HONG KONG ( REUTERS ) - Cathay Pacific Airways said on Wednesday ( Oct 24 ) that data of about 9.4 million passengers of Cathay and its unit Hong Kong Dragon Airlines had been accessed Attack.Databreach without authorisation . Cathay said 860,000 passport numbers , about 245,000 Hong Kong identity card numbers , 403 expired credit card numbers and 27 credit card numbers with no card verification value ( CVV ) were accessed Attack.Databreach in the breach Attack.Databreach . `` We are very sorry for any concern this data security event may cause our passengers , '' Cathay Pacific chief executive Rupert Hogg said in a statement . `` We acted immediately to contain the event , commence a thorough investigation with the assistance of a leading cyber-security firm , and to further strengthen our IT security measures . '' Mr Hogg said no passwords were compromised Attack.Databreach in the breach Attack.Databreach and the company was contacting affected passengers to give them information on how to protect themselves . Cathay Pacific was not immediately available for additional comment outside normal business hours . The company said it initially discovered suspicious activity on its network in March this year , and investigations in early May confirmed that certain personal data had been accessed Attack.Databreach . News of Cathay 's passenger data breach Attack.Databreach comes weeks after British Airways revealed that credit card details of hundreds of thousands of its customers were stolen Attack.Databreach over a two-week period . Cathay said in a statement that accessed Attack.Databreach data includes names of passengers , their nationalities , dates of birth , telephone numbers , e-mail and physical addresses , passport numbers , identity card numbers and historical travel information . It added that the Hong Kong Police had been notified about the breach Attack.Databreach and that there is no evidence any personal information has been misused .

Six million of Verizon 's US customers had their personal and account information exposed Attack.Databreach , including PIN numbers . Verizon Communications suffered a major data leak Attack.Databreach due to a misconfigured cloud server that exposed Attack.Databreach data on 6 million of its customers . The leak was the result of its third-party provider NICE Systems incorrectly configuring Verizon 's cloud-based file repository housed in an Amazon Web Services S3 bucket on NICE 's cloud server , according to UpGuard , which issued a report on the breach today . Verizon customer names , addresses , account information , including account personal identification numbers ( PINs ) , were compromised Attack.Databreach . UpGuard in its data estimated that up to 14 million customer records were exposed Attack.Databreach , but Verizon stated that data on 6 million of its users was affected . In one file alone , there were 6,000 PINs that were publicly exposed Attack.Databreach , according to Dan O'Sullivan , a cyber resilience analyst for UpGuard . What 's unique about this leak Attack.Databreach is that it was not just personal data that was publicly exposed Attack.Databreach but also PINs , according to O'Sullivan . `` The PINs are used to identify a customer to a customer care person , '' O'Sullivan says , noting that an attacker could impersonate the user by using the PIN and then gain access to that individual 's account . Verizon issued a statement acknowledging the public exposure Attack.Databreach of its customer data , but stressed that no loss or theft Attack.Databreach of Verizon or Verizon customer information occurred . The telecom giant also noted : `` To the extent PINs were included in the data set , the PINs are used to authenticate a customer calling our wireline call center , but do not provide online access to customer accounts , '' Verizon stated . `` An employee of one of our vendors put information into a cloud storage area and incorrectly set the storage to allow external access , '' Verizon said . How it Went Down NICE was hired to help Verizon improve its residential and small business wireline self-service call center portal , according to Verizon 's statement . As part of this project , NICE needed certain data that included a limited amount of personal and cell phone number information . None of the information stored for the project included social security numbers , according to Verizon . Meanwhile , on June 8 , UpGuard 's cyber risk research director Chris Vickery came across the AWS S3 data repository and its subdomain `` verizon-sftp . '' The repository held six folders with titles spanning `` Jan-2017 '' to `` June-2017 '' and a number of other files with a .zip format . Vickery was able to fully download the repository because it was configured to be publicly accessible to anyone entering the S3 URL . Following the discovery , UpGuard contacted Verizon on June 13 to inform the telecom giant of the data leakage Attack.Databreach and then on June 22 the exposure was sealed up , according to UpGuard 's report . `` There was a fairly long duration of time before it was fixed , which is troubling , '' O'Sullivan says . Verizon is not the first company to encounter data leakage Attack.Databreach as a result of permissions set to public rather than private on Amazon 's S3 bucket . Earlier this year , UpGuard also discovered a similar situation that involved the Republican National Committee ( RNC ) , which left millions of voter records exposed Attack.Databreach on the cloud account . As in the Verizon case , the RNC relied on a third party vendor to handle its cloud storage needs and it too used Amazon 's AWS S3 . That third-party also improperly set the database to public rather than private . `` The number one thing to keep in mind if you are a CISO is evaluating your third-party vendors . You can have the best security in the world and the best visibility into your systems , but if you pass it onto a third-party vendor without checking out how well they handle their security , then you have done that all in vain , '' O'Sullivan says . `` Verizon did not own the server that was involved here , but it will own the consequences . '' Rich Campagna , CEO of Bitglass , stressed the importance of security teams ensuring services used are configured securely . `` This massive data leak Attack.Databreach could have been avoided by using specific data-centric security tools , which can ensure appropriate configuration of cloud services , deny unauthorized access Attack.Databreach , and encrypt sensitive data at rest , '' Campagna said in a statement .

