cybersafety

McAfee_business_medical_2female_tablet_doctor_office-300x200.jpg

4 Tips to Protect Your Information During Medical Data Breaches

4 Tips to Protect Your Information During Medical Data Breaches 1

As the companies we trust with our data become more digital, it’s important for users to realize how this affects their own cybersecurity. Take your medical care provider, for instance. You walk into a doctor’s office and fill out a form on a clipboard. This information is then transferred to a computer where a patient Electronic Health Record is created or added to. We trust that our healthcare provider has taken the proper precautions to safely store this data. Unfortunately, medical data breaches are on the rise with a 70% increase over the past seven years. In fact, medical testing company LabCorp just announced that it experienced a breach affecting approximately 7.7 million customers.

How exactly did this breach occur? The information was exposed as a result of an issue with a third-party billing collections vendor, American Medical Collection Agency (AMCA). The information exposed includes names, addresses, birth dates, balance information, and credit card or bank account information provided by customers to AMCA. This breach comes just a few days after Quest Diagnostics, another company who worked with AMCA, announced that they too experienced a breach affecting 11.9 million users.

Luckily, LabCorp stated that they do not store or maintain Social Security numbers and insurance information for their customers. Additionally, the company provided no ordered test, lab results, or diagnostic information to AMCA. LabCorp stated that they intend to provide 200,000 affected users with more specific information regarding the breach and offer them with identity protection and credit monitoring services for two years. And after receiving information on the possible security compromise, AMCA took down its web payments page and hired an external forensics firm to investigate the situation.

Medical data is essentially nonperishable in nature, making it extremely valuable to cybercrooks. It turns out that quite a few security vulnerabilities exist in the healthcare industry, such as unencrypted traffic between servers, the ability to create admin accounts remotely, and disclosure of private information. These types of vulnerabilities could allow cybercriminals to access healthcare systems, as our McAfee Labs researchers discovered. If someone with malicious intent did access the system, they would have the ability to permanently alter medical images, use medical research data for extortion, and more.

Cybercriminals are constantly pivoting their tactics and changing their targets in order to best complete their schemes. As it turns out, medical data has become a hot commodity for cybercrooks. According to the McAfee Labs Threats Report from March 2018, the healthcare sector has experienced a 210% increase in publicly disclosed security incidents from 2016 to 2017. The McAfee Advanced Threat Research Team concluded that many of the incidents were caused by failures to comply with security best practices or to address vulnerabilities in medical software.

While medical care providers should do all that they can to ensure the security of their patients, there are steps users can take to help maintain their privacy. If you think your personal or financial information might be affected by the recent breaches, check out the following tips to help keep your personal data secure:

  • Place a fraud alert.If you suspect that your data might have been compromised, place a fraud alert on your credit. This not only ensures that any new or recent requests undergo scrutiny, but also allows you to have extra copies of your credit report so you can check for suspicious activity.
  • Freeze your credit.Freezing your credit will make it impossible for criminals to take out loans or open up new accounts in your name. To do this effectively, you will need to freeze your credit at each of the three major credit-reporting agencies (Equifax, TransUnion, and Experian).
  • Consider using identity theft protection.A solution like McAfee Identify Theft Protection will help you to monitor your accounts, alert you of any suspicious activity, and help you to regain any losses in case something goes wrong.
  • Be vigilant about checking your accounts.If you suspect that your personal data has been compromised, frequently check your bank account and credit activity. Many banks and credit card companies offer free alerts that notify you via email or text messages when new purchases are made, if there’s an unusual charge, or when your account balance drops to a certain level. This will help you stop fraudulent activity in its tracks.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow me and @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post 4 Tips to Protect Your Information During Medical Data Breaches appeared first on McAfee Blogs.

business_strong_caucasian_woman_tablet-300x200-2.jpg

Attention Graphic Designers: It’s Time to Secure Your Canva Credentials

Attention Graphic Designers: It’s Time to Secure Your Canva Credentials 2

Online graphic design tools are extremely useful when it comes to creating resumes, social media graphics, invitations, and other designs and documents. Unfortunately, these platforms aren’t immune to malicious online activity. Canva, a popular Australian web design service, was recently breached by a malicious hacker, resulting in 139 million user records compromised.

So, how was this breach discovered? The hacker, who goes by the name GnosticPlayers, contacted a security reporter from ZDNet on May 24th and made him aware of the situation. The hacker claims to have stolen data pertaining to 1 billion users from multiple websites. The compromised data from Canva includes names, usernames, email addresses, city, and country information.

Attention Graphic Designers: It’s Time to Secure Your Canva Credentials 3

Canva claims to securely store all user passwords using the highest standards via a Bcrypt algorithm. Bcrypt is a strong, slow password-hashing algorithm designed to be difficult and time-consuming for hackers to crack since hashing causes one-way encryption. Additionally, each Canva password was salted, meaning that random data was added to passwords to prevent revealing identical passwords used across the platform. According to ZDNet, 61 million users had their passwords encrypted with the Bcrypt algorithm, resulting in 78 million users having their Gmail addresses exposed in the breach.

