Outlook breach reportedly targeted Crypto users

Laptop chain

We previously notified our readers of a breach involving Microsoft Outlook email. Users of Cryptocurrency are now coming forward to indicate that this Outlook breach led to a theft by hackers of their Cryptocurrency from various Cryptocurrency Exchanges, as detailed in this follow-up article.

Keeping anything online, whether it be email or items like Cryptocurrency, leaves a user open to potential hacks. It is wise to copy email to a folder on the user’s computer vs. leaving it online in an inbox or the like for hackers to gain access to. When stored in a folder on a personal computer, it’s much harder to access.

Also, enabling verification items like 2fa (Two-factor authorization), where a user is required to verify log-ins and other procedures using an application on their phone, are wise to use to prevent access to user accounts. As one user indicated in the article, they did not have 2fa enabled on their account, so it allowed the hackers easier access.

If you’d like to discuss further on ways you can protect yourself online, please let us know!

Microsoft admits hackers had access to online email

email

For the first three months of 2019, Microsoft has admitted that hackers had access to some details of certain Outlook.com email accounts. As this article states, Outlook.com is the web version of Microsoft’s email service, and this online service was previously known as Hotmail. Per Microsoft, “this unauthorized access could have allowed unauthorized parties to access and/or view information related to your email account …but not the content of any emails or attachments.”

While it appears no actual emails were read or attachments were accessed, this is an important reminder that being online brings its share of risks to user data. It’s a smart idea to use an actual email application to view email, in companion with a web browser, and to store as much email off-line as possible. This will help in prevention of potential data access in the event your email account gets hacked.

In relation to this, and as has been mentioned before, it is important to ensure the safeguarding of passwords, for email and other sites. It is good practice to change passwords periodically throughout the year. By doing so, there’s less of a chance that the current password is in the hands of hackers if it is changed more often, in the event an account is compromised. Also, never send password or login information via email, as this just opens user’s data to easily being compromised.

As always, please contact us if you have questions or would like to discuss further!

Separate recent ransomware attacks affect Spectrum Health, MI doctor’s office

locked entrance

A cyber attack that hit a contracted vendor of Spectrum Health, Wolverine Services Group, has impacted approximately 60,000 patients of Spectrum Health Lakeland. Wolverine’s systems were attacked by a ransomware attack. A ransomware attack occurs when hackers gain access to a system and encrypt a portion or all of the files and demand ransom payment in order to release instructions on how to decrypt the files.

The breach in this incident affected only the Lakeland portion of Spectrum Health, not their entire system. As is usual with breaches such as this, it occurred well before it was discovered: the breach occurred in September but wasn’t discovered until December. More can be read about this incident here.

In a more recent ransomware hack in Michigan, which occurred on April 1st at a doctor’s office in Battle Creek, the doctors of this office decided to retire early, after they refused to pay the ransom payment and the hackers erased all their files. The files were already encrypted by the office’s software system, so no personal information was gained. However, with patient files gone forever, much data that was already gained through tests and other means will never be recovered, as the article from WWMT states.

While these two cases show issues at businesses, and we as citizens only have so much control over business records, it is important for every person to keep secure their private information. We will continue to work to update this blog on ways users can prevent becoming the victim of cyber incidents (malware, phishing, etc.). If you have any questions or would like to discuss, we’re here to help.

Google urges Chrome users to upgrade to latest version

Due to a security vulnerability, Google is urging users of their Chrome web browser to update to the latest version. As the article mentions in the first link below, Chrome updates are usually automatically performed.

To see the current version of Chrome on a Mac, you can access the Chrome menu in the top left while in the browser and choose “About Google Chrome”. The second of two links below explains how to check if on a Windows-based PC.

This is another example of ensuring that your software is kept up to date.

https://www.pcmag.com/news/367015/stop-what-youre-doing-and-update-google-chrome

https://www.pcmag.com/feature/364079/how-to-update-google-chrome/2

Multi-level hack on email provider destroys almost two decades of data

People holding message bubbles

“Email provider VFEmail said it has suffered a catastrophic destruction of all of its servers by an unknown assailant who wiped out almost two decades’ worth of data and backups in a matter of hours.” The hacker (or hackers) acquired multiple passwords related to the service, and formatted all hard drives related to the serving of email. They were discovered in the middle of formatting the backup server. The email is “effectively gone” as stated in the article.

This is a good reminder that it’s important to have a backup of your IMAP mail or other online email (such as Yahoo Mail or Gmail) to your local computer, which also has a backup. Backups are a good idea always, in all circumstances.

https://arstechnica.com/information-technology/2019/02/catastrophic-hack-on-email-provider-destroys-almost-two-decades-of-data/

Hackers use malicious Windows file to access MacOS

Mouse pointer hovering over the work security

Hackers are utilizing the file type “.exe” to unload malicious software onto MacOS powered computers. As the article linked below mentions, by default, .exe files won’t run on a Mac. The malicious download worked around this limitation by bundling the .exe file with a free framework known as Mono. Mono allows Windows executables to run on MacOS, Android, and a variety of other operating systems.

Users should be cautious of downloading any software from insecure resources such as Torrent sites. Torrent sites provide users with the ability to download any type of software, movies, games, etc, which leads to a “Wild West” scenario, where all bets are off with the type of files that you’re actually downloading.

It’s also wise to ensure children are not accessing these sites either, and to block access to Torrent resources on company networks.

https://arstechnica.com/information-technology/2019/02/clever-trick-uses-windows-executable-file-to-install-malicious-payload-on-macs/