Derek Bradley , head of Panacea , an online community of 17,000 financial services professionals , has warned that phishing emails have been sent out Attack.Phishing that are purporting to be Attack.Phishing from him . Mr Bradley originally became a victim of a cyber attack Attack.Databreach back in September when his emails were compromised Attack.Databreach . He warned that all emails received from Attack.Phishing him to undisclosed recipients over the past seven months were not sent Attack.Phishing from his system . In a message sent out yesterday ( 22 March ) , he said : “ We are in the process of trying to work out the best course of action to ensure this stops happening , but it is difficult as I have no control over what is being sent and by whom . “ I do apologise again for any inconvenience caused to you . We will hopefully find a resolution to this issue as soon as possible ” . Mr Bradley also warned that the hackers are continuing to try and get access to other contact lists , and told advisers to ignore emails to undisclosed recipients . The government is facing calls to create a single point of responsibility to deal with cyber risk in the financial services sector amid concerns over accountability . Today ( 23 March ) Andrew Tyrie , chairman of the Treasury select committee , wrote to chancellor Philip Hammond claiming a lack of coordination in the current cyber security system could leave the banking industry ’ s IT systems vulnerable to attack . My Tyrie said the present arrangement , in which both a director-level group and a governance framework can serve as a single point to address cyber issues , resembles the `` catastrophically inadequate '' tripartite authorities that were set up to monitor system risk in banking in 1997 .

Payday loan firm Wonga has suffered a data breach Attack.Databreach affecting up to 245,000 customers in the U.K. A further 25,000 customers in Poland may also be affected , according to the BBC . It says it does not believe customers ’ Wonga account passwords were compromised Attack.Databreach but suggests concerned users change their password anyway . Wonga is warning affected customers to be “ extra vigilant ” and to alert their bank of potential risk — though it says it will also be contacting financial institutions about the breach . We ’ ve reached out to Wonga with questions and will update this story with any response . Update : In a statement a spokesperson for the company told us : “ Wonga is urgently investigating illegal and unauthorised access Attack.Databreach to the personal data of some of its customers in the UK and Poland . We are working closely with authorities and we are in the process of informing affected customers . According to The Guardian , the company became aware of a problem last week but only realized on Friday that data could be accessed Attack.Databreach externally , and only started contacting affected customers on Saturday . The U.K. ’ s data protection regulator , the ICO , has apparently been informed of the breach — although it ’ s unclear when . An ICO spokesperson did not respond to the question , providing this statement instead : “ All organisations have a responsibility to keep customers ’ personal information secure . Where we find this has not happened , we can investigate and may take enforcement action ” . Back in 2014 the company had to write down $ 340 million in unpaid loans , following an investigation by the U.K. ’ s Competition and Markets Authority over its lending practices . It was also fined by the regulator for sending Attack.Phishing fake lawyers ’ letters to customers in arrears . Although Wonga attracted substantial tech investment for a real-time automated decision-making platform for affordability checks , it ended up having to write off the loans of 330,000 customers , and waive the interest and fees for a further 45,000 — raising questions about the efficacy of its algorithms . Tightened criteria on short-term loans by the U.K. financial regulator ultimately shrunk the size of Wonga ’ s business , which saw losses double in 2015 — to £80.2 million .