Canva has notified users of the breach through email and ensured that their payment card and other financial data is safe. However, even if you aren’t a Canva user, it’s important to be aware of what cybersecurity precautions you should take in the event of a data breach. Check out the following tips:

  • Change your passwords. As an added precaution, Canva is encouraging their community of users to change their email and Canva account passwords. If a cybercriminal got a hold of the exposed data, they could gain access to your other accounts if your login credentials were the same across different platforms.
  • Check to see if you’ve been affected. If you’ve used Canva and believe your data might have been exposed, use this tool to check or set an alert to be notified of other potential data breaches.
  • Secure your personal data. Use a security solution like McAfee Identity Theft Protection. If your information is compromised during a breach, Identity Theft Protection helps monitor and keep tabs on your data in case a cybercriminal attempts to use it.

And, as always, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Attention Graphic Designers: It’s Time to Secure Your Canva Credentials appeared first on McAfee Blogs.

shutterstock_1388508074-300x200.jpg

Are Your Kids Part of the TikTok App Craze? Here’s What Parents Need to Know

Are Your Kids Part of the TikTok App Craze? Here’s What Parents Need to Know 4

Are Your Kids Part of the TikTok App Craze? Here’s What Parents Need to Know 5What phone app has over 150 million active users and more than 14 million uploads every day? You might guess Facebook, Instagram, or Snapchat, but you’d be wrong. Meet TikTok — a video app kids are flocking to that is tons of fun but also carries risk.

What Is It?

TikTok is a free social media app that allows users to create and share short 15-second videos set to favorite music. If your child was a fan of Musical.ly, then he or she is probably active on TikTok since Musical.ly shut down last year and moved all of its users to TikTok. Kids love the app because it’s got all the social perks — music, filters, stickers — and the ability to amass likes and shares (yes, becoming TikTok-famous is an aspiration for some).

The Upside

There are a lot of positive things about this app. It’s filling the void of the sorely missed Vine app in that it’s a fun hub for video creation and peer connection. Spending time on TikTok will make you laugh out loud, sing, and admire the degree of creativity so many young users put into their videos. You will see everything from heartfelt, brave monologues, to incredible athletic stunts, to hilarious, random moments in the lives of teens. It’s serious fun.

Are Your Kids Part of the TikTok App Craze? Here’s What Parents Need to Know 6

Another big positive is the app appears to take Digital Wellbeing (tools in the app that encourage screen time), privacy, and online safety seriously. Its resources tab is rich with tips for both parents and kids.

The (Potential) Downside

As with any other social app, TikTok carries inherent risks, as reported by several news sources, including ABC.

For instance, anyone can view your child’s videos, send a direct message, and access their location information. And, while TikTok requires that users are at least 13 years old to use the app and anyone under 18 must have parent’s approval, if you browse the app, you’ll quickly find that plenty of preteens are using it. A predator could easily create a fake account or many accounts to strike up conversations with minors.

Another danger zone is inappropriate content. While a lot of TikTok content is fun and harmless, there’s a fair share of the music that includes explicit language and users posting content that should not be viewed by a young audience.

And, wherever there’s a public forum, there’s a risk of cyberbullying. When a TikTok user posts a video, that content instantly becomes open for public comment or criticism and dialogue can get mean.

Talking Points for Families

Most social media apps have an inherent risk factor because the world wide web is just that — much of the planet’s population in the palm of your child’s hand. Different age groups and kids will use apps differently. So, when it comes to apps, it’s a good idea to monitor how your child uses each app and tailor conversations from there.

  • Download the app. If your child uses TikTok, it’s a good idea to download the app too. Look around inside the community. Analyze the content and the culture. Are the accounts your child follows age appropriate? Are the comments and conversations positive? Does your child know his or her followers? Is your child posting appropriately?
  • Talk about the risks. Spend time with your child and watch how he or she uses TikTok. Let them teach you why they love it. Encourage creativity and fun, but don’t hesitate to point out danger zones and how your child can avoid them.
  • Monitor direct messages. This may seem invasive, but a lot of the safety threats to your child take place behind the curtain of the public feed in direct messages. Depending on the age of your child (and the established digital ground rules of your family) consider requiring access to his or her account.
  • Adjust settings. Make sure to click account settings to ‘private’ so only people your child knows can access his or her content and send direct messages. Also, turn off location services and consider getting comprehensive security software for all family devices.Are Your Kids Part of the TikTok App Craze? Here’s What Parents Need to Know 7

Apps are where the fun is for kids so you can bet your child will at least check out buzz-worthy platforms like TikTok. They may browse, or they may become content creators. Your best social monitoring tool is to keep an open dialogue with your child. Keep talking with your kids about what’s going on in their digital life — where they hang out, who their friends are, and what’s new.  You may get some resistance but don’t let that stop you from doing all you can to keep your family safe online.

The post Are Your Kids Part of the TikTok App Craze? Here’s What Parents Need to Know appeared first on McAfee Blogs.

