Secret CISO 9/16: TMI and Express Services Data Breaches, Biometric Information Not Covered by Insurance, 23andMe $30M Settlement, and Google GCP Flaw Fixed
Welcome to today's issue of Secret CISO, your daily digest of the most impactful cybersecurity news. Today, we delve into a series of data breaches that have rocked various sectors, from healthcare to payment processing. The Maids International and Express Services have both filed notices of data breaches, potentially exposing consumers' sensitive information.
Meanwhile, Access Sports Medicine & Orthopedics and payment processing company Slim CD are also dealing with the aftermath of data breaches, the latter affecting nearly 1.7 million consumers. In a significant legal development, 'Data Breach' Insurance has been ruled not to cover Biometric Information Collection, a decision that could have far-reaching implications for businesses and their insurance policies.
On the prevention front, we explore the importance of Privileged Access Management in establishing Zero Trust, a crucial step in mitigating data breaches. We also share tips on how to delete your Glassdoor account and remove all data, a proactive measure in an era of increasing data breaches.
In other news, 23andMe has agreed to pay $30 million to settle a lawsuit over a 2023 data breach, highlighting the costly repercussions of data security failures. Finally, we touch on the rising threat of cyberattacks in the restaurant industry and the launch of Pennsylvania's new online portal for data breach reporting. Stay tuned for more updates on these stories and other cybersecurity news. Stay safe, stay informed with Secret CISO.
Data Breaches
- The Maids International Data Breach: The Maids International, LLC (TMI) has filed a notice of a data breach with the Attorney General of Massachusetts. The details of the breach, including the number of affected consumers and the nature of the compromised data, are yet to be disclosed. Source: JD Supra
- Express Services Data Breach: Express Services, Inc. has reported a data breach to the Attorney General of Texas. The breach reportedly involved the leak of consumers' Social Security information. The extent of the breach is currently under investigation. Source: JD Supra
- Slim CD Data Breach: Payment processing company Slim CD has suffered a data breach that exposed the personal information of nearly 1.7 million consumers. The company is yet to provide details on the nature of the compromised data. Source: Top Class Actions
- 23andMe Data Breach Settlement: Genetic testing company 23andMe has agreed to pay $30 million to settle a class-action lawsuit over a data breach that resulted in hackers accessing data of more than 6.9 million customers. The company will also provide affected customers with three years of access to a security monitoring program. Source: Fox Business
- Fortinet Customer Data Breach: Cybersecurity firm Fortinet has confirmed a data breach involving 440GB of customer information. The breach was reportedly carried out by a hacker known as "Fortibitch" who released the data on BreachForums. Source: OODA Loop
Security Research
- Google GCP Flaw Fixed After Composer Vulnerability Found: Google has patched a critical security flaw within its Google Cloud Platform Composer, thanks to the efforts of security researcher Liv Matan. The flaw could have led to potential security breaches and data leaks. Source: CRN
- Universities conduct research for food security: A team of researchers at the UGA Center for Food Safety is exploring the use of antimicrobial blue light to eliminate pathogens, a breakthrough that could significantly enhance food security. Source: EnidNews
- Entro Security Labs Releases Non-Human Identities Research Security Advisory: Entro Security, a pioneer in Non-Human Identity (NHI) and Secrets Management, has released a research report highlighting alarming trends in the handling of both human and NHIs, with significant misconfigurations and risks prevalent. Source: DevOps
- Researchers at Embry-Riddle Explore the Impacts of Trust and Fear on Aviation Safety: Dr. Truong's research at Embry-Riddle University is shedding light on how trust and fear affect safety culture in aviation, potentially opening new avenues for reducing maintenance errors. Source: ERAU News
- Botnets are Still Exploiting IoT: What Needs to be Done: Despite ongoing efforts to secure the Internet of Things (IoT), botnets continue to exploit devices with factory default usernames and passwords, highlighting the need for more robust security measures. Source: SC Media UK
Top CVEs
- CVE-2024-46943 - OpenDaylight Authentication Vulnerability: An issue was discovered in OpenDaylight Authentication, Authorization and Accounting (AAA) through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration. This could lead to potential unauthorized access and control. Source: CVE-2024-46943
- CVE-2024-46938 - Sitecore Experience Platform Vulnerability: An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through 10.4 Initial Release. An unauthenticated attacker can read arbitrary data, potentially leading to information disclosure. Source: CVE-2024-46938
- CVE-2024-39613 - Mattermost Desktop App Vulnerability: Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put a cmd.exe file in the Downloads folder of a user's machine to cause remote code execution. This could lead to potential unauthorized access and control. Source: CVE-2024-39613
- CVE-2024-24968 - Intel(R) Processors Vulnerability: Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access. This could lead to potential service disruption. Source: CVE-2024-24968
- CVE-2024-46942 - OpenDaylight Model-Driven Service Abstraction Layer Vulnerability: In OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering environment. This could lead to potential unauthorized access and control. Source: CVE-2024-46942
Final Words
And that's a wrap for today's edition of Secret CISO. We hope you found these updates helpful and informative. Remember, in the world of cybersecurity, knowledge is power. Stay informed, stay vigilant, and most importantly, stay secure. If you found this newsletter beneficial, please consider sharing it with your friends and colleagues. We're all in this together, and the more we know, the safer we'll be.
Until next time, keep your data close and your security closer. Stay safe out there.