Weekly Breach RoundupIranian Hacker Steals Debit Details; Emory Reports Missing Disks
In this week's breach roundup: An Iranian hacker stole details on 3 million debit accounts to expose flaws in Iran's banking system. Also, Emory Healthcare in Atlanta is offering 350,000 surgical patients one year's worth of free credit monitoring after discovering that 10 backup disks are missing.
Hack Exposes 3 Million Debit Accounts
A hacker took an extreme step to expose flaws in Iran's banking system by stealing details on 3 million debit accounts and posting them online. Analyst Avivah Litan says institutions can expect more attacks like this one as the hacktivist trend continues to grow globally.
Emory Notifies 350k of Missing Disks
Emory Healthcare in Atlanta is offering 350,000 surgical patients one year's worth of free credit monitoring after discovering that 10 unencrypted backup disks containing patient information are missing. The information missing includes Social Security numbers for 228,000 patients.
University Breach Settlement Approved
A court has granted final approval of the settlement of a class action lawsuit against University of Hawaii stemming from five data breaches over a three-year period that affected nearly 96,000 individuals. The settlement will provide those affected with two years of free credit monitoring and credit restoration services.
Health System Reports ID Theft
North Shore-LIJ Health System has notified 100 patients who have been affected by incidents of identity theft. Law enforcement officials say the identity theft ring has victimized nearly 1,000 people throughout the Northeast, according to a statement from the hospital. The investigation is ongoing, and the hospital is taking steps to bolster security protocols.
Global Payments Breach Details Remain Fuzzy
Details on the Global Payments breach remain fuzzy. Questions about the timing of the breach and vulnerabilities still remain.
ICANN System Glitch Shows Sensitive Info
The Internet Corporation for Assigned Names and Numbers has confirmed that a glitch in the Top-Level Domains (TLD) application system software has allowed a limited number of users to view other "users' file names and user names in certain scenarios," according to a statement ICANN posted April 12. "Out of an abundance of caution, we took the system offline to protect applicant data. We are examining how this issue occurred and considering appropriate steps forward."