let [ the employees ] know that they are part of the security team , ” she said . “ Everybody has a responsibility for security. ” One of the most important constituencies for security is top executives . Drew Walker , a cybersecurity expert at Vector Solutions in Tampa , Florida , said many executives would rather not know about vulnerabilities to their computer systems , because knowledge of a hole makes them legally vulnerable and casts them in a bad light . “ Nine times out of 10 , they don ’ t want to hear it , ” he said . “ It makes them look bad. ” Richard Frankel , a former FBI special agent who is of counsel at Ruskin Moscou , said that company tests of cybersecurity readiness often snare CEOs who weren ’ t paying attention to training . But attorney Della Ragione said high-profile attacks are getting notice from executives . “ Everyone ’ s consciousness is being raised , ” she said . Data leaksAttack.Databreachat Long Island companies have caused executives to heighten security . In 2014 , Farmingdale-based supermarket chain Uncle Giuseppe ’ s Marketplace said that foreign hackers had breachedAttack.Databreachthe credit card database of three stores . Joseph Neglia , director of information technology at Uncle Giuseppe ’ s , said that after the data breachAttack.Databreach, which affected about 100 customers , the company began scheduling “ monthly vulnerability scans ” and upgraded its monitoring and security systems . For businesses , Stony Brook ’ s Sion said , the cybersecurity threat is real and immediate . “ I need one second with your machine to compromise it forever and ever , ” he said . “ It ’ s an uphill battle . ”
LabCorp , one of the largest clinical labs in the U.S. , said the Samsam ransomware attackAttack.Ransomthat forced their systems offline was contained quickly and did n't result in a data breachAttack.Databreach. However , in the brief time between detection and mitigation , the ransomware was able to encrypt thousands of systems and several hundred production servers . The wider public first learned about the LabCorp incident on Monday , when the company disclosed it via an 8-K filing with the SEC . Since then , as recovery efforts continue , the company said they 're at about 90-percent operational capacity . According to sources familiar with the investigation , the Samsam attackAttack.Ransomat LabCorp started at midnight on July 13 . This is when the Samsam group used brute force against RDP and deployed ransomware by the same name to the LabCorp network . At 6:00 p.m. on Saturday , July 14 , the first computer was encrypted . The LabCorp SOC ( Security Operation Center ) immediately took action after that first system was encrypted , alerting IR teams and severing various links and connections . These quick actions ultimately helped the company contain the spread of the infection and neutralize the attack within 50 minutes . However , before the attack was fully contained , 7,000 systems and 1,900 servers were impacted . Of those 1,900 servers , 350 were production servers . The analysis and recovery continued at that point . This led the company to confirm the source of the attack as a brute forced RDP instance , and confirm that only Windows systems were impacted . According to NetFlow management and traffic monitoring , nothing left the network during the attack , so the company is confident that there was no data breachAttack.Databreach. Given the RDP connection to this attack , and the fact that most attacks of this nature are bi-directional , LabCorp will likely implement two-factor authentication in the future . It is n't clear if the company has a timeline for these changes , or if two-factor authentication was already in place at the time of the attack . Salted Hash has reached out to LabCorp for additional comment and will update should they respond . However , because LabCorp was able to detect and respond to the attack quickly , they likely saved themselves from costly and lengthy outages . It 's also likely that backups ( tested and current ) played a large role in the recovery phase of the incident . The last time the Samsam group was in the news , they had attacked the Colorado Department of Transportation twice in two weeks and the City of Atlanta . In March , based on the current value of Bitcoin at the time , it was estimated that the group had earned nearly $ 850,000 USD from their victims , who paid the ransom demandsAttack.Ransom.
East Ohio Regional Hospital in Harper 's Ferry , Ohio , and Ohio Valley Medical Center in Wheeling , West Virginia , both got affected by ransomware on the last weekend of November . [ 1 ] Due to this incident , ambulance patients were transported to other hospitals nearby and emergency room admissions were limited to walk-up patients only . Due to attack , employees needed to switch to paper charting and various systems were taken offline immediately . This fairly quick response limited the ransomware damage and prevented the possible data breachAttack.Databreach. [ 2 ] According to Karin Janiszewski , director of marketing and public relations for EORH and OVMC , hospitals reacted as soon as possible and , at the moment of writing , they are already using the computer network . On the following Saturday , Karin Janiszewski stated : There has been no patient information breachAttack.Databreach. The hospitals are switching to paper charting to ensure patient data protection . We have redundant security , so the attack was able to get through the first layer but not the second layer . IT staff dealt with the outbreak to avoid a data breachAttack.DatabreachWhen it comes to malware attacks on large companies , the lossAttack.Databreachof personal customer data is the worst thing that can happen . It seems that this time the situation was handled quick enough to prevent having the sensitive data being compromisedAttack.Databreach. IT team took several computers offline , and , because of this , most of the clinical operations transferred to other units , and emergency patients were automatically taken to different locations . On Saturday , when the incidents occurred , hospital officials stated that the staff is ready to take everything on paper until the downtime is over . Also , since this is a ransomware-type malware attackAttack.Ransom, hackers demand a ransomAttack.Ransom. However , officials did not select the scenario involving making the paymentAttack.Ransom. No matter how big or how little the ransom demandAttack.Ransomis , officials should n't even consider making the paymentAttack.Ransombecause it may lead to system damage or permanent data loss . [ 3 ] In the United States , data breachesAttack.Databreachand malware attacks on huge organizations have become a common thing , especially in the healthcare industry . In 2016 Hollywood Presbyterian Hospital paid the demanded ransomAttack.Ransomin Bitcoin after having its data encrypted . [ 4 ] The infection was widespread and the attackAttack.Ransomcost around $ 17 000 . Another incident that resulted in ransom paymentAttack.Ransomwas spotted in Kansas Heart Hospital in 2016 also . Unfortunately , after the payment was madeAttack.Ransom, attackers disappeared ignoring the promise to decrypt locked files . They send yet another ransom demandAttack.Ransominstead and asked forAttack.Ransoma bigger amount of money . Previously this year , the Indiana-based hospital got infected with SamSam which is an infamous ransomware virus which has been relying on specific infection tactics which is highly personalized . After considering different scenarios , the hospital decided to payAttack.Ransom4 BTC ( equal to $ 45 000 at that time ) for ransomware developers to get private keys needed for files ' recovery . Ransomware developers gave what they promised .
