Bitglass Security Spotlight: Quest Diagnostics Patients’ Personal Information at Risk

This post was originally published here by Will Houcheime.

Here are the top cybersecurity stories of recent weeks:  

  • Millions of Quest Diagnostics Patients Possibly Exposed
  • BlackSquid Malware infects Cryptocurrency Miners
  • AMCA Data Breach Exposes 7.7 Million LabCorp Patients
  • Fortune 500 Company Tech Data Disclosed Customer and Billing Data
  • Optergy Tech at Risk of Backdoor Script Shutdown

Millions of Quest Diagnostics Patients Possibly Exposed

Blood test provider, Quest Diagnostics, recently reported that up to 12 million of their patients likely had their records exposed due to an affected American Medical Collection Agency (AMCA) server. A filing report stated that the AMCA server was accessible for a period of seven months prior to the reveal of the exposure. The data being stored included medical, financial and other personal records such as credit card, bank account, and Social Security numbers. Despite not receiving complete details of the publicity, Quest Diagnostics is working persistently to protect their patients’ information.

BlackSquid Malware infects Cryptocurrency Miners

Cybersecurity firm, Trend Micro, recently disclosed findings that highlighted a new malware named BlackSquid. The malware has made efforts to attack and expose cryptocurrency miners using different versions of framework. It was reported that BlackSquid is capable of brute-force attacks, anti-debugging, and anti-sandboxing techniques. The malware mainly uses three entry points to target miners which include infected web pages and exploits through removable network drives. Reports claim that the majority of attacks have taken place in Thailand and the United States. Miners are advised to level the malware with proper patching in order to prevent possible vulnerabilities.

AMCA Data Breach Exposes 7.7 Million LabCorp Patients

Shortly following the reports of the Quest Diagnostics breach, LabCorp has claimed their patients were also at risk as well. LabCorp uses the same AMCA server which was accessed seven months ago. LabCorp has reclaimed that 7.7 million patient records were possibly vulnerable to exposure. The compromised data includes names, birth dates, addresses, dates of service, and balance information. The breach could have also jeopardized financial information as it did for Quest Diagnostics patients. The AMCA has told LabCorp that the 200,000 patients who may have had their financial records compromised were notified promptly. Following the reports, LabCorp has stopped sending additional data to the AMCA. This is the second cybersecurity attack LabCorp has experienced in the past year, which follows a cybersecurity attack in July 2018. 

Fortune 500 Company Tech Data Disclosed Customer and Billing Data

Security researchers recently discovered that Tech Data has left a server unprotected exposing customer and billing data. The server contained customer data including names, postal addresses and email addresses, invoicing data and receipts, and job titles. Partial payment information including card types, card holder names, and expiry dates was also discovered. Reports have not disclosed how many customers were susceptible to the exposure, but it is believed to be in the tens of thousands. Tech Data spokesperson, Bobby Eagle, has proclaimed that the server has been disabled following the acknowledgment.

Optergy Tech at Risk of Backdoor Script Shutdown

Homeland Security has calculated a maximum severity score for Optergy’s smart building system making it vulnerable to cyber attacks. Optergy tech’s Proton is a smart building system that allows building owners and managers remote access of energy consumption through a network of devices used for air conditioning and heating. CISA, the government’s cybersecurity unit has claimed that Optergy’s system is susceptible to being breached. Advisors have claimed that attackers could gain full access through backdoor scripts, which typically give undocumented access to systems. The Proton scored a 9.9/10.0 severity score, signifying great risk of the system’s integrity. Gjoko Krstic, a security researcher, reported that the Proton has currently put over 50 buildings at risk of shutdown.

Photo:National Cyber Security Centre


No posts to display