Over the weekend, officials for the Canadian pharmaceutical chain, London Drugs, discovered unauthorized activity on their internal network and were forced to take their systems offline and close all their retail store locations. While the investigation is still ongoing, it is believed that no customer or financial information was compromised during the security incident, and thus has not been reported as a data breach.
2 million individuals compromised in collection agency breach
Officials for the debt collection agency Financial Business and Consumer Solutions (FBCS) have recently identified a data breach in their internal database that occurred in late February of this year. The investigation revealed that there was unauthorized activity for 2 weeks before being discovered and during that time the unknown hacker had access to sensitive data for nearly 2 million individuals.
USPS phishing sites receive alarming levels of traffic
Security researchers have finalized a study that was analyzing the amount of internet traffic that was visiting illegitimate USPS domains and discovered that several of the malicious domains had over 100,000 site visits. These sites are common redirections for phishing attacks and make up almost half of the query results for “USPS” searches, which poses a significant danger to individuals, especially during the holiday season.
UK passes law banning default passwords for smart devices
At the beginning of the week, a new law in the UK went into effect that bans all smart device manufacturers from selling their devices with a default password enabled. Default passwords have proved to be a significant security issue for consumers, as they can be shared and used to maliciously access internal files and networks that the devices are connected to. This new law makes the UK the first country in the world to take a stand against default passwords for IoT (Internet of Things) devices, all in hopes of protecting their citizens from phishing attacks and identity theft.
Kaiser Permanente leaks data for 13.4 million individuals
Officials for the healthcare provider, Kaiser Permanente have recently revealed that personally identifiable information for 13.4 million current and former patients may have been leaked to third-party trackers on their websites and mobile applications. While the trackers collected data that could be used to identify individuals, they did not have access to Social Security Numbers (SSNs) or any financial or payment card information.
