It is hard keeping up with the rate of cybersecurity news updates these days, so SWK Technologies has compiled this recap of our top stories from July and August 2021 to help you stay on top of the latest events. This month’s collection includes some of the opening security legislation from the House side of Congress as well as developments in data breaches new and old to watch out for.
Here are some of the top cybersecurity news stories for August 2021:
Congress Ramping Up Cybersecurity Legislation
In response to cyber attacks like the SolarWinds breach and the Colonial Pipeline ransomware incident that put a significant amount of public services at risk, the US Congress has reprioritized the government’s approach to cybersecurity with new legislation. While the Senate was debating the details of Biden’s infrastructure proposal, their colleagues in the other chamber managed to pass eight separate bills related to mobile security and similar factors through the House Committee on Energy and Commerce. A list of each bill and its details can be found in statement by Committee Chairman Frank Pallone (D – N.J.) published here.
Stay tuned for more updates in September, including a review of the impact of the cybersecurity funding included in the Senate’s infrastructure bill, the Infrastructure Investment and Jobs Act (INVEST).
T-Mobile Breach Leaks Data of 40 to 100 Million Customers
On Tuesday August 17, 2021, T-Mobile announced that it had completed an investigation into claims of a data breach made the previous week and confirmed that information from over 40 million accounts had been breached. Some news outlets have quoted the supposed seller of the information as claiming the real number is 100 million, and that the data had been stolen straight from T-Mobile’s servers. Though T-Mobile claims there was no indication financial information like credit card numbers were taken, it has been confirmed that the leak includes first and last names, DOBs, SSNs, and driver’s license details.
92% of LinkedIn Users’ Data Breached
In late June 2021, over 700 million LinkedIn users’ information was put up for auction on the dark web, which represents over 90% of the total userbase on the site. This comes only a few months after a trove of over 500 million user account credentials were reported to be leaked in a similar manner. Cybersecurity experts claim that the hacker behind the more recent leak gained access data by exploiting the platform’s API (Application Programming Interface) which allows two servers to communicate with each other and that when hacked can be leveraged for “data scraping.”
Kaseya Holiday Ransomware Breach
Over the July 4, 2021 weekend, a group of hackers targeted the customers of software supplier Kaseya, an attack which could have one of the broadest ransomware impacts ever given the size of Kaseya’s client base. CEO Fred Voccola claims that “fewer than 40” of their customers were affected, but some cybersecurity experts claim that this number is probably much larger. Victims could reach the tens of thousands. While there is no official report detaining the perpetrators of this attack at this time, many believe it to be the work of the notorious ransomware gang, REvil.
Contact SWK for More Cybersecurity Education and Awareness
It can be easy to get overwhelmed by the sheer volume of new data breaches, but it is important to stay on top of your protections and best practices to ensure an errant leak does not expose your entire business network. Discover how to better prepare your first and last line of defense against cyber threats as well as stay informed of the biggest dangers to you by reaching out to SWK Technologies today.
Contact SWK to learn about the solutions we have that will help you protect your business from the latest and recurring cyber threats.