IT Security Stories to Watch: OPM, U.S. HealthWorks Data Breaches

The U.S. Office of Personnel Management (OPM) recently was compromised, the U.S. Department of Homeland Security (DHS) said last week. And as a result, the OPM tops this week's list of IT security news makers to watch, followed by U.S. HealthWorks, the Dyre malware and CTERA Networks. Here are four IT security stories to watch for the week of June 8.

Dan Kobialka, Contributing writer

June 8, 2015

3 Min Read
IT Security Stories to Watch: OPM, U.S. HealthWorks Data Breaches

Who was responsible for the recent U.S. Office of Personnel Management (OPM) data breach? Congressman Michael McCaul told CBS News that Chinese hackers could be the culprits in the incident that resulted in the theft of personal information from more than 4 million current and former federal employees.

And as a result, the OPM tops this week’s list of IT security newsmakers to watch, followed by U.S. HealthWorks, the Dyre malware and CTERA Networks.

What can managed service providers (MSPs) and their customers learn from these IT security news makers? Check out this week’s list of IT security stories to watch to find out:

1. Hackers attack OPM

The OPM was compromised last month, the U.S. Department of Homeland Security (DHS) said last week. McCaul said the incident was “the most significant breach of federal networks in U.S. history.”

OPM officials identified the breach of the office’s systems and the U.S. Interior Department‘s data center, which is shared by other federal agencies. DHS is monitoring federal networks for any suspicious activity and working with the affected agencies to investigate the incident.

Also, an unnamed U.S. official told The Associated Press that the data breach could potentially affect every federal agency.

2. U.S. HealthWorks gets breached

California-based healthcare service provider U.S. HealthWorks has suffered a data breach. The incident occurred after an unencrypted employee laptop was stolen from one of the company’s vehicles.

“On May 5, 2015, we determined that the employee’s laptop was password protected, but it was not encrypted. After conducting a thorough review, we determined that the laptop may have contained files that included your name, address, date of birth, job title and Social Security number. Although we continue to work with law enforcement, at this time, the computer has not been located,” U.S. HealthWorks said in its notice letter to employees.

U.S. HealthWorks employs 3,600 workers, but PYMNTS noted that it remains unclear how many workers may have been affected by the incident.

3. Dyre malware attacks on the rise

Trend Micro researchers found that there was a 125 percent year-over-year increase in Dyre-related infections worldwide in the first quarter of 2015.

Researchers pointed out that roughly seven in 10 users infected in the first three months of this year came from Europe (39 percent) and North America (38 percent) regions. Asia Pacific ranked third with 19 percent of the infections.

The Dyre Trojan was originally identified in June 2014 and reportedly has been used in phishing campaigns across the globe, including attacks against JPMorgan Chase (JPM) and Bank of America (BAC), according to IBM Security Intelligence.

4. Are security concerns driving EFSS adoption?

A new CTERA study revealed that security and data governance concerns within the enterprise are driving enterprise file sync and share (EFSS) adoption.

The study showed that 35 percent of organizations experienced corporate data leakage in 2014 as a result of employees sharing files via often-unsanctioned FSS services, up 4 percent year over year. This trend is likely to increase as enterprises battle to gain more visibility and control over information stored in the cloud, CTERA said.

“An increasing number of data leakage events, and a desire to exercise more control over file sharing and data protection, are forcing organizations to investigate and deploy alternatives to public cloud storage services,” Rani Osnat, CTERA’s vice president of strategic marketing, said in a prepared statement.

What do you think will be the biggest IT security stories for MSPs this week? Share your thoughts in the Comments section below, via Twitter @dkobialka or email me at [email protected].

About the Author(s)

Dan Kobialka

Contributing writer, Penton Technology

Dan Kobialka is a contributing writer for MSPmentor and Talkin' Cloud. In the past, he has produced content for numerous print and online publications, including the Boston Business Journal, Boston Herald and Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State College (now Bridgewater State University). In his free time, Kobialka enjoys jogging, traveling, playing sports, touring breweries and watching football (Go Patriots!).  

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like