Korean Hack Leads Breach Roundup
Mobile Carrier Breached; Dropbox E-Mail CompromisedIn this week's breach roundup, two hackers were arrested for stealing information on 8 million customers of KT Corp., South Korea's second largest mobile carrier. Also, online file service Dropbox said e-mail addresses were compromised, resulting in increased spam for users.
See Also: Why Active Directory (AD) Protection Matters
Korean Hack Affects 8 Million
Two hackers have been arrested for stealing information on 8 million KT Corp. customers. KT Corp. is South Korea's second largest mobile carrier. The hackers gained access to KT Corp.'s network and stole the information, according to the Yonhap News Agency, a Korean media outlet. The data leak started as early as February, the news report said.
Information about the carrier's subscribers exposed in the data breach includes name, phone number, membership number, personal identification number and mobile phone serial number, according to The Korea Herald.
Dropbox Breach Results in Spam
Online file service Dropbox is reporting a breach that affected user e-mail addresses, resulting in an increase in spam messages. In a blog post, the company says that usernames and passwords from other websites were stolen, some of which were used to sign in to Dropbox accounts. One of the stolen passwords was used to access an employee's account, which contained a project document with user e-mail addresses, the blog notes. "We believe this improper access is what led to the spam," the posting explains.
Dropbox did not specify how many e-mail addresses were affected. The company says it's taking steps to improve security, such as implementing two-factor authentication and launching new automated mechanisms to identify suspicious activity.
8,400 Patients Affected in NYU Breach
An unencrypted desktop computer containing personal health information on about 8,400 patients was stolen from an office at New York University's Langone Medical Center. The computer was taken from the Faculty Group Practice office, according to a medical center statement.
Langone is offering identity theft protection to 5,000 patients whose Social Security numbers may have been compromised, the statement explains. Other compromised information included name, address, date of birth, telephone number, insurance information and clinical information.
Six Computers Missing from Hospice
Six laptop and tablet computer devices were stolen from Northwestern Memorial Hospital's Home Hospice offices in Chicago. At the time of the robbery, the devices were undergoing software upgrades, suspending standard laptop security controls, Northwestern explains in a statement.
Compromised information includes patients' full names, addresses, dates of birth, Social Security numbers, medical treatment profiles, diagnoses, medications, health insurance groups and policy numbers.
Northwestern has not yet revealed how many patients were affected. The hospice is providing affected patients with a credit bureau monitoring service to catch irregularities, the statement notes.
Insider Steals Patient Records
The Hillsborough County Health Department in Tampa, Fla., reports that an employee intentionally printed documents containing information on 300 patients without authorization earlier this year. The information included, name, date of birth, Social Security number and protected health information. No financial information was included, according to the Tampa Bay Times.
Several people in Georgia were arrested in May with partial copies of the documents printed by the employee. Georgia and Florida officials aren't sure if there's a connection between the employee and the Georgia suspects, the newspaper reported.