McAfee_consumer_1female_smarphone_nature_72dpi-300x200.jpg

Game Golf Exposure Leaves Users in a Sand Trap of Data Concerns

Game Golf Exposure Leaves Users in a Sand Trap of Data Concerns 8

Apps not only provide users with a form of entertainment, but they also help us become more efficient or learn new things. One such app is Game Golf, which comes as a free app, a paid pro version with coaching tools, or with a wearable analyzer. With over 50,000 downloads on Google Play, the app helps golfers track their on-course performance and use the data to help improve their game. Unfortunately, millions of golfer records from the Game Golf app were recently exposed to anyone with an internet connection, thanks to a cloud database lacking password protection.

According to researchers, this exposure consisted of millions of records, including details on 134 million rounds of golf, 4.9 million user notifications, and 19.2 million records in an activity feed folder. Additionally, the database contained profile data like usernames, hashed passwords, emails, gender, Facebook IDs, and authorization tokens. The database also contained network information for the company behind the Game Golf app, Game Your Game Inc., including IP addresses, ports, pathways, and storage information that cybercrooks could potentially exploit to further access the network. A combination of all of this data could theoretically provide cybercriminals with more information on the user, creating greater privacy concerns. Thankfully, the database was secured about two weeks after the company was initially notified of the exposure.

Game Golf Exposure Leaves Users in a Sand Trap of Data Concerns 9

Although it is still unclear as to whether cybercriminals took a swing at this data, the magnitude of the information exposed by the app is cause for concern. Luckily, users can follow these tips to help safeguard their data:

  • Change your passwords. If a cybercriminal got a hold of the exposed data, they could easily gain access into other online accounts if your login credentials were the same across different platforms. Err on the side of caution and change your passwords to something strong and unique for each account.
  • Check to see if you’ve been affected. If you’ve used the Game Golf app and believe your data might have been exposed, use this tool to check or set an alert to be notified of other potential exposures.
  • Secure your online profiles. Use a security solution like McAfee Safe Connect to encrypt your online activity, help protect your privacy by hiding your IP address, and better defend against cybercriminals.

And, of course, to stay updated on all of the latest consumer and mobile security threats, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

The post Game Golf Exposure Leaves Users in a Sand Trap of Data Concerns appeared first on McAfee Blogs.

twitter43-300x169-2.jpg

3 Tips for Protecting Against the New WhatsApp Bug

3 Tips for Protecting Against the New WhatsApp Bug 10

Messaging apps are a common form of digital communication these days, with Facebook’s WhatsApp being one of the most popular options out there. The communication platform boasts over 1.5 billion users – who now need to immediately update the app due to a new security threat. In fact, WhatsApp just announced a recently discovered security vulnerability that exposes both iOS and Android devices to malicious spyware.

So, how does this cyberthreat work, exactly? Leveraging the new WhatsApp bug, hackers first begin the scheme by calling an innocent user via the app. Regardless of whether the user picks up or not, the attacker can use that phone call to infect the device with malicious spyware. From there, crooks can potentially snoop around the user’s device, likely without the victim’s knowledge.

Fortunately, WhatsApp has already issued a patch that solves for the problem – which means users will fix the bug if they update their app immediately. But that doesn’t mean users shouldn’t still keep security top of mind now and in the future when it comes to messaging apps and the crucial data they contain. With that said, here are a few security steps to follow:

  • Flip on automatic updates. No matter the type of application or platform, it’s always crucial to keep your software up-to-date, as fixes for vulnerabilities are usually included in each new version. Turning on automatic updates will ensure that you are always equipped with the latest security patches.
  • Be selective about what information you share. When chatting with fellow users on WhatsApp and other messaging platforms, it’s important you’re always careful of sharing personal data. Never exchange financial information or crucial personal details over the app, as they can possibly be stolen in the chance your device does become compromised with spyware or other malware.
  • Protect your mobile phones from spyware. To help prevent your device from becoming compromised by malicious software, such as this WhatsApp spyware, be sure to add an extra layer of security to it by leveraging a mobile security solution. With McAfee Mobile Security being available for both iOS and Android, devices of all types will remain protected from cyberthreats.

And, as always, to stay on top of the latest consumer and mobile security threats, be sure to follow @McAfee_Home on Twitter, listen to our podcast Hackable? and ‘Like’ us on Facebook.

The post 3 Tips for Protecting Against the New WhatsApp Bug appeared first on McAfee Blogs.

Vox Messenger Logo - 512x512

End-2-End Encrypted. Secure. Ad-Free.
Lightweight and Faster than the Competition.

Vox Messenger is an ad-free, secure and end-2-end encrypted alternative to other popular chat messenger apps.

Available for Free. Whitelabel Corporate Edition Available on Request.

Vox Messenger {Secure} - Communicate safely with our private and secure messaging app | Product Hunt Embed

All Rights Reserved - © Copyright 2020 - Vox Messenger (a Division of Kryotech Ltd.)