Regulators and medical-device-makers are bracing for an expected barrage of hacking attacks even as legal and technical uncertainties leave them in uncharted territory . Tens of millions of electronic health records have been compromised Attack.Databreach in recent years , a number that is growing and , some say , underreported . High-profile attacks have hit hospitals and health insurers , and now attention is turning to a new vulnerability : medical devices like pacemakers and insulin pumps . The Food and Drug Administration ( FDA ) has become increasingly concerned about the issue and is working to coordinate with other agencies on how to respond if a serious medical device hack were to occur . There have been rumblings over cybersecurity for years . More than 113 million personal health records were compromised Attack.Databreach in 2015 , according to provider data reported to the Department of Health and Human Services ( DHS ) , nine times as many as in 2014 . Last fall , Johnson & Johnson had to tell Vulnerability-related.DiscoverVulnerability its customers that its insulin pumps had a security vulnerability that hackers could use to access the device and cause a potentially fatal overdose of insulin . `` In just the last few years , we 've seen more than a hundred million health records of American citizens breached Attack.Databreach in a couple of well-publicized incidents , '' Terry Rice , vice president of IT risk management and chief information security officer at Merck & Company , told the Energy and Commerce Oversight and Investigations Subcommittee last week .

In the wake of a weekend cyber attack , ECMC officials say the hospital ’ s IT staff discovered the virus and shut down the hospital ’ s computer network , before it could infect their files . ECMC spokesman Peter Cutler said , State Police and the FBI are investigating . “ We do know that a virus was launched into our system and the good news , again , is that we reacted to it immediately. ” With the medical center ’ s computer network still offline , ECMC is conducting business the old fashioned way , on paper—no website , no email—and Cutler says they don ’ t believe patient files were compromised Attack.Databreach in any way . “ Through the assessments that we have been running , we have seen no indication that there has been a compromise Attack.Databreach of patient health information. ” Investigators would not say how hackers attacked ECMC ’ s computers , but authorities in the field of cyber security say , this attempted intrusion has all the hallmarks of ransomware . University at Buffalo cyber security expert Arun Vishwanath says ransomware attacks Attack.Ransom have grown exponentially in the last two years , and likens them to Internet extortion Attack.Ransom . “ They are very successful , and so that is why we are seeing an exponential growth in ransomware attacks Attack.Ransom . We are talking about somewhere between 5,000 attacks per day that are reported–let alone the ones that are not even reported. ” Vishwanath says ransomware attacks Attack.Ransom are big reward low risk ventures , since the hackers are usually from other countries , and rarely get caught . Unwitting victims download an infected attachment from an email and the virus spreads quickly . “ The moment you click on the malware , this malware basically locks down your computer , and all the files in it , and any file that is connected to any other computer that you are connected to . So this can spread through your network in minutes. ” The hacker then demands Attack.Ransom the target pay a ransom Attack.Ransom to get their files unencrypted , and in just about every ransomware attack Attack.Ransom , the hackers cover their tracks by demanding payment Attack.Ransom in bitcoin–a virtual currency that is hard , if not impossible to trace . Once the ransom is paid Attack.Ransom , the hackers send their victim an electronic key to unlock their encrypted files , but if the payment is not made within a certain time frame the hacked files are lost forever .

TORONTO , April 19 ( Reuters ) - Global hotel chain InterContinental Hotels Group Plc said 1,200 of its franchised hotels in the United States , including Holiday Inn and Crowne Plaza , were victims of a three-month cyber attack Attack.Databreach that sought to steal Attack.Databreach customer payment card data . The company declined to say how many payment cards were stolen Attack.Databreach in the attack Attack.Databreach , the latest in a hacking spree Attack.Databreach on prominent hospitality companies including Hyatt Hotels Corp , Hilton , and Starwood Hotels , now owned by Marriott International Inc . The breach Attack.Databreach lasted from September 29 to December 29 , InterContinental spokesman Neil Hirsch said on Wednesday . He declined to say if losses were covered by insurance or what financial impact the hacking Attack.Databreach might have on the hotels that were compromised Attack.Databreach , which also included Hotel Indigo , Candlewood Suites and Staybridge Suites properties . The malware searched for track data Attack.Databreach stored on magnetic stripes , which includes name , card number , expiration date and internal verification code , the company said . Hotel operators have become popular targets because they are easier to breach Attack.Databreach than other businesses that store credit card numbers as they have limited knowledge in defending themselves against hackers , said Itay Glick , chief executive of Israeli cyber-security company Votiro . `` They do n't have massive data centers like banks which have very secure systems to protect themselves , '' said Glick . InterContinental declined to say how many franchised properties it has in the United States , which is part of its business unit in the Americas with 3,633 such properties . In February , InterContinental said it had been victim of a cyber attack , but at that time said that only 12 of its 286 managed properties in the Americas were infected with malware .

