Eurostar has forced all of its customers to reset their passwords after detecting an `` unauthorised attempt '' to hack into its systems and access their accounts . Customers reported receiving an email on Tuesday stating that the company had identified an attempt to access eurostar.com accounts using users ' email and passwords between the 15 and 19 of October . Eurostar confirmed that credit card details and payment details were not compromised Attack.Databreach because the company does not store that information online . Eurostar has yet to confirm how many people have been affected by this data breach Attack.Databreach or whether any data has been taken Attack.Databreach . The company has reported the data breach Attack.Databreach to the Information Commissioner 's Office . `` We have taken this action as a precaution because we identified what we believe to be an unauthorised automated attempt to access Attack.Databreach eurostar.com accounts using your email address and password , '' the company told customers . `` We 've since carried out an investigation which shows that your account was logged into between the 15 and 19 October . If you did n't log in during this period , there 's a possibility your account was accessed Attack.Databreach by this unauthorised attempt . '' Customers were told to check their accounts for `` anything unusual '' and update login details on any other site where they use the same password . A Eurostar spokesman said : `` This email was sent after we identified what we believe to be an unauthorised automated attempt to access customer accounts , so as a precaution , we asked all account holders to reset their password . We deliberately never store any payment details or bank card information , so there is no possibility of those being compromised Attack.Databreach . '' An ICO spokesman said : “ We ’ ve received data breach Attack.Databreach report from Eurostar and are making enquiries. ” Last week , British Airways revealed that almost 200,000 further passengers may have had their personal data stolen Attack.Databreach by hackers in the September attack Attack.Databreach in what experts described as one of the biggest breaches Attack.Databreach of consumer data the UK had ever seen .

DocuSign , with over 100 million users , is one of the world ’ s largest providers of electronic signature technology and digital transaction management . Recently , DocuSign acknowledged that they have been the victim of a malware phishing attack Attack.Phishing . The data breach Attack.Databreach happened at one DocuSign computer system location and has since been contained . While short-lived , the malware was able to obtain Attack.Databreach many customer and user emails from the DocuSign database . Fortunately , the breach Attack.Databreach was limited to email addresses ; no documents or further customer information was accessed Attack.Databreach in the attack Attack.Databreach . The attackers have begun sending out Attack.Phishing malicious emails with the company ’ s branding to DocuSign customers and users . In an alert on the DocuSign website , the company shared that it is tracking these emails which carry a downloadable Microsoft Word document harboring malware to attack the user ’ s system . The email subject line has been known to read : “ Completed : docusign.com – Wire Transfer Instructions for recipient-name Document Ready for Signature. ” How to protect yourself If you are not expecting an email via DocuSign , do not click on the link . If you are expecting a document , but are unsure of the source , you can access your document directly by visiting docusign.com . Every legitimate DocuSign email has a code which the user can enter on the website to access their document . DocuSign has asked that people forward suspicious emails to spam @ docusign.com then delete the email from their inboxes . It is important to remember that DocuSign will never request a customer or user to open a PDF , Microsoft Office document or ZIP file in an email .

Officials at a medical practice in Blue Springs say they are taking steps to strengthen privacy protections after a ransomware attack Attack.Ransom affected nearly 45,000 patients . Blue Springs Family Care discovered in May that hackers had installed malware and ransomware encryption programs on its computer system , giving them full access Attack.Databreach to patient records . Ransomware is a kind of malware that locks up a computer . The attackers typically demand a ransom Attack.Ransom , often in Bitcoin or other cryptocurrencies , as a condition of unlocking the computer and allowing access to the system . Melanie Peterson , Blue Springs Family Care ’ s privacy officer , says the medical practice did not pay a ransom Attack.Ransom . Rather , it was able to use backups to regain computer access . In a letter to patients , Blue Springs Family Care said it had no evidence patients ’ information had been used by unauthorized individuals . But it said it had taken steps to strengthen its defenses against similar attacks in the future . Peterson says the family medical practice has essentially rebuilt its computer system from scratch “ to make sure that no traces of any kind of virus were left in the system. ” The number of affected patients was as large as it was because the medical practice is required to keep medical records going back 10 years . Peterson says both the FBI and Blue Springs Police Department were notified of the attack . So far , the hackers have not been identified , she says . Blue Springs Family Care ’ s computer vendor discovered the ransomware attack Attack.Ransom on May 12 . In its letter to patients , Blue Springs Family Care said it hired a forensic IT company to help quarantine the affected systems and to install software to monitor whether any unauthorized person was accessing the system . The attack on Blue Springs Family Care was not an anomaly . Health care businesses in particular have been targeted by ransomware attacks Attack.Ransom . According to Beazly , a cybersecurity insurance company , 45 percent of ransomware attacks Attack.Ransom in 2017 targeted the health care industry . Financial services , which accounted for 12 percent of ransomware attacks Attack.Ransom , were a distant second . Last month , Cass Regional Medical Center in Harrisonville , Missouri , reported a ransomware attack Attack.Ransom had briefly cut off access to its electronic health record system on July 9 . Hospital officials said there was no indication patient data was accessed Attack.Databreach . Cass Regional was just the latest of many Missouri health care institutions targeted in the last few months by cyber-attackers . Others include Children ’ s Mercy Hospital in Kansas City , Barnes Jewish Hospital in St. Louis , Barnes-Jewish St. Peters Hospital in St. Peters and John J. Pershing VA Medical Center in Poplar Bluff . In Kansas , the Cerebral Palsy Research Foundation of Kansas , the Kansas Department for Aging and Disability Services , Atchison Hospital Association and a private medical practice in McPherson have all been hit with cyberattacks since March . “ If you think about what ’ s in a health or medical record , there ’ s a lot of information that could be used to create or falsify documents on an individual , ” says Madeline Allen , an assistant vice president in the cybertech practice at Lockton Companies , a Kansas City-based insurance broker . “ So think about your medical record that contains not only your health information but also your name and address , your social security number , your date of birth , oftentimes a driver ’ s license number . “ All of those things can be used to impersonate you , whether it be to open a line of credit , apply for a loan , file a tax return – all of those things . Pretty much everything you need would be found in your health record , '' Allen says . `` If you can get a full health record on someone , it ’ s pretty valuable information to the bad guys as they ’ re looking to monetize that information. ” For health care institutions , Allen says , it ’ s not so much a question of whether they will be attacked as when . As such , she says , apart from instituting technical measures , the most important thing they can do to ward off cyberattacks is to educate their employees . “ Let them know that people are constantly trying to attack from all angles and the attacks are pretty sophisticated , ” she says . “ It ’ s very easy to click on a link thinking it ’ s legitimate or respond to an email that looks legitimate when in fact it ’ s not . So I think the education of employees and staff is perhaps the biggest step that health care facilities can take . ”

E-Sports Entertainment Association ( ESEA ) , one of the largest competitive video gaming communities on the planet , was hacked last December . As a result , a database containing 1.5 million player profiles was compromised . On Sunday , ESEA posted a message to Twitter , reminding players of the warning issued on December 30 , 2016 , three days after they were informed of the hack . Sunday ’ s message said the leak of player information Attack.Databreach was expected , but they ’ ve not confirmed if the leaked records Attack.Databreach came from their systems . Late Saturday evening , breach notification service LeakedSource announced the addition of 1,503,707 ESEA records to their database . When asked for additional information by Salted Hash , a LeakedSource spokesperson shared the database schema , as well as sample records pulled at random from the database . Learn about top security certifications : Who they 're for , what they cost , and which you need . However , in all , there are more than 90 fields associated with a given player record in the ESEA database . While the passwords are safe , the other data points in the leaked records could be used to construct a number of socially-based attacks , including Phishing Attack.Phishing . Players on Reddit have confirmed their information was discovered in the leaked data . A similar confirmation was made Twitch ’ s Jimmy Whisenhunt on Twitter . The LeakedSource spokesperson said that the ESEA hack was part of a ransom scheme Attack.Ransom , as the hacker responsible demanded Attack.Ransom $ 50,000 in payment Attack.Ransom . In exchange for meeting their demands , the hacker would keep silent about the ESEA hack and help the organization address the security flaw that made it possible . In their previous notification , ESEA said they learned about the incident Attack.Databreach on December 27 , but make no mention of any related extortion attempts Attack.Ransom . The organization reset passwords , multi-factor authentication tokens , and security questions as part of their recovery efforts . We ’ ve reached out to confirm the extortion attempt Attack.Ransom claims made by the hacker , as well as the total count for players affected by the data breach Attack.Databreach . In an emailed statement , a spokesperson for ESL Gaming ( parent company to Turtle Entertainment ) confirmed that the hacker did in fact attempt to extort money Attack.Ransom , but the sum demanded Attack.Ransom was `` substantially higher '' than the $ 50,000 previously mentioned . The company refused to give into the extortion demands Attack.Ransom , and went public with details before the hacker could publish anything . The statement also confirms the affected user count of 1.5 million , and stressed the point that ESEA passwords were hashed with bcrypt . When it comes to the profile fields , where more than 90 data points are listed , ESL Gaming says those are optional data points for profile settings . `` We take the security and integrity of customer details very seriously and we are doing everything in our power to investigate this incident , establish precisely what has been taken , and make changes to our systems to mitigate any further breaches . The authorities ( FBI ) were also informed and we will do everything possible to facilitate the investigation of this attack , '' the message from ESL Gaming concluded . `` Based on the proof provided to us by the threat actor of possession Attack.Databreach of the stolen data , we were able to identify the scope of the data that was accessed Attack.Databreach . While the primary concern and focus was on personal data , some of ESEA ’ s internal infrastructure including configuration settings of game server hardware specifications , as well as game server IPs was also accessible Attack.Databreach . Due to the ongoing investigation , we prioritized customer user data first , '' the statement explains . In the days that followed that initial contact , ESEA worked to secure their systems , and the hacker kept making demands . On January 7 , ESEA learned the hacker also exfiltrated Attack.Databreach intellectual property from the compromised servers

Personal and financial data of some 270,000 customers of UK payday loan firm Wonga have likely been pilfered Attack.Databreach in a data breach Attack.Databreach . The data that was accessed Attack.Databreach by the attackers includes the name , e-mail address , home address , and phone number of around 245,000 customers in the UK and 25,000 customers in Poland , as well as the last four digits of their payment card number and/or their bank account number and sort code . “ We do not believe your Wonga account password was compromised Attack.Databreach and believe your [ loan ] account should be secure , however if you are concerned you should change your account password . We also recommend that you look out for any unusual activity across any bank accounts and online portals , ” the company advised users . “ We will be alerting financial institutions about this issue and any individuals impacted as soon as possible , but we recommend that you also contact your bank and ask them to look out for any suspicious activity. ” They ’ ve also warned users to be on the lookout for scammers looking to leverage the stolen information to gain more information or money directly from the users . According to the BBC , the company noticed that something was amiss last week , but it took them until Friday to discover that customer data may have been compromised Attack.Databreach . The company started to inform customers of the breach Attack.Databreach on Saturday . “ Wonga ’ s stock with the general public has never been particularly high , but this breach will see it fall even further . It is simply the latest name in a long list of data breach victims that will come to realise that the reputational impact of a breach is more damaging than anything the ICO can do to them , or the cybercriminals themselves for that matter , ” commented Marc Agnew , Vice President , ViaSat Europe . “ The stakes are so high that organisations need to treat cyber-attack not only as a threat , but as an inevitability . Organisations must therefore ensure that all customer data is encrypted , not just the passwords and card details , so that any stolen data is essentially worthless . Inadequately protecting customer data can create massive problems for enterprises and consumers alike . Reacting to an attack appropriately is vital ; from isolating and identifying the origin , to taking stock of what has been stolen Attack.Databreach or affected and making sure those who have been put at risk are notified and protected as soon as possible . By the looks of it , Wonga ’ s customers were alerted in a timely manner and should be well informed enough to take action . This is all Wonga can do at this stage , but it ’ ll be interesting to see what happens next and how serious an attack this turns out to be. ” “ While the organisation has stated that affected customers are unlikely to be at risk of theft , the fact remains that private personal information was compromised Attack.Databreach – posing a risk to customers , ” André Stewart , VP EMEA at Netskope , pointed out . “ Data loss prevention needs to be a key priority for all businesses . The EU General Data Protection Regulation ( GDPR ) – set to come into effect in just over a year – will hold organisations accountable for their data practices . As a result , companies will be forced to take active measures to mitigate any threats to personal privacy , whether that data is stored on-premises or in the cloud . Any companies falling short of these standards could face hefty fines , ” he also noted .