Hard Rock Hotels & Casinos alongside Loews Hotels have warned customers that a security failure may have resulted in the theft of their information . Both incidents appear to have been linked to a third-party reservation platform , SynXis , which only begun informing client hotels of the security breach in June , months after the attacks took place . Hard Rock Hotels & Casinos issued a statement informing customers of the data breachAttack.Databreachlast week , which took place due to the Sabre Hospitality Solutions SynXis third-party reservation system . The hotel chain , which operates 176 cafes , 24 hotels and 11 casinos in 75 countries , said SynXis , the backbone infrastructure for reservations made through hotels and travel agencies , provided the avenue for data theftAttack.Databreachand the exposureAttack.Databreachof customer information . `` The unauthorized party first obtained accessAttack.Databreachto payment card and other reservation information on August 10 , 2016 , '' the hotel chain said. `` The last accessAttack.Databreachto payment card information was on March 9 , 2017 . '' Hard Rock Hotel & Casino properties in Biloxi , Cancun , Chicago , Goa , Las Vegas , Palm Springs , Panama Megapolis , Punta Cana , Rivera Maya , San Diego and Vallarta are all affected . According to Sabre , an `` unauthorized party gained accessAttack.Databreachto account credentials that permitted unauthorized accessAttack.Databreachto payment card information , as well as certain reservation information '' for a `` subset '' of reservations . The attacker was able to grabAttack.Databreachunencrypted payment card information for hotel reservations , including cardholder names , card numbers , and expiration dates . In some cases , security codes were also exposedAttack.Databreach, alongside guest names , email addresses , phone numbers , and addresses . In May , Sabre said an investigation into a possible breach was underway . In a quarterly SEC filing , the company said , `` unauthorized access has been shut off , and there is no evidence of continued unauthorized activity at this time . '' While Sabre has not revealed exactly how the system was breached , the company has hired third-party cybersecurity firm Mandiant to investigate . Loews Hotels also appears to be a victim of the same security failure . According to NBC , Sabre was also at fault and cyberattackers were able to slurpAttack.Databreachcredit card , security code , and password information through the booking portal . In some cases , email addresses , phone numbers , and street addresses were also allegedly exposedAttack.Databreach. According to Sabre , its software is used by roughly 36,000 hotel properties . `` Not all reservations that were viewed included the payment card security code , as a large percentage of bookings were made without a security code being provided , '' Sabre said in a statement . `` Others were processed using virtual card numbers in lieu of consumer credit cards . Sabre has notified law enforcement and the credit card brands as part of our investigation . '' If you stayed in one of these properties on the dates mentioned above , you may be at risk of identity theft should the attackers choose to sell their stolen cache of data . Sabre suggests signing up for a free credit report -- available to US consumers once a year for free -- and notify their bank of any stolen activity . However , no compensation has yet been made available . These hotel chains are far from the only ones that have suffered a data breachAttack.Databreachin recent years . Back in April , InterContinental admitted that a data breachAttack.Databreachfirst believed to be isolated to 12 properties actually harmed roughly 1,200 , resulting in the exposureAttack.Databreachof customer credit card data .
Hard Rock Hotels & Casinos alongside Loews Hotels have warned customers that a security failure may have resulted in the theft of their information . Both incidents appear to have been linked to a third-party reservation platform , SynXis , which only begun informing client hotels of the security breach in June , months after the attacks took place . Hard Rock Hotels & Casinos issued a statement informing customers of the data breachAttack.Databreachlast week , which took place due to the Sabre Hospitality Solutions SynXis third-party reservation system . The hotel chain , which operates 176 cafes , 24 hotels and 11 casinos in 75 countries , said SynXis , the backbone infrastructure for reservations made through hotels and travel agencies , provided the avenue for data theftAttack.Databreachand the exposureAttack.Databreachof customer information . `` The unauthorized party first obtained accessAttack.Databreachto payment card and other reservation information on August 10 , 2016 , '' the hotel chain said. `` The last accessAttack.Databreachto payment card information was on March 9 , 2017 . '' Hard Rock Hotel & Casino properties in Biloxi , Cancun , Chicago , Goa , Las Vegas , Palm Springs , Panama Megapolis , Punta Cana , Rivera Maya , San Diego and Vallarta are all affected . According to Sabre , an `` unauthorized party gained accessAttack.Databreachto account credentials that permitted unauthorized accessAttack.Databreachto payment card information , as well as certain reservation information '' for a `` subset '' of reservations . The attacker was able to grabAttack.Databreachunencrypted payment card information for hotel reservations , including cardholder names , card numbers , and expiration dates . In some cases , security codes were also exposedAttack.Databreach, alongside guest names , email addresses , phone numbers , and addresses . In May , Sabre said an investigation into a possible breach was underway . In a quarterly SEC filing , the company said , `` unauthorized access has been shut off , and there is no evidence of continued unauthorized activity at this time . '' While Sabre has not revealed exactly how the system was breached , the company has hired third-party cybersecurity firm Mandiant to investigate . Loews Hotels also appears to be a victim of the same security failure . According to NBC , Sabre was also at fault and cyberattackers were able to slurpAttack.Databreachcredit card , security code , and password information through the booking portal . In some cases , email addresses , phone numbers , and street addresses were also allegedly exposedAttack.Databreach. According to Sabre , its software is used by roughly 36,000 hotel properties . `` Not all reservations that were viewed included the payment card security code , as a large percentage of bookings were made without a security code being provided , '' Sabre said in a statement . `` Others were processed using virtual card numbers in lieu of consumer credit cards . Sabre has notified law enforcement and the credit card brands as part of our investigation . '' If you stayed in one of these properties on the dates mentioned above , you may be at risk of identity theft should the attackers choose to sell their stolen cache of data . Sabre suggests signing up for a free credit report -- available to US consumers once a year for free -- and notify their bank of any stolen activity . However , no compensation has yet been made available . These hotel chains are far from the only ones that have suffered a data breachAttack.Databreachin recent years . Back in April , InterContinental admitted that a data breachAttack.Databreachfirst believed to be isolated to 12 properties actually harmed roughly 1,200 , resulting in the exposureAttack.Databreachof customer credit card data .
