Share Blog post
The telecommunications relay services (TRSs) systems used by all major Canadian internet service providers are impacted by a local file disclosure vulnerability. The vulnerability was caused by improper input sanitization. If exploited, the flaw could allow attackers to steal passwords from configuration files across multiple providers, compromise affected providers using the stolen passwords, and then potentially launch a large-scale identity theft operation against Canadians. Fortunately, Canadian ISPs have patched the bug.
Fortnite, one of the most popular games in the world, was hit by a data breach and children's information was found up for sale on the dark web. Scammers have been selling players' login and passwords for $2.61 each - allowing buyers to rack up huge in-play charges on the accounts of unsuspecting gamers.
The data of current and former staff and students of the Eastern Maine Community College (EMCC) in Bangor could have been exposed due to a potential breach. Usernames and passwords along with personal information, like dates of birth and Social Security numbers, could have been accessed in the breach. 42,000 current and former students are being notified that certain computers were recently infected with malware and may have been hacked.
Augusta University breach
Georgia-based Augusta University Health fell victim to a phishing attack that could have impacted personal records of 417,000 patients. The breached data includes medical records, treatment information, surgical details, diagnoses, medication, dates of services, and more. In some cases, patients' Social Security Numbers and driver’s license numbers were also compromised.
Posted on: August 20, 2018
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.