Online gaming company Reality Squared Games ( R2Games ) has been compromised Attack.Databreach for the second time in two years , according to records obtained Attack.Databreach by the for-profit notification service LeakBase . The hacker who shared the data with LeakBase says the attack Attack.Databreach happened earlier this month . Headquartered in Shenzhen , China , R2Games operates a number of free-to-play , micropayment-driven games on iOS and Android , as well as modern browsers . The company currently supports 19 online games , and claims over 52 million players . In December of 2015 , stretching into July of 2016 , more than 22 million R2Games accounts were compromised Attack.Databreach , exposing Attack.Databreach IP addresses , easily cracked passwords , email addresses , and usernames . The company denied the breach reports , telling one customer that `` R2Games is safe and secured , and far from being hacked Attack.Databreach . '' The hacker claims all forums were compromised Attack.Databreach , in addition to the Russian version of r2games.com . The latest record set includes usernames , passwords , email addresses , IP addresses , and other optional record fields , such as instant messenger IDs , birthday , and Facebook related details ( ID , name , access token ) . LeakBase shared the most recent records with Troy Hunt , a security researcher and owner of the non-profit breach notification website `` Have I Been Pwned ? '' ( HIBP ) . Hunt checked the data by testing a small sample of email addresses and usernames against the password reset function on R2Games . Every address checked was confirmed as an existing account . From there , Hunt did some number crunching . There were 5,191,898 unique email addresses in the data shared by LeakBase . However , 3,379,071 of those email addresses were using mail.ar.r2games.com or mail.r2games.com ; and another 789,361 looked generated , as they were all [ number ] @ vk.com addresses . LeakBase speculates that the r2games.com addresses are the result of registrations from third-party services . After stripping the questionable addresses Hunt was left with 1,023,466 unique email addresses to load into HIBP . Of this set , 482,074 have been seen before in other breaches , leaving 541,392 new entries for his index – and new notifications for 1,105 subscribers . When asked about the passwords , Hunt told Salted Hash many of them are MD5 with no salt , but a large number of them have a hash corresponding to the password `` admin '' and a few hundred thousand others are using the plain text word `` sync '' . `` The observation I 'd make here is that clearly , they do n't seem to be learning from previous failures . The prior incident should really have been a wake-up call and to see a subsequent breach not that long after is worrying . Perhaps the prior denials are evidence that they just do n't see the seriousness in security , '' Hunt said , when asked his opinion about the latest R2Games data breach Attack.Databreach . Salted Hash reached out to R2Games , but the company did n't respond to questions . Emails were sent to support , as well as recruiting and sales , on the off chance someone could direct them to the proper resources . For their part , LeakBase said since this data breach Attack.Databreach is n't in the public domain , they will not add the records to their service and it will not be searchable . However , they do plan to email impacted users and inform them of the incident . HIBP has been updated , and those changes are live now . If you 're an R2Games player , it might be wise to change your password and make sure the old password is n't used on any other websites . Also , keep an eye out for gaming related offers and emails , as well as `` notifications '' from domains that are n't related to R2Games itself - as those could be scammers looking to cash-in on the breach . While the hacked data is n't public yet , there 's nothing preventing the person who shared it with LeakBase from selling it or trading it .