Global software industry advocate BSA | The Software Alliance is warning Australian organisations to be mindful of the security risks involved with using unlicensed software after it settled with a record number of infringement settlements last year . A total of 28 case settlements for the use of unlicensed software occurred in 2017 – twice the amount in 2016 . The 28 settlements were worth more than $ 347,000 in damages against businesses across Australia . BSA warns that with the Notifiable Data BreachesAttack.Databreachlegislation now in effect , this is a good time for organisations to consider the risks unlicensed software bring to their business . “ Businesses need to remember that unlicensed software , or software downloaded from an unknown source , may contain malware which puts an organisation and its customers at significant risk of becoming the victim of a data breachAttack.Databreach, ” comments BSA APAC ’ s director of compliance programs , Gary Gan . “ Without properly licensed software , organisations don ’ t receiveVulnerability-related.PatchVulnerabilitypatch updates which strengthen the software ’ s security and addressVulnerability-related.PatchVulnerabilityvulnerabilities , which otherwise would leave the business exposed. ” One of the 28 settlements involved a Western Australia-based energy company that was found using unlicensed software . The settlement amounted to more than $ 40,000 . Every business caught using unlicensed software had to purchase genuine software licenses for ongoing use on top of the copyright infringement damages . “ It ’ s especially important that organisations are ensuring they ’ re doing all they can to protect their data given the recent introduction of NDB legislation . In order to stay on top of their software licensing , businesses should consider investing in SAM tools . The potential consequences faced by businesses that are found to be using unlicensed software far outweighs the cost of investment into SAM , something that all businesses should be considering , ” Gan continues . The BSA continues to clamp down on unlawful use of its members ’ software . Members include Adobe , Apple , IBM , Microsoft , Okta , Oracle , Symantec , Trend Micro and Workday , amongst others . BSA offers up to $ 20,000 to eligible recipients who disclose accurate information regarding unlawful copying or use of BSA members ’ software . Potential recipients must provide assistance and evidence to support the information , as may be required by the BSA ’ s legal advisers , in connection with any claim or legal proceedings initiated by the BSA members . BSA says it remains committed to its role in raising awareness of the risks to businesses when using unlicensed software and the damaging effects that software piracy has on the Australian IT industry .
Science Inc. , the company behind the popular online poll creation app Wishbone , has suffered a data breachAttack.Databreach. As a consequence , personal and account information of over 2.2 million of the app ’ s users is being circulatedAttack.Databreachon underground forums . The compromised records include names , usernames , email addresses and telephone numbers of the users , but also their gender and birth date ( if they chose to share that info when they set up the account ) . According to Troy Hunt , who received a copy of the compromised MongoDB database , 2,326,452 full names , 2,247,314 unique email addresses , and 287,502 cellphone numbers were included . Most importantly , the great majority of Wishbone users are teenagers and young adults , and predominantly female . “ I ’ d be worried about the potential for kids to abuse the data , ” Hunt told Motherboard . “ There ’ s a lot of young people in there and finding , say , young females and being able to contact them by phone is a worry ” . Not only that , but the data could be used to ferret out additional information about these persons , either via phishingAttack.Phishingor by searching the Internet for unsecured social media accounts that can be tied to them . Armed with all this information , fraudsters could easily perpetrate identity theft schemes . And perhaps the stolen data has already been misused . Hunt say that the data breachAttack.Databreachdates back to August 2016 , but according to the notification letter the Wishbone team sent out , they “ became aware that unknown individuals may have had accessAttack.Databreachto an API without authorization and were able to obtainAttack.Databreachaccount information of its users ” only on March 14 , 2017 . Since then , they “ rectifiedVulnerability-related.PatchVulnerability” the vulnerability that allowed the information to be slurpedAttack.Databreachby the attackers , and are now advising users to consider changing their passwords ( even though they have not been compromisedAttack.Databreachin the incidentAttack.Databreach) .