In what ’ s becoming a familiar refrain to guests , InterContinental Hotels Group , said late last week that payment card systems at more than 1,000 of its hotels had been breached Attack.Databreach . It ’ s the second breach that IHG , a multinational hotel conglomerate that counts Holiday Inn and Crowne Plaza among its chains , has disclosed this year . The company acknowledged in February that a credit card breach Attack.Databreach affected 12 of its hotels and restaurants . In a notice published to its site on Friday the company said a second breach Attack.Databreach occurred at select hotels between Sept. 29 and Dec. 29 last year . IHG says there ’ s no evidence payment card data was accessed Attack.Databreach after that point but can ’ t confirm the malware was eradicated until two to three months later , in February/March 2017 , when it began its investigation around the breach . Like most forms of payment card malware these days , IHG said the variant on their system siphoned track data Attack.Databreach – customers ’ card number , expiration date , and internal verification code – from the magnetic strip of cards as they were routed through affected hotel servers . The hotelier said the first breach Attack.Databreach also stemmed from malware found on servers used to process credit cards , but from August to December 2016 . That breach Attack.Databreach affected hotels , along with bars and restaurants at hotels , such as Michael Jordan ’ s Steak House and Bar at InterContinental Chicago and the Copper Lounge at Intercontinental Los Angeles . IHG didn ’ t state exactly how many properties were affected by the second breach Attack.Databreach but that customers can use a lookup tool the company has posted to its site to search for hotels in select states and cities . IHG gives a timeline for each property and says hotels listed on the tool “ may have been affected. ” A cursory review of hotels in the lookup tool suggests far more than a dozen – more than a thousand – hotels , were affected by the malware . IHG says that since the investigation is ongoing the tool may may be updated periodically . Some properties , for a reason not disclosed , elected to not participate in the investigation , IHG said . While the company operates 5,000 hotels worldwide this most recent breach Attack.Databreach affects mostly U.S.-based chains . One hotel in Puerto Rico , a Holiday Inn Express in San Juan , is the only non-U.S. property that hit by malware this time around , IHG claims . The company said it began implementing a point-to-point encryption payment solution – technology that can reportedly prevent malware from scouring systems for payment card data last fall . The hotels that were hit by this particular strain of malware had not yet implemented the encryption technology , IHG claims . The news comes as an IHG subsidiary , boutique hotel chain Kimpton , is fighting a class action court case that alleges the company failed to take adequate and reasonable measures to protect guests payment card data . The chain said it was investigating a rash of unauthorized charges on cards used at its locations last summer . It eventually confirmed a breach Attack.Databreach in late August that involved cards used from Feb. 16 , 2016 and July 7 , 2016 at nearly all of its restaurants and hotels .

Northrop Grumman has admitted one of its internal portals was broken into , exposing Attack.Databreach employees ' sensitive tax records to miscreants . In a letter [ PDF ] to workers and the California Attorney General 's office , the aerospace contractor said that between April 18 , 2016 and March 29 , 2017 , crooks infiltrated the website , allowing them to access Attack.Databreach staffers ' W-2 paperwork for the 2016 tax year . These W-2 forms can be used by identity thieves to claim tax rebates owed to employees , allowing the crims to pocket victims ' money . The corp sent out its warning letters on April 18 , the last day to file 2016 tax returns . `` The personal information that may have been accessed Attack.Databreach includes your name , address , work email address , work phone number , Social Security number , employer identification number , and wage and tax information , as well as any personal phone number , personal email address , or answers to customized security questions that you may have entered on the W-2 online portal , '' the contractor told its employees . The Stealth Bomber maker says it will provide all of the exposed workers with three years of free identity-theft monitoring services . Northrop Grumman has also disabled access to the W-2 portal through any method other than its internal single sign-on tool . The aerospace giant said it farmed out its tax portal to Equifax Workforce Solutions , which was working with the defense giant to get to the bottom of the intrusion . `` Promptly after confirming the incident , we worked with Equifax to determine the details of the issue , '' Northrop told its teams . `` Northrop Grumman and Equifax are coordinating with law enforcement authorities to assist them in their investigation of recent incidents Attack.Databreach involving unauthorized actors gaining access Attack.Databreach to individuals ’ personal information through the W-2 online portal . '' According to Equifax , the portal was accessed Attack.Databreach not by hackers but by someone using stolen login details . `` We are investigating alleged unauthorized access Attack.Databreach to our online portal where a person or persons using stolen credentials accessed Attack.Databreach W-2 information of a limited number of individuals , '' an Equifax spokesperson told El Reg on Monday . `` Based on the investigation to date , Equifax has no reason to believe that its systems were compromised Attack.Databreach or that it was the source of the information used to gain access Attack.Databreach to the online portal . ''

