Cyber Threat Report: Cyber Security News for 01/20/23

Colonoscopy Prep Retail Website Breach Festered for Years
Personal Data of 244,000 in Flux After Malware Probe of Gastroenterologist Vendor.  Read More

Microsoft Ends Windows 7 Security Updates
Windows 7, is the decade-old operating system that today reached the end of the security line. Read more

Does Your Cyber Insurance Policy Cover a Ransomware Attack?
A decision last month by a federal court in Oregon highlights the risk of litigation when coverage is not clear. Read More

Mailchimp Says it was Hacked — Again
It’s the second time the company was hacked in the past six months. Worse, this breach appears to be almost identical to a previous incident. Read More

ChatGPT Creates Polymorphic Malware
The powerful AI bot can produce malware without malicious code, making it tough to mitigate. Read more

Analysis: Third-Party Health Data Breaches Dominated in 2022
HHS Breach Tally Signals Biggest Risks, Threats Likely in 2023. Read More

Oracle's First Security Update for 2023 Includes 327 New Patches
Over 200 of the patches resolve security defects that can be exploited remotely without authentication. Read More

Norton LifeLock says 925,000 Accounts Targeted by Credential-Stuffing Attacks
925,000 inactive and active accounts were locked down after their security team identified a high number of Norton account login attempts. Read More 

Crypto-Exchange Used to Launder Ransomware Transactions Dismantled
The newly founded National Cryptocurrency Enforcement Team, part of the US Department of Justice (DoJ), announced its first enforcement operation. Read more

Almost Half of Critical Manufacturing at Risk of Breach
48% of the organizations analyzed received a rating of ”C”, “D” or “F”. Read More

HEADLINE PRIVACY & IT SECURITY COMPLIANCE NEWS

Colonoscopy Prep Retail Website, Captify Health is alerting nearly a quarter of a million patients that their personal information and payment card information may have been compromised in a data security incident stemming from a hack at a third-party vendor to gastroenterologists. The company said that the online retail service Your Patient Advisor, which sells colonoscopy prep kits, suffered a "malicious code" incident that persisted for more than three years (from May 26, 2019, to April 20, 2022). The company said that it received notice in March 2021 of fraudulent use of consumer credit cards related to its payment card environment. The company said that it had taken steps to ensure that its platform is safe and secure for all purchases.

Windows 7, the operating system that was sunset in January 2020, reached the end of its security support today, meaning that Microsoft will no longer provide security updates for the system. This leaves remaining users the option to upgrade to a newer operating system or remain vulnerable to ongoing security threats. It is not known exactly how many Windows 7 machines are still running and connected to the internet, but some market share data puts the number as high as about one in 10 desktop computers. Windows 8.1, the operating system version that succeeded Windows 7, also hit its end-of-support milestone on Tuesday, almost 10 years after it was released. Microsoft said it is not offering extended security updates for Windows 8.1.

Get in touch with Chris Kniffin, Corporate Director, to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.