The databases were stolenAttack.Databreachbetween 2011 to 2017 from widely visited forums providing information about Bitcoin mining and trading . The combined number of data stolenAttack.Databreachfrom these forums is more than 12,000,000 including 536,727accounts from MerlinsMagicBitcoin.com which suffered a data breachAttack.Databreachin January 2017 , 514,409 accounts from BitcoinTalk.org forum which was hackedAttack.Databreachin May 2015 , 568,357 stolenAttack.Databreachfrom BTC-E.com back in October 2014 , 21,439 accounts from BTC4Free.com which was hackedAttack.Databreachin January 2014 , 21,439 accounts from BTC4Free.com which was also hackedAttack.Databreachin January 2014 . 3,153 Bitcoin.Lixter.com which was breachedAttack.Databreachin September 2014 , 1,780 BitLeak.net accounts stolenAttack.Databreachback in March 2014 , 28,298 DogeWallet.com accounts stolenAttack.Databreachin January 2014 , 61,011 MtGox.com stolenAttack.Databreachin June 2011 , 34,513 BitsCircle.com ( breachAttack.Databreachdate unknown ) 10,855,376 BitcoinSec from 2014 breachAttack.Databreachand 3,149 accounts from TheBitcoinShop.pixub.com ( breachAttack.Databreachdate unknown ) . In some cases , the passwords have been decrypted while some are using SHA1 hash which is easy to decrypt since Google security researchers have already broken the SHA-1 web security tool last month . The price set for this data is USD 400 ( BTC 0.3817 ) It must be noted that BitcoinTalk.org and BTC-E.com are two of the most important bitcoin related platforms having their data sold on the dark web since 2016 by several other vendors . However , we are not sure about rest of the platforms . Either way , if you have an account on any of the forums mentioned above change your password asap . Also , some of the forums discussed aren ’ t active anymore ; therefore , the relevance of their data is out of the question .
Now , more than ever , a recent report suggests that India ranks second in ransomware attacksAttack.Ransom, this does not come as a surprise to many , especially the industry experts , considering that the country ’ s current state of digital security isn ’ t geared up to handle the emerging threats . It ’ s very likely that India tops the list soon , considering the rapid growth of ransomware . To compound it , the growth in “ Internet of Things ” ( IoT ) industry and the vulnerability towards cyber infections will further fuel new types of malware threats . We had reported earlier in our findings that over 180 Indian companies were victims of Ransomware online extortion schemesAttack.Ransomin the first six months of the year 2016 , causing a loss of whopping $ 3 billion . However , the latest industry reports show a rather grim picture around Ransomware - the findings indicate that businesses in India are most at risk to cyber security attacks globally , with organizations in the country experiencing the highest number of weekly security incidents of all Asian countries surveyed ( 14.8 per cent ) . At the heart of it , Ransomware is a class of malware that ’ s designed for moneymaking with clear criminal intent . The puzzling part about Ransomware is that , no matter what the situation is , even if the ransom is paidAttack.Ransom, there is no guarantee that computer users will be able to fully access their systems ever again . The criminal may flee with the money and the files- both ! While some hackers instructAttack.Ransomvictims to payAttack.Ransomthrough Bitcoin , MoneyPak or other online methods , attackers could also demandAttack.Ransomcredit card data , adding another level of financial loss altogether . Cryptolocker , Petya and Dogspectus are three of the major ransomware making their presence felt strongly . Just like kidnapping for ransomAttack.Ransom, it ’ s a virtual kidnappingAttack.Ransomof data where information is kept as a hostage and money is demandedAttack.Ransomin exchange of freeing the hostage . We all know how much damage a data breachAttack.Databreachcan cost- monetarily as well as reputation wise . Once a ransomware attackAttack.Ransomstrikes , clicking of files yield no results . The malware has corruptedAttack.Databreachthe files and converted them into foreign MP3 files or an encrypted RSA format . And then , the victim gets a note in a text file or HTML file : “ Help_Decrypt_Your_Files ” . In a majority of the cases , once ransomware enters a system , there is no way a user can remove it without losing some files or data , even if one pay the ransomAttack.Ransom. Of late , ransomware has even left behind advanced persistent threat ( APT ) network attacks to grab the numero uno spot in the list of deadliest cyber crimes . Ransomware is fast evolving in form and increasing in number as well , thereby making it more difficult to protect against it . Each version has some properties that are unique to that version alone . This is scary because what is means is , if someone finds a solution to block or erase one version of a malware , that same solution may not work for the newer versions . However , a vast number of ransomware variants are still utilizing the same type of encryption technologies to infect systems . And what ’ s more , these encryption technologies are not just limited to common ones like Tor or I2P communication , but beyond
Payday loan firm Wonga has suffered a data breachAttack.Databreachaffecting up to 245,000 customers in the U.K. A further 25,000 customers in Poland may also be affected , according to the BBC . It says it does not believe customers ’ Wonga account passwords were compromisedAttack.Databreachbut suggests concerned users change their password anyway . Wonga is warning affected customers to be “ extra vigilant ” and to alert their bank of potential risk — though it says it will also be contacting financial institutions about the breach . We ’ ve reached out to Wonga with questions and will update this story with any response . Update : In a statement a spokesperson for the company told us : “ Wonga is urgently investigating illegal and unauthorised accessAttack.Databreachto the personal data of some of its customers in the UK and Poland . We are working closely with authorities and we are in the process of informing affected customers . According to The Guardian , the company became aware of a problem last week but only realized on Friday that data could be accessedAttack.Databreachexternally , and only started contacting affected customers on Saturday . The U.K. ’ s data protection regulator , the ICO , has apparently been informed of the breach — although it ’ s unclear when . An ICO spokesperson did not respond to the question , providing this statement instead : “ All organisations have a responsibility to keep customers ’ personal information secure . Where we find this has not happened , we can investigate and may take enforcement action ” . Back in 2014 the company had to write down $ 340 million in unpaid loans , following an investigation by the U.K. ’ s Competition and Markets Authority over its lending practices . It was also fined by the regulator for sendingAttack.Phishingfake lawyers ’ letters to customers in arrears . Although Wonga attracted substantial tech investment for a real-time automated decision-making platform for affordability checks , it ended up having to write off the loans of 330,000 customers , and waive the interest and fees for a further 45,000 — raising questions about the efficacy of its algorithms . Tightened criteria on short-term loans by the U.K. financial regulator ultimately shrunk the size of Wonga ’ s business , which saw losses double in 2015 — to £80.2 million .
Payday lender Wonga appears to be the latest big-name brand to suffer a damaging data breachAttack.Databreach, after admitting over the weekend “ there may have been illegal and unauthorized accessAttack.Databreach” to customers ’ personal details . The firm was tight-lipped on how many customers might have been affected , although reports suggest it is in the region of 270,000 , most of whom are based in the UK . The short-term loans company , which charges customers over 1200 % APR , was also short on details and hedged its bets somewhat as to the cause . The firm claimed in an FAQ on the incident that it is still trying to establish the details and contact those affected . What we do know is that customer names , e-mail addresses , home addresses and phone numbers may have been compromisedAttack.Databreach, along with the last four digits of their card number and/or bank account number and sort code . It added : “ We do not believe your Wonga account password was compromisedAttack.Databreachand believe your account should be secure , however if you are concerned you should change your account password . We also recommend that you look out for any unusual activity across any bank accounts and online portals ” . Wonga also advised customers to be on the lookout for follow-up scams , both online and over the phone . The kind of information that appears to have been compromisedAttack.Databreachwould certainly provide seasoned fraudsters with enough to socially engineer targets into divulging more details such as their full card numbers . This is just the latest in a long line of breaches at big-name companies . Data from over 130,000 customers of network operator Three was illegally obtainedAttack.Databreachby fraudsters back in November . The impact to brand and reputation can be a serious blow to breached organizations . TalkTalk is said to have lost 100,000 customers and £60m as a result of a breach at the ISP . André Stewart , EMEA vice-president at Netskope , argued that coming European privacy laws will force organizations to be more accountable for their data practices . “ As a result , companies will be forced to take active measures to mitigate any threats to personal privacy , whether that data is stored on-premises or in the cloud . Any companies falling short of these standards could face hefty fines , ” he explained . “ Alongside demonstrating that they have coached employees on the GDPR and secure data handling , employers will also need to provide staff with the tools to do their jobs securely without sacrificing ease and convenience ” . Kevin Cunningham , president of SailPoint , added that staff from the board down need to be well-drilled in order to help protect sensitive customer information . “ In today ’ s market , it ’ s a matter of when , not if , a data breachAttack.Databreachwill happen . So the most important factors are prevention , education , and rapid response , ” he argued . “ When a breach does happen , it ’ s important to quickly find out how and why it occurred , assess the damage and required response , and put IT controls in place to address future attacks ”
Personal and financial data of some 270,000 customers of UK payday loan firm Wonga have likely been pilferedAttack.Databreachin a data breachAttack.Databreach. The data that was accessedAttack.Databreachby the attackers includes the name , e-mail address , home address , and phone number of around 245,000 customers in the UK and 25,000 customers in Poland , as well as the last four digits of their payment card number and/or their bank account number and sort code . “ We do not believe your Wonga account password was compromisedAttack.Databreachand believe your [ loan ] account should be secure , however if you are concerned you should change your account password . We also recommend that you look out for any unusual activity across any bank accounts and online portals , ” the company advised users . “ We will be alerting financial institutions about this issue and any individuals impacted as soon as possible , but we recommend that you also contact your bank and ask them to look out for any suspicious activity. ” They ’ ve also warned users to be on the lookout for scammers looking to leverage the stolen information to gain more information or money directly from the users . According to the BBC , the company noticed that something was amiss last week , but it took them until Friday to discover that customer data may have been compromisedAttack.Databreach. The company started to inform customers of the breachAttack.Databreachon Saturday . “ Wonga ’ s stock with the general public has never been particularly high , but this breach will see it fall even further . It is simply the latest name in a long list of data breach victims that will come to realise that the reputational impact of a breach is more damaging than anything the ICO can do to them , or the cybercriminals themselves for that matter , ” commented Marc Agnew , Vice President , ViaSat Europe . “ The stakes are so high that organisations need to treat cyber-attack not only as a threat , but as an inevitability . Organisations must therefore ensure that all customer data is encrypted , not just the passwords and card details , so that any stolen data is essentially worthless . Inadequately protecting customer data can create massive problems for enterprises and consumers alike . Reacting to an attack appropriately is vital ; from isolating and identifying the origin , to taking stock of what has been stolenAttack.Databreachor affected and making sure those who have been put at risk are notified and protected as soon as possible . By the looks of it , Wonga ’ s customers were alerted in a timely manner and should be well informed enough to take action . This is all Wonga can do at this stage , but it ’ ll be interesting to see what happens next and how serious an attack this turns out to be. ” “ While the organisation has stated that affected customers are unlikely to be at risk of theft , the fact remains that private personal information was compromisedAttack.Databreach– posing a risk to customers , ” André Stewart , VP EMEA at Netskope , pointed out . “ Data loss prevention needs to be a key priority for all businesses . The EU General Data Protection Regulation ( GDPR ) – set to come into effect in just over a year – will hold organisations accountable for their data practices . As a result , companies will be forced to take active measures to mitigate any threats to personal privacy , whether that data is stored on-premises or in the cloud . Any companies falling short of these standards could face hefty fines , ” he also noted .