Researchers said good social engineering and users ’ trust in the convenience afforded by the OAUTH mechanism guaranteed Wednesday ’ s Google Docs phishing attacks Attack.Phishing would spread quickly . Google said that up to 1 million Gmail users were victimized by yesterday ’ s Google Docs phishing scam Attack.Phishing that spread quickly for a short period of time . In a statement , Google said that fewer than 0.1 percent of Gmail users were affected ; as of last February , Google said it had one billion active Gmail users . Google took measures to protect its users by disabling offending accounts , and removing phony pages and malicious applications involved in the attacks . Other security measures were pushed out in updates to Gmail , Safe Browsing and other in-house systems . “ We were able to stop the campaign within approximately one hour , ” a Google spokesperson said in a statement . “ While contact information was accessed Attack.Databreach and used by the campaign , our investigations show that no other data was exposed Attack.Databreach . There ’ s no further action users need to take regarding this event. ” The messages were a convincing Attack.Phishing mix of social engineering and abuse of users ’ trust in the convenience of mechanisms that share account access with third parties . Many of the phishing messages came from Attack.Phishing contacts known to victims since part of the attack includes gaining access to contact lists . The messages claimed Attack.Phishing that someone wanted to share a Google Doc with the victim , and once the “ Open in Docs ” button in the email is clicked , the victim is redirected Attack.Phishing to a legitimate Google OAUTH consent screen where the attacker ’ s application , called “ Google Docs ” asks for access to victim ’ s Gmail and contacts through Google ’ s OAUTH2 service implementation . While the ruse was convincing Attack.Phishing in its simplicity , there were a number of red flags , including the fact that a Google service was asking for access to Gmail , and that the “ To ” address field was to an odd Mailinator account . Google also quickly updated Safe Browsing and Gmail with warnings about the phishing emails and attempts to steal Attack.Databreach personal information . The phishing emails spread Attack.Phishing quickly on Wednesday and likely started with journalists and public relations professionals , each of whom are likely to have lengthy contact lists ensuring the messages would continue to spread Attack.Phishing in an old-school worm-like fashion . OAUTH ’ s open nature allows anyone to develop similar apps . The nature of the standard and interaction involved makes it difficult to safely ask for permission without giving the users a lot of information to validate whether an app is malicious , said Duo ’ s Sokley . “ There are many pitfalls in implementing OAUTH 2.0 , for example cross site request forgery protection ( XSRF ) . Imagine if the user doesn ’ t have to click on the approve button , but if the exploit would have done this for you , ” said SANS ’ Ullrich . “ OAUTH 2.0 also inherits all the security issues that come with running anything in a web browser . A user may have multiple windows open at a time , the URL bar isn ’ t always very visible and browser give applications a lot of leeway in styling the user interface to confuse the user . ”

DocuSign , a major provider of electronic signature technology , acknowledged today that a series of recent malware phishing attacks Attack.Phishing targeting its customers and users was the result of a data breach Attack.Databreach at one of its computer systems . The company stresses that the data stolen Attack.Databreach was limited to customer and user email addresses , but the incident is especially dangerous because it allows attackers to target users who may already be expecting to click on links in emails from DocuSign . San Francisco-based DocuSign warned on May 9 that it was tracking Attack.Phishing a malicious email campaign where the subject line reads , “ Completed : docusign.com – Wire Transfer Instructions for recipient-name Document Ready for Signature. ” The missives contained a link to a downloadable Microsoft Word document that harbored malware . The company said at the time that the messages were not associated with DocuSign , and that they were sent from Attack.Phishing a malicious third-party using DocuSign branding in the headers and body of the email . But in an update late Monday , DocuSign confirmed that this malicious third party was able to send Attack.Phishing the messages to customers and users because it had broken in and stolen Attack.Databreach DocuSign ’ s list of customers and users . “ As part of our ongoing investigation , today we confirmed that a malicious third party had gained temporary access Attack.Databreach to a separate , non-core system that allows us to communicate service-related announcements to users via email , ” DocuSign wrote in an alert posted to its site . “ A complete forensic analysis has confirmed that only email addresses were accessed Attack.Databreach ; no names , physical addresses , passwords , social security numbers , credit card data or other information was accessed Attack.Databreach . No content or any customer documents sent through DocuSign ’ s eSignature system was accessed Attack.Databreach ; and DocuSign ’ s core eSignature service , envelopes and customer documents and data remain secure. ” The company is asking people to forward any suspicious emails related to DocuSign to spam @ docusign.com , and then to delete the missives . “ They may appear suspicious because you don ’ t recognize the sender , weren ’ t expecting a document to sign , contain misspellings ( like “ docusgn.com ” without an ‘ i ’ or @ docus.com ) , contain an attachment , or direct you to a link that starts with anything other than https : //www.docusign.com or https : //www.docusign.net , ” reads the advisory . If you have reason to expect a DocuSign document via email , don ’ t respond to an email that looks like Attack.Phishing it ’ s from DocuSign by clicking a link in the message . When in doubt , access your documents directly by visiting docusign.com , and entering the unique security code included at the bottom of every legitimate DocuSign email . DocuSign says it will never ask recipients to open a PDF , Office document or ZIP file in an email . DocuSign was already a perennial target for phishers and malware writers , but this incident is likely to intensify attacks against its users and customers . DocuSign says it has more than 100 million users , and it seems all but certain that the criminals who stole Attack.Databreach the company ’ s customer email list are going to be putting it to nefarious use for some time to come .