Online gaming company Reality Squared Games ( R2Games ) has been compromised Attack.Databreach for the second time in two years , according to records obtained Attack.Databreach by the for-profit notification service LeakBase . The hacker who shared the data with LeakBase says the attack Attack.Databreach happened earlier this month . Headquartered in Shenzhen , China , R2Games operates a number of free-to-play , micropayment-driven games on iOS and Android , as well as modern browsers . The company currently supports 19 online games , and claims over 52 million players . In December of 2015 , stretching into July of 2016 , more than 22 million R2Games accounts were compromised Attack.Databreach , exposing Attack.Databreach IP addresses , easily cracked passwords , email addresses , and usernames . The company denied the breach reports , telling one customer that `` R2Games is safe and secured , and far from being hacked Attack.Databreach . '' The hacker claims all forums were compromised Attack.Databreach , in addition to the Russian version of r2games.com . The latest record set includes usernames , passwords , email addresses , IP addresses , and other optional record fields , such as instant messenger IDs , birthday , and Facebook related details ( ID , name , access token ) . LeakBase shared the most recent records with Troy Hunt , a security researcher and owner of the non-profit breach notification website `` Have I Been Pwned ? '' ( HIBP ) . Hunt checked the data by testing a small sample of email addresses and usernames against the password reset function on R2Games . Every address checked was confirmed as an existing account . From there , Hunt did some number crunching . There were 5,191,898 unique email addresses in the data shared by LeakBase . However , 3,379,071 of those email addresses were using mail.ar.r2games.com or mail.r2games.com ; and another 789,361 looked generated , as they were all [ number ] @ vk.com addresses . LeakBase speculates that the r2games.com addresses are the result of registrations from third-party services . After stripping the questionable addresses Hunt was left with 1,023,466 unique email addresses to load into HIBP . Of this set , 482,074 have been seen before in other breaches , leaving 541,392 new entries for his index – and new notifications for 1,105 subscribers . When asked about the passwords , Hunt told Salted Hash many of them are MD5 with no salt , but a large number of them have a hash corresponding to the password `` admin '' and a few hundred thousand others are using the plain text word `` sync '' . `` The observation I 'd make here is that clearly , they do n't seem to be learning from previous failures . The prior incident should really have been a wake-up call and to see a subsequent breach not that long after is worrying . Perhaps the prior denials are evidence that they just do n't see the seriousness in security , '' Hunt said , when asked his opinion about the latest R2Games data breach Attack.Databreach . Salted Hash reached out to R2Games , but the company did n't respond to questions . Emails were sent to support , as well as recruiting and sales , on the off chance someone could direct them to the proper resources . For their part , LeakBase said since this data breach Attack.Databreach is n't in the public domain , they will not add the records to their service and it will not be searchable . However , they do plan to email impacted users and inform them of the incident . HIBP has been updated , and those changes are live now . If you 're an R2Games player , it might be wise to change your password and make sure the old password is n't used on any other websites . Also , keep an eye out for gaming related offers and emails , as well as `` notifications '' from domains that are n't related to R2Games itself - as those could be scammers looking to cash-in on the breach . While the hacked data is n't public yet , there 's nothing preventing the person who shared it with LeakBase from selling it or trading it .

Northrop Grumman has admitted one of its internal portals was broken into , exposing Attack.Databreach employees ' sensitive tax records to miscreants . In a letter [ PDF ] to workers and the California Attorney General 's office , the aerospace contractor said that between April 18 , 2016 and March 29 , 2017 , crooks infiltrated the website , allowing them to access Attack.Databreach staffers ' W-2 paperwork for the 2016 tax year . These W-2 forms can be used by identity thieves to claim tax rebates owed to employees , allowing the crims to pocket victims ' money . The corp sent out its warning letters on April 18 , the last day to file 2016 tax returns . `` The personal information that may have been accessed Attack.Databreach includes your name , address , work email address , work phone number , Social Security number , employer identification number , and wage and tax information , as well as any personal phone number , personal email address , or answers to customized security questions that you may have entered on the W-2 online portal , '' the contractor told its employees . The Stealth Bomber maker says it will provide all of the exposed workers with three years of free identity-theft monitoring services . Northrop Grumman has also disabled access to the W-2 portal through any method other than its internal single sign-on tool . The aerospace giant said it farmed out its tax portal to Equifax Workforce Solutions , which was working with the defense giant to get to the bottom of the intrusion . `` Promptly after confirming the incident , we worked with Equifax to determine the details of the issue , '' Northrop told its teams . `` Northrop Grumman and