Israeli mobile forensics firm Cellebrite has announced that it has suffered a data breachAttack.Databreachfollowing an unauthorized access to an external web server . “ The impacted server included a legacy database backup of my.Cellebrite , the company ’ s end user license management system . The company had previously migrated to a new user accounts system . Presently , it is known that the information accessed includes basic contact information of users registered for alerts or notifications on Cellebrite products and hashed passwords for users who have not yet migrated to the new system , ” the company stated , and added that it is still investigating the attack . They are also notifying affected customers , and advising them to change their passwords . The confirmation comes a few hours after Motherboard releasedAttack.Databreachgeneral information about 900 GB of data that they obtainedAttack.Databreachand has supposedly been stolenAttack.Databreachfrom the firm . The cache includes alleged usernames and passwords for logging into Cellebrite databases connected to the company ’ s my.cellebrite domain , ” the publication noted . “ The dumpAttack.Databreachalso contains what appears to be evidence files from seized mobile phones , and logs from Cellebrite devices ” . The hacker that shared the data with the publication and is apparently behind the breach also noted that access to the compromised servers has been traded among hackers in IRC chat rooms , so it ’ s possible that other persons have exfiltratedAttack.Databreachpotentially sensitive data . “ The Cellebrite breachAttack.Databreachshows that anyone can be hacked , even firms whose bread and butter is data exfiltrationAttack.Databreach. And Cellebrite isn ’ t the first organization of this type to be targeted – Hacking Team and Gamma International have both experienced similar attacks by groups opposed to government surveillance , ” Tony Gauda , CEO of ThinAir , commented for Help Net Security . “ While the 900 GB of data hasn ’ t been released publicly , it ’ s safe to assume that the information is highly sensitive . Besides customer information , the hackers managed to retrieveAttack.Databreachtechnical data , which could have serious repercussions if it were to fall into the wrong hands . Incidents such as this are the cyber equivalent of robbing a gun store , and I wouldn ’ t be surprised if the proprietary info stolenAttack.Databreacheventually made its way online . Demand for advanced hacking tools and techniques has never been higher and until these firms start securing their digital arsenals with technology capable of rendering data useless when it ’ s compromised , they will continue to find themselves in the crosshairs of hackers ” . Cellebrite ’ s name has become widely known after reports that the company has been asked for help to exfiltrate dataAttack.Databreachfrom the locked iPhone belonging to Syed Farook , one of the San Bernardino shooters
Ciphr , a company which offers encrypted communications for BlackBerry 10 and Samsung Knox smartphones , claims that a rival firm are behind a data dumpAttack.Databreachof its customers ' email addresses and their device 's IMEI numbers . A website displaying the alleged leaked data claims that `` all Ciphr emails/servers have been compromisedAttack.Databreach. '' Two sources that use Ciphr on their phones told Motherboard the leakAttack.Databreachincludes their information as well as the data of other users . Specifically , the website lists users ' email addresses and IMEI numbers , data which law enforcement can leverage to exposeAttack.Databreacha user . In a message provided to Motherboard from one of its sources , the privacy platform says the data dumpAttack.Databreachwas not the result of a data breachAttack.Databreach. Instead Ciphr blames a rival company for the incident : `` Our rapid growth has caught the attention of competitors seeking to slow us down by way of slander , blocking and DDOS [ distributed denial of service attacks ] .... We were shocked that any company in this industry would release information to the public under any circumstance . '' Ciphr 's management explains in a blog post that a rogue reseller who was granted access to its sales systems gave the information to SkySecure , which makes custom Blackberry devices . The company goes on to note that most of the information included in the data dumpAttack.Databreachwas already expired . But it does say a few active users ' email addresses and IMEI numbers were included in the leakAttack.Databreach.
Retina-X Studios , the makers of several consumer-grade monitoring products , have finally announced that they have suffered a data breachAttack.Databreach. Retina-X and FlexiSpy , another spyware maker , were attackedAttack.Databreachby two hackers / hacker groups that revealed last week how they went about compromisingAttack.Databreachthe companies ’ assets and made offAttack.Databreachwith customer and other data . “ A hacker known for SQL exploits of great magnitude was able to find a weakness in a decompiled and decrypted version of a now-discontinued product . The vulnerability hidden inside the coded software led to a breach of the database and the eventual exploit by unauthorized individuals , ” the company noted . “ According to the report , the attacker was able to break intoAttack.Databreacha server that held database tables for Net Orbit , PhoneSheriff and TeenShield . The tables held information such as login usernames , subscription keys , device metadata , text messages , GPS locations , contacts ’ information , apps installed and website logs . A third-party photo storage account was also breachedAttack.Databreach. Only accounts created before February 21st , 2017 were affected. ” They were quick to point out that no payment information was compromisedAttack.Databreach, and they say that the attacker has not publicly releasedAttack.Databreachthe stolen data – and he seemingly does not plan to . They are also trying to differentiate itself from the other victim ( FlexiSpy ) , by saying that their software can ’ t be used to monitor individuals that the monitorer has no legal right to keep under surveillance ( e.g . their employees or their underage children ) , because this would violate their terms of service and the account would be terminated . “ Our child and employee monitoring software shows up as an icon and in the Installed Apps list of devices . There are also notifications to let the user of the device know that activities are being monitored , ” the company noted , while failing to mention that these notifications can be turned off and the icon removed . They also did not mention how or how quickly they are able to discover that someone is using the software to perform illegitimate surveillance . For all we know , it could be weeks or months , but even days are too much for people who are spied on in this way .
Billions of online credentials freshly stolenAttack.Databreachin 2016 are fueling a practice of automated login hacks that are overwhelming legitimate human-login traffic on enterprise Web properties . A study out today from Shape Security shows that it 's common for credential-stuffing login attempts to account for more than 90 % of all login activity on Internet-facing systems at Fortune 100 firms . `` In working with customers in retail , finance , travel , government , and other industries , Shape has seen millions of instances of credentials from reported breaches being used in credential stuffing attacks , '' the report says . Online-credential breaches that do n't expose any other personally identifiable information may seem like no big deal on the spectrum of massive security incidents . But the study out today shows that with automation , attackers are using stolen passwords quite effectively . If attackers have a large enough pool of stolen credentials to try across various other Web systems online , even a very slim success rate can yield them hundreds of thousands - or even millions - of accounts ripe for takeover . Global organizations in 2016 reported more than 3 billion username and password combinations stolenAttack.Databreach, led first and foremost by Yahoo 's massive 1.5 billion user breachAttack.Databreach. `` Credential spills became a worldwide pandemic in 2016 . While we have been observing credential spills and credential-stuffing attacksAttack.Databreachfor many years , the scale of both in 2016 was remarkable , '' says Shuman Ghosemajumder , CTO for Shape . `` The size and frequency of credential spills appears to be increasing , with the record for all-time largest credential spill being reset three times last year . '' Shape reports that in its work with retail , finance , travel , government , and other industries in 2016 , it observed millions of credentials exposed from reported breaches being used in credential- stuffing attacksAttack.Databreach. During one 4-month observation period at a major retailer , for example , Shape Security witnessed 15.5 million account login attempts . Scarily enough , 500,000 accounts at that retailer were on breached credential lists . The difficulty with credential stuffing is that many companies do n't have visibility into the volume of automated login traffic they 're being hit with because these attacks are n't taking advantage of vulnerabilities per se . They 're using the login functionality the way it is supposed to be used , simply scaling up the rate at which the credentials are plugged into the inputs . These attacks not only put users at risk , but they also put a traffic burden on infrastructure and could add to the login latency for real human users . `` A lot of public attention is focused on any organization that experiences a data breachAttack.Databreachand loses control of their users ' passwords and personal information , '' Ghosemajumder says . `` However , the real issue other companies should focus on is protecting themselves against those passwords being used to attack them and their own users ”
The exposed data includes names , Social Security numbers , birthdates , contact details , medical record numbers and/or clinical information . On December 21 , 2016 , Children 's Hospital Los Angeles learned that an unencrypted laptop containing patient data was stolenAttack.Databreachfrom the locked vehicle of a Children 's Hospital Los Angeles Medical Group physician on October 18 , 2016 . The laptop may have held approximately 3,600 patients ' names , birthdates , addresses , medical record numbers and some clinical information , SC Magazine reports . `` We are taking action to prevent this type of thing in the future by enhancing the encryption levels of all laptops that physicians use in the provision of care for patients , '' the hospital stated in a notification letter [ PDF ] to those affected . Separately , Delaware Insurance Commissioner Trinidad Navarro recently announced that a security breach impacted Summit Reinsurance Services and BCS Financial Corporation , both of which are subcontractors of Highmark Blue Cross Blue Shield of Delaware ( h/t Internet Health Management ) . On August 8 , 2016 , Summit discovered that a server containing customer data , including names , Social Security numbers , health insurance information , provider names and/or diagnosis and clinical information , was infected with ransomware . An investigation determined that the server was first accessed on March 12 , 2016 . The breach affects approximately 19,000 Highmark Blue Cross Blue Shield members . `` I would like to ensure Delaware consumers that the Department of Insurance takes this matter seriously and is currently investigating how this occurred , '' Navarro said in a statement . While Summit sent notification letters to those affected , Navarro noted that many customers may have discarded the letter assuming it was a sales pitch , since they were customers of Highmark Blue Cross Blue Shield , not Summit . And CoPilot Provider Support Services recently announced that one of its databases used by healthcare professionals to determine whether treatments will be covered by insurance was accessedAttack.Databreachin October 2015 , potentially exposing approximately 220,000 patients ' names , genders , birthdates , addresses , phone numbers , health insurers , and in some cases Social Security numbers . It 's not clear why it took the company more than a year to notify those affected . `` We are taking steps to address the situation and to further protect against a similar incident in the future , including utilizing enhanced verification , enhanced encryption and implementing increased security audit activity , '' CoPilot said in a notification letter [ PDF ] to those affected . Last spring , a Ponemon Institute survey found that 79 percent of healthcare organizations experienced two or more data breachesAttack.Databreachin the past two years , and 45 percent experienced five or more breaches . Over the past two years , the survey found , the average cost of a data breachAttack.Databreachto a healthcare organization was more than $ 2.2 million . `` In the last six years of conducting this study , it 's clear that efforts to safeguard patient data are not improving , '' Ponemon Institute chairman and founder Dr. Larry Ponemon said at the time .