DocuSign , a major provider of electronic signature technology , acknowledged today that a series of recent malware phishing attacks Attack.Phishing targeting its customers and users was the result of a data breach Attack.Databreach at one of its computer systems . The company stresses that the data stolen Attack.Databreach was limited to customer and user email addresses , but the incident is especially dangerous because it allows attackers to target users who may already be expecting to click on links in emails from DocuSign . San Francisco-based DocuSign warned on May 9 that it was tracking Attack.Phishing a malicious email campaign where the subject line reads , “ Completed : docusign.com – Wire Transfer Instructions for recipient-name Document Ready for Signature. ” The missives contained a link to a downloadable Microsoft Word document that harbored malware . The company said at the time that the messages were not associated with DocuSign , and that they were sent from Attack.Phishing a malicious third-party using DocuSign branding in the headers and body of the email . But in an update late Monday , DocuSign confirmed that this malicious third party was able to send Attack.Phishing the messages to customers and users because it had broken in and stolen Attack.Databreach DocuSign ’ s list of customers and users . “ As part of our ongoing investigation , today we confirmed that a malicious third party had gained temporary access Attack.Databreach to a separate , non-core system that allows us to communicate service-related announcements to users via email , ” DocuSign wrote in an alert posted to its site . “ A complete forensic analysis has confirmed that only email addresses were accessed Attack.Databreach ; no names , physical addresses , passwords , social security numbers , credit card data or other information was accessed Attack.Databreach . No content or any customer documents sent through DocuSign ’ s eSignature system was accessed Attack.Databreach ; and DocuSign ’ s core eSignature service , envelopes and customer documents and data remain secure. ” The company is asking people to forward any suspicious emails related to DocuSign to spam @ docusign.com , and then to delete the missives . “ They may appear suspicious because you don ’ t recognize the sender , weren ’ t expecting a document to sign , contain misspellings ( like “ docusgn.com ” without an ‘ i ’ or @ docus.com ) , contain an attachment , or direct you to a link that starts with anything other than https : //www.docusign.com or https : //www.docusign.net , ” reads the advisory . If you have reason to expect a DocuSign document via email , don ’ t respond to an email that looks like Attack.Phishing it ’ s from DocuSign by clicking a link in the message . When in doubt , access your documents directly by visiting docusign.com , and entering the unique security code included at the bottom of every legitimate DocuSign email . DocuSign says it will never ask recipients to open a PDF , Office document or ZIP file in an email . DocuSign was already a perennial target for phishers and malware writers , but this incident is likely to intensify attacks against its users and customers . DocuSign says it has more than 100 million users , and it seems all but certain that the criminals who stole Attack.Databreach the company ’ s customer email list are going to be putting it to nefarious use for some time to come .

Barts Health Trust , which runs The Royal London , St Bartholomew 's , Whipps Cross , Mile End and Newham hospitals , is investigating the breach . The trust said it could now rule out ransomware , in which email recipients are tricked Attack.Phishing into opening attachments which contain viruses , as the cause . It has not confirmed how much of its system was affected but said there was no sign that patient data was accessed Attack.Databreach . In a statement said : `` We are urgently investigating this matter and have taken a number of drives offline as a precautionary measure . `` We have tried and tested contingency plans in place and are making every effort to ensure that patient care will not be affected . '' The incident Attack.Ransom follows a similar attack Attack.Ransom on the Northern Lincolnshire and Goole Foundation Trust in October , when malware was used to encrypt files on the trust 's system and demand a ransom Attack.Ransom in order to access them again . The trust did not pay out Attack.Ransom , but was forced to cancel patient appointments while its systems were shut down to remove the virus

Anonymous hackers have stolen and leaked Attack.Databreach 1.9 million email addresses and some 1,700 names and active phone numbers of Bell Canada customers . The company has not shared where the stolen information was stored and how they attackers managed to access Attack.Databreach it , because the Royal Canadian Mounted Police cyber crime unit ’ s investigation into the matter is still ongoing . But , according to a brief statement , the affected systems have been secured , the Office of the Privacy Commissioner of Canada informed , and affected users notified directly ( either via email or phone ) . “ There is no indication that any financial , password or other sensitive personal information was accessed Attack.Databreach , ” the company noted , and added that the incident is not connected to the recent global WannaCry malware attacks Attack.Ransom . They ’ ve also warned customers to be on the lookout for phishing emails or calls impersonating Attack.Phishing the company and asking the customers for credit card or personal information . According to The Globe and Mail , the attackers are threatening to release more of the stolen data , if the telecom company doesn ’ t co-operate with them . It ’ s unclear what they mean by co-operating , but it ’ s more than likely that they ’ ve asked to be paid Attack.Ransom in order not to release the stolen information . Bell Canada has known about the breach Attack.Databreach since at least last Wednesday , when they notified the commissioner ’ s office of it .