Equifax are coordinating with law enforcement authorities to assist them in their investigation of recent incidents Attack.Databreach involving unauthorized actors gaining access Attack.Databreach to individuals ’ personal information through the W-2 online portal . '' According to Equifax , the portal was accessed Attack.Databreach not by hackers but by someone using stolen login details . `` We are investigating alleged unauthorized access Attack.Databreach to our online portal where a person or persons using stolen credentials accessed Attack.Databreach W-2 information of a limited number of individuals , '' an Equifax spokesperson told El Reg on Monday . `` Based on the investigation to date , Equifax has no reason to believe that its systems were compromised Attack.Databreach or that it was the source of the information used to gain access Attack.Databreach to the online portal . ''

Google said it has disabled offending accounts involved in a widespread spree of phishing emails today impersonating Attack.Phishing Google Docs . The emails , at the outset , targeted journalists primarily and attempted to trick Attack.Phishing victims into granting the malicious application permission to access the user ’ s Google account . It ’ s unknown how many accounts were compromised Attack.Databreach , or whether other applications are also involved . Google advises caution in clicking on links in emails sharing Google Docs . The messages purport to be from Attack.Phishing a contact , including contacts known to the victim , wanting to share a Google Doc file . Once the “ Open in Docs ” button is clicked , the victim is redirected to Google ’ s OAUTH2 service and the user is prompted to allow the attacker ’ s malicious application , called “ Google Docs , ” below , to access their Google account and related services , including contacts , Gmail , Docs and more . “ We have taken action to protect users against an email impersonating Attack.Phishing Google Docs , and have disabled offending accounts , ” a Google spokesperson told Threatpost . “ We ’ ve removed the fake pages , pushed Vulnerability-related.PatchVulnerability updates through Safe Browsing , and our abuse team is working to prevent this kind of spoofing Attack.Phishing from happening again . We encourage users to report phishing emails in Gmail. ” OAUTH is an authentication standard that allows a user to authorize third party applications access to an account . The attempt to steal OAUTH tokens is a departure from traditional phishing attacks Attack.Phishing that target passwords primarily . Once the attacker has access Attack.Databreach to the victim ’ s account , the phishing message is sent Attack.Phishing along to the compromised contact list . While this attack is likely the work of a spammer , nation-state attackers including APT28 , aka Fancy Bear or Sofacy , have made use of this tactic . APT28 has been linked to last summer’s attacks Attack.Phishing attempting to influence the U.S. presidential elections . The group has long been targeting political entities , including NATO , and uses phishing emails , backdoors and data-stealing malware to conduct espionage campaigns against its targets . “ I don ’ t believe they are behind this though because this is way too widespread , ” said Jaime Blasco , chief scientist at AlienVault . “ Many people and organizations have received similar attempts , so this is probably something massive and less targeted . ”

Last week , the Internal Revenue Service ( IRS ) issued a new warning to employers , urging them to stay alert as reports of compromised W-2 records started to climb . This newest advisory aligns with the agency 's plan to delay refunds for those filing their returns early in order to combat identity theft and fraud . The IRS also informed employers the W-2 scam has moved beyond corporations , expanding to include schools , tribal organizations , and nonprofits . In a statement , IRS Commissioner , John Koskinen , said the scams - sometimes known as Business Email Compromise (BEC) attacks Attack.Phishing - are some of the most dangerous email scams the agency has seen in a long time . [ Learn about top security certifications : Who they 're for , what they cost , and which you need . `` It can result in the large-scale theft of sensitive data Attack.Databreach that criminals can use to commit various crimes , including filing fraudulent tax returns . We need everyone ’ s help to turn the tide against this scheme , '' Koskinen said . In 2016 , at least 145 organizations fell victim to BEC scams Attack.Phishing , exposing tens of thousands of employees to tax fraud and identity theft . Salted Hash kept track of some of the high-profile cases , and Databreaches.net tracked everything , resulting in a massive list of documented successful attacks . As of February 5 , 23 organizations have disclosed BEC-related data breaches Attack.Databreach publicly , each one resulting in compromised W-2 data . The confirmed BEC victims include ten school systems , a software development firm , a utility company in Pennsylvania , at least one restaurant in Indianapolis , and businesses operating within the healthcare , finance , manufacturing , and energy sectors . Distribution International emailed employees that their W-2 data was compromised Attack.Databreach on January 27 . Their notification expands the number of affected taxpayers to more than 30,000 . The scammers spoofed Attack.Phishing an email and pretended to be Attack.Phishing one of the company 's owners . W-2 records for all companies and all employees were compromised Attack.Databreach . Salted Hash reached out to Sky Climber 's CFO , Jeff Caswell , for more information . Also , the College of Southern Idaho has reported an incident that could impact 3,000 employees . According to Public Information Officer Doug Maughan , the W-2 records affected belong to seasonal and auxiliary staff . Palomar College disclosed an attack Attack.Databreach on January 30 , which affected employee W-2 records . The school did n't say the incident Attack.Databreach was the result of a BEC attack Attack.Phishing , but Salted Hash is listing it anyway due to the timing of the attack and the information targeted . Finally today , the West Michigan Whitecaps - a Class A minor league baseball team affiliated with the Detroit Tigers - said staff W-2 records were compromised after someone posing as Attack.Phishing a manager requested them . In 2016 , the criminals behind the BEC attacks Attack.Phishing mostly focused on payroll and tax records . This year though , the IRS says that in addition to the usual records request , the scammers are now following-up and requesting wire transfers . `` Although not tax related , the wire transfer scam is being coupled with the W-2 scam email , and some companies have lost both employees ’ W-2s and thousands of dollars due to wire transfers , '' the IRS explained in their warning . `` Employers should consider creating an internal policy , if one is lacking , on the distribution of employee W-2 information and conducting wire transfers . '' BEC attacks Attack.Phishing are essentially Phishing scams Attack.Phishing , or Spear Phishing Attack.Phishing since the criminals have a specific target . They 're effective too , exploiting the trust relationships that exist within the corporate environment . In a majority of the reported cases from 2016 , the attackers forged Attack.Phishing an email and pretended to be Attack.Phishing the victim organization 's top executive , or someone with direct authority . Often it is the CEO or CFO , but any high-level manager will work .

The most recent breach Attack.Databreach of smart teddy bears -- which can receive and send voice messages from children and parents -- have been involved in a data breach Attack.Databreach dealing with more than 800,000 user accounts . The company behind the products , Spiral Toys , is denying that any customers were hacked . Zach Lanier , director of research at Cylance , went through the more famous incidents involving toys and breaches and offers a tip with each case . This may have given attackers access Attack.Databreach to voice recordings from the toy 's customers , by allegedly making the mistake of storing the customer information in a publicly exposed Attack.Databreach online MongoDB database that required no authentication process . Thus anyone , including the attackers , was able to view and steal Attack.Databreach the data . CloudPets placed no requirement on password strength , making it much easier to decipher passwords . Tip : Always create a secure password , no matter the strength requirement . Include lowercase and uppercase letter , symbols and numbers . Use a password manager to help create and store unique passwords for sites and services . A line of stuffed animals , these connected toys combine with a mobile application that was vulnerable Vulnerability-related.DiscoverVulnerability due to a number of weak APIs , which didn ’ t verify who sent messages . This meant that an attacker could guess usernames , or email addresses , and ask Fisher-Price for server return details about associated accounts and children ’ s profiles , which provides their name , birthdate , gender , language and toys they have played with . Tip : If the IoT device connects to a mobile app or desktop computer , it is important to examine how it connects . If the start of the URL address is http rather than https , which is the secure version of HTTP , then your device is making a less secure connection . The doll has a microphone and accesses the internet to answer your child 's questions . Moreover , criminals could have the ability collect Attack.Databreach your personal information . Tip : If the toy does require Wi-Fi , make sure it supports modern , more secure Wi-Fi capabilities like WAP2 . Their speech-recognition software maker Nuance Communications violated federal rules by listening to children and saving the recordings . It ’ s valuable to know how they are using your data . Don ’ t provide personal information that seems extra or unnecessary . VTech had its app store database , Learning Lodge , hacked . As a result of the breach Attack.Databreach , over 11.6 million accounts were compromised Attack.Databreach in a cyberattack Attack.Databreach , exposing Attack.Databreach photos of children and parents as well as chat logs . The profile data leaked included their names , genders and birth dates . Tip : Check to see if the manufacturer has had any cybersecurity issues in the past , and if so , how they responded . Alternatively , if the company is relatively new , your device is definitely at greater risk . The interactive toy has the ability to communicate and record conversations . Those conversations are sent to the company ’ s servers , analyzed and then stored in the cloud . The toy was criticized for spying on kids by recording their conversations . Through Wi-Fi , attackers can hijack the connection to spy on your children , steal Attack.Databreach personal information , and turn the microphone of the doll into a surveillance device . Tip : Since the device is Wi-Fi enabled , confirm if the device supports modern security protocols . If the device only uses WEP or WPA ( but not WPA2 ) security standards , it may be too risky to use . Those versions are older and over time have become almost entirely insecure from attack