IT Security Stories to Watch: UPS Data Breach, New Tripwire Survey
United Parcel Service (UPS), Tripwire and Community Health Systems are three of this week's IT security newsmakers.
A data breach can impact any organization–just look at the United Parcel Service (UPS).
The North American shipping and logistics company last week announced customer data was compromised at 51 UPS Stores.
UPS is already offering identity-protection and credit-monitoring services to any customers who may be affected by the data breach.
What can managed service providers (MSPs) and their customers learn from this data breach? Check out this week’s IT security stories to watch to find out:
1. Hackers attack UPS Stores
UPS said data from approximately 105,000 customer transactions was compromised due to a cyber attack that took place between January and August. Hackers allegedly used malware to capture data from point-of-sale (POS) machines at UPS Stores.
Tim Davis, president of the UPS Store division, told Fortune his company has resolved the issue.
“As soon as we became aware of the potential malware intrusion, we deployed extensive resources to quickly address and eliminate this issue. Our customers can be assured that we have identified and fully contained the incident,” he said.
2. Tripwire examines Target data breach’s impact on cybersecurity
Security and compliance solutions provider Tripwire found last year’s Target (TGT) data breach has had far-flung effects on many organizations thus far.
Tripwire last week released the results of a survey of 215 attendees at the Black Hat USA 2014 security conference in Las Vegas and pointed out:
42 percent of respondents said the Target breach had a greater impact on their security budgets.
31 percent said the Target breach had a greater influence on their executives’ security awareness.
22 percent said targeted threats had a greater impact on their security budget.
“We all tend to be swayed by the most recent information security events,” Dwayne Melancon, Tripwire’s chief technology officer, said in a prepared statement. “The responses to this survey are consistent with that behavior, and it’s a reminder that we all tend to relax our vigilance and become complacent over time. Instead of focusing on the latest breach headlines, I recommend that each organization focus on the equivalent of the Target breach for their specific business. This approach helps to focus resources on events that would inflict the most brand and customer damage.”
3. Community Health Systems suffers data breach
Community Health Systems (CHS), one of the largest hospital healthcare providers in the United States, announced confidential information about 4.5 million patients was stolen as part of a cyber attack.
CHS officials said they believe the attack originated in China and the compromised information was “non-medical in nature.”
Becker’s Hospital Review listed CHS as the second-largest for-profit hospital operator as of June 2013.
CHS will provide identity-theft protection to those who may be affected by the data breach, according to Forbes.
4. “Backoff” malware won’t go away
The U.S. Department of Homeland Security (DHS) is warning U.S. retailers about Backoff malware.
This cybersecurity threat was first identified in October 2013, and DHS officials said it has affected more than 1,000 U.S. businesses to date.
The malware targets cash-register systems in stores, The New York Times reports.
DHS, meanwhile, is urging all companies to check for possible malware infection.
What do you think will be the biggest IT security stories for MSPs this week? Share your thoughts in the Comments section below, via Twitter @dkobialka or email me at [email protected].
About the Author
You May Also Like