The exposed data includes names , Social Security numbers , birthdates , contact details , medical record numbers and/or clinical information . On December 21 , 2016 , Children 's Hospital Los Angeles learned that an unencrypted laptop containing patient data was stolen Attack.Databreach from the locked vehicle of a Children 's Hospital Los Angeles Medical Group physician on October 18 , 2016 . The laptop may have held approximately 3,600 patients ' names , birthdates , addresses , medical record numbers and some clinical information , SC Magazine reports . `` We are taking action to prevent this type of thing in the future by enhancing the encryption levels of all laptops that physicians use in the provision of care for patients , '' the hospital stated in a notification letter [ PDF ] to those affected . Separately , Delaware Insurance Commissioner Trinidad Navarro recently announced that a security breach impacted Summit Reinsurance Services and BCS Financial Corporation , both of which are subcontractors of Highmark Blue Cross Blue Shield of Delaware ( h/t Internet Health Management ) . On August 8 , 2016 , Summit discovered that a server containing customer data , including names , Social Security numbers , health insurance information , provider names and/or diagnosis and clinical information , was infected with ransomware . An investigation determined that the server was first accessed on March 12 , 2016 . The breach affects approximately 19,000 Highmark Blue Cross Blue Shield members . `` I would like to ensure Delaware consumers that the Department of Insurance takes this matter seriously and is currently investigating how this occurred , '' Navarro said in a statement . While Summit sent notification letters to those affected , Navarro noted that many customers may have discarded the letter assuming it was a sales pitch , since they were customers of Highmark Blue Cross Blue Shield , not Summit . And CoPilot Provider Support Services recently announced that one of its databases used by healthcare professionals to determine whether treatments will be covered by insurance was accessed Attack.Databreach in October 2015 , potentially exposing approximately 220,000 patients ' names , genders , birthdates , addresses , phone numbers , health insurers , and in some cases Social Security numbers . It 's not clear why it took the company more than a year to notify those affected . `` We are taking steps to address the situation and to further protect against a similar incident in the future , including utilizing enhanced verification , enhanced encryption and implementing increased security audit activity , '' CoPilot said in a notification letter [ PDF ] to those affected . Last spring , a Ponemon Institute survey found that 79 percent of healthcare organizations experienced two or more data breaches Attack.Databreach in the past two years , and 45 percent experienced five or more breaches . Over the past two years , the survey found , the average cost of a data breach Attack.Databreach to a healthcare organization was more than $ 2.2 million . `` In the last six years of conducting this study , it 's clear that efforts to safeguard patient data are not improving , '' Ponemon Institute chairman and founder Dr. Larry Ponemon said at the time .

A maker of Internet-connected stuffed animal toys has exposed Attack.Databreach more than 2 million voice recordings of children and parents , as well as e-mail addresses and password data for more than 800,000 accounts . He said searches using the Shodan computer search engine and other evidence indicated that , since December 25 and January 8 , the customer data was accessed Attack.Databreach multiple times by multiple parties , including criminals who ultimately held the data for ransom Attack.Ransom . The recordings were available on an Amazon-hosted service that required no authorization to access . The data was exposed Attack.Databreach by Spiral Toys , maker of the CloudPets line of stuffed animals . The toys record and play voice messages that can be sent over the Internet by parents and children . The MongoDB database of 821,296 account records was stored by a Romanian company called mReady , which Spiral Toys appears to have contracted with . Hunt said that , on at least four occasions , people attempted to notify the toy maker of the breach Attack.Databreach . In any event , evidence left behind by the ransom demanders made it almost certain company officials knew of the intrusions Attack.Ransom . Hunt wrote : It 's impossible to believe that CloudPets ( or mReady ) did not know that firstly , the databases had been left publicly exposed Attack.Databreach and secondly , that malicious parties had accessed Attack.Databreach them . Obviously , they 've changed the security profile of the system , and you simply could not have overlooked the fact that a ransom had been left Attack.Ransom . So both the exposed database Attack.Databreach and intrusion Attack.Ransom by those demanding the ransom Attack.Ransom must have been identified yet this story never made the headlines . Further ReadingInternet-connected Hello Barbie doll gets bitten by nasty POODLE crypto bugThe breach is the latest to stoke concerns about the privacy and security of Internet-connected toys . In November 2015 , tech news site Motherboard disclosed the hack Attack.Databreach of toy maker VTech in a breach Attack.Databreach that exposed Attack.Databreach the names , e-mail addresses , passwords , and home addresses of almost 5 million adults , as well as the first names , genders and birthdays of more than 200,000 kids . A month later , a researcher found Vulnerability-related.DiscoverVulnerability that an Internet-connected Barbie doll made by Mattel contained vulnerabilities that might allow hackers to intercept real-time conversations . In addition to storing the customer databases in a publicly accessible location , Spiral Toys also used an Amazon-hosted service with no authorization required to store the recordings , customer profile pictures , children 's names , and their relationships to parents , relatives , and friends . In Monday 's post , Hunt acknowledged the help of Motherboard reporter Lorenzo Franceschi-Bicchierai , who published this report . Oddly enough , for a product with such lax security , the service used the ultra-secure bcrypt hashing function to protect passwords . Unfortunately , CloudPets had one of the most permissive password policies ever . It allowed , for instance , a passcode of the single character `` a '' or the short keyboard sequence `` qwe . '' `` What this meant is that when I passed the bcrypt hashes into [ password cracking app ] hashcat and checked them against some of the world 's most common passwords ( 'qwerty , ' 'password , ' '123456 , ' etc . ) along with the passwords 'qwe ' and 'cloudlets , ' I cracked a large number in a very short time , '' Hunt wrote . Further ReadingHow to search the Internet of Things for photos of sleeping babiesThe lesson that emerged long ago is that the security of so-called Internet of things products is so poor that it often outweighs any benefit afforded by an Internet-connected appliance . As the CloudPets debacle underscores , the creep factor involved in Internet-connected toys makes the proposition even worse

Spiral Toys , the parent company behind CloudPets , yesterday sent the California Attorney General a breach notification that on many fronts contradicts what experts have said about a database breach Attack.Databreach that exposed Attack.Databreach user data and private voice messages , many of which were made by children . The notification says that the company was not aware of a breach until Feb 22 when it received an inquiry from a Motherboard reporter who was informed by researchers Troy Hunt and Victor Gevers of a serious issue involving the toymaker ’ s customer data . This runs contrary to timelines provided by Hunt and Gevers showing both reached out to a number of Spiral Toys contacts , including its ZenDesk ticketing system , around Dec 30 . The data was copied and deleted from an exposed MongoDB instance found online . It ’ s unknown how many times the database was accessed Attack.Databreach before its contents were deleted and a ransom note left behind Attack.Ransom , symptomatic of other attacks against poorly protected MongoDB databases . The recordings were not stored in the database , but the database did contain references to file paths to the messages , which were stored on an Amazon Web Services AWS S3 storage bucket . The database , Spiral Toys said in its notification , did include emails and encrypted passwords , which Hunt counters were not encrypted , but were hashed with bcrypt . Combined with a nonexistent password strength rule on Spiral Toys ’ part , the hashed passwords could easily be cracked , Hunt said . The company meanwhile said it would notify 500,000 affected users , force a password reset , and implement new password strength requirements . Hunt and Gevers said there were actually more than 800,000 registered users exposed in the breach Attack.Databreach . “ The breach has been addressed and from our best knowledge no images or messages were leaked Attack.Databreach onto the internet , ” Spiral Toys said . “ A hacker could get Attack.Databreach to that data if they started ‘ guessing ’ simple passwords ” . Which is exactly what a hacker would do , Hunt said . “ This is what hash cracking is and it ’ s a highly automated process that ’ s particularly effective against databases that had no password rules , ” Hunt said . Hunt points out that simple passwords such as qwe—a sample password shown during a CloudPets setup video—combined with the stolen email addresses pose a serious privacy risk . CloudPets are teddy bears that can send and receive messages using Bluetooth Low Energy connectivity to a mobile app , which sends the messages . The most typical use case is where a child can remotely send a message to a parent or authorized adult through the bear . “ If this product was secure , it would have been a nice contribution to the IOT/gadget/toy market , ” Gevers said . The best thing is that they learn from this and start making a new secure product line ” .