The toys -- which can receive and send voice messages from children and parents -- have been involved in a data breachAttack.Databreachdealing with more than 800,000 user accounts . The breachAttack.Databreach, which grabbed headlines on Monday , is drawing concerns from security researchers because it may have given hackers accessAttack.Databreachto voice recordings from the toy 's customers . But the company behind the products , Spiral Toys , is denying that any customers were hackedAttack.Databreach. Absolutely not , '' said Mark Meyers , CEO of the company . Security researcher Troy Hunt , who tracks data breachesAttack.Databreach, brought the incidentAttack.Databreachto light on Monday . Hackers appear to have accessedAttack.Databreachan exposed CloudPets ' database , which contained email addresses and hashed passwords , and they even sought to ransomAttack.Ransomthe information back in January , he said in a blog post . The incidentAttack.Databreachunderscores the danger with connected devices , including toys , and how data passing through them can be exposedAttack.Databreach, he added . In the case of CloudPets , the brand allegedly made the mistake of storing the customer information in a publicly exposedAttack.Databreachonline MongoDB database that required no authentication to access . That allowed anyone , including hackers , to view and stealAttack.Databreachthe data . On the plus side , the passwords exposedAttack.Databreachin the breachAttack.Databreachare hashed with the bcrypt algorithm , making them difficult to crack . Unfortunately , CloudPets placed no requirement on password strength , meaning that even a single character such as letter `` a '' was acceptable , according to Hunt , who was given a copy of the stolen data last week . As a result , Hunt was able to decipher a large number of the passwords , by simply checking them against common terms such as qwerty , 123456 , and cloudpets . `` Anyone with the data could crack a large number of passwords , log on to accounts and pull down the voice recordings , '' Hunt said in his blog post . Security researcher Victor Gevers from the GDI Foundation said he also discovered the exposed database from CloudPets and tried to contact the toy maker in late December . However , both Gevers and Hunt said the company never responded to their repeated warnings . On Monday , California-based Spiral Toys , which operates the CloudPets brand , claimed the company never received the warnings . `` The headlines that say 2 million messages were leakedAttack.Databreachon the internet are completely false , '' Meyers said . His company only became aware of the issue after a reporter from Vice Media contacted them last week . `` We looked at it and thought it was a very minimal issue , '' he said . A malicious actor would only be able to accessAttack.Databreacha customer 's voice recording if they managed to guess the password , he said . `` We have to find a balance , '' Meyers said , when he addressed the toy maker 's lack of password strength requirements . He also said that Spiral Toys had outsourced its server management to a third-party vendor . In January , the company implemented changes MongoDB requested to increase the server 's security . Spiral Toys hasn ’ t been the only company targeted . In recent months , several hacking groups have been attackingAttack.Databreachthousands of publicly exposed MongoDB databases . They ’ ve done so by erasing the data , and then saying they can restore it , but only if victims pay a ransom feeAttack.Ransom. In the CloudPets incident , different hackers appear to have deleted the original databases , but leftAttack.Ransomransom notes on the exposed systems , Hunt said . Although the CloudPets ’ databases are no longer publicly accessible , it appears that the toy maker hasn ’ t notified customers about the breachAttack.Databreach, Hunt said . The danger is that hackers might be using the stolen information to break into customer accounts registered with the toys . But Meyers said the company found no evidence that any hackers broke into customer accounts . To protect its users , the company is planning on a password reset for all users . `` Maybe our solution is to put more complex passwords , '' he said .
The most recent breachAttack.Databreachof smart teddy bears -- which can receive and send voice messages from children and parents -- have been involved in a data breachAttack.Databreachdealing with more than 800,000 user accounts . The company behind the products , Spiral Toys , is denying that any customers were hacked . Zach Lanier , director of research at Cylance , went through the more famous incidents involving toys and breaches and offers a tip with each case . This may have given attackers accessAttack.Databreachto voice recordings from the toy 's customers , by allegedly making the mistake of storing the customer information in a publicly exposedAttack.Databreachonline MongoDB database that required no authentication process . Thus anyone , including the attackers , was able to view and stealAttack.Databreachthe data . CloudPets placed no requirement on password strength , making it much easier to decipher passwords . Tip : Always create a secure password , no matter the strength requirement . Include lowercase and uppercase letter , symbols and numbers . Use a password manager to help create and store unique passwords for sites and services . A line of stuffed animals , these connected toys combine with a mobile application that was vulnerableVulnerability-related.DiscoverVulnerabilitydue to a number of weak APIs , which didn ’ t verify who sent messages . This meant that an attacker could guess usernames , or email addresses , and ask Fisher-Price for server return details about associated accounts and children ’ s profiles , which provides their name , birthdate , gender , language and toys they have played with . Tip : If the IoT device connects to a mobile app or desktop computer , it is important to examine how it connects . If the start of the URL address is http rather than https , which is the secure version of HTTP , then your device is making a less secure connection . The doll has a microphone and accesses the internet to answer your child 's questions . Moreover , criminals could have the ability collectAttack.Databreachyour personal information . Tip : If the toy does require Wi-Fi , make sure it supports modern , more secure Wi-Fi capabilities like WAP2 . Their speech-recognition software maker Nuance Communications violated federal rules by listening to children and saving the recordings . It ’ s valuable to know how they are using your data . Don ’ t provide personal information that seems extra or unnecessary . VTech had its app store database , Learning Lodge , hacked . As a result of the breachAttack.Databreach, over 11.6 million accounts were compromisedAttack.Databreachin a cyberattackAttack.Databreach, exposingAttack.Databreachphotos of children and parents as well as chat logs . The profile data leaked included their names , genders and birth dates . Tip : Check to see if the manufacturer has had any cybersecurity issues in the past , and if so , how they responded . Alternatively , if the company is relatively new , your device is definitely at greater risk . The interactive toy has the ability to communicate and record conversations . Those conversations are sent to the company ’ s servers , analyzed and then stored in the cloud . The toy was criticized for spying on kids by recording their conversations . Through Wi-Fi , attackers can hijack the connection to spy on your children , stealAttack.Databreachpersonal information , and turn the microphone of the doll into a surveillance device . Tip : Since the device is Wi-Fi enabled , confirm if the device supports modern security protocols . If the device only uses WEP or WPA ( but not WPA2 ) security standards , it may be too risky to use . Those versions are older and over time have become almost entirely insecure from attack