By Byron V. Acohido
Week ending Aug 5. It turns out the HBO hack may have been far worse than the initial leaks of a few unaired TV show episodes suggested. A security company hired by HBO to scrub search results for the hacked files from search engines says hackers stole “thousands of Home Box Office internal company documents.” The disