Accenture stiffens, healthcare institutions hacked and watch for Bluetooth patches.
Welcome to Cyber Security Today. It’s Friday September 3rd. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.
Accenture continues to deny claims by the LockBit 2.0 ransomware gang that a cyberattack last month on the international consulting firm helped infect other companies. This comes after LockBit released passenger data it said was stolen from Bangkok Airways. The threat actor told the Bleeping Computer news service that the Accenture breach gave it access to credentials that enable them to go after the company’s customers. However, Accenture said the Lockbit claim is false. It repeated an earlier statement that there was no impact on Accenture’s operators or on client’s systems from the Lockbit attack. When it was detected, Accenture said, it isolated affected servers.
More American healthcare institutions have been successfully hacked. DuPage Medical Group, an Illinois healthcare provider is notifying over 650,000 patients their data was compromised during a cyberattack in July. According to SC Media, the copied data could include names, contact details, diagnosis codes and Social Security numbers. CareATC, a Pennsylvania health management provider, says data of over 98,000 patients may have been exposed during a recent email hack. And the San Andreas Regional Center in California is notifying over 57,000 patients their data may have been copied in a July ransomware attack.
I’ve said before that it’s imperative that in addition to keeping your computer and smartphone software up to date, do the same with the applications behind your hardware – like routers, monitors, printers and Bluetooth devices. This reminder comes because researchers from the Singapore University of Technology and Design say they discovered 16 vulnerabilities in the Bluetooth stack used in chipsets released by major companies like Intel, Qualcomm, Texas Instruments and others. These chipsets are in products like laptops, smartphones, tablets and more. A nearby attacker could use the vulnerabilities to remotely shut or hack into a device. This will have to be fixed by patches issued by chipset makers, who in turn have to release them to end-users. So watch for patches from your device maker.
Speaking of patches, if you use the Bumble dating app, make sure it’s updated to the latest version. It fixes an issue that could allow someone to deduce where you live.
Later today the Week in Review podcast will be available. It features a discussion with IT World Canada chief information officer Jim Love about the erasure of backup data from a Montreal-based hosting provider and a report on insider threats.
Remember links to details about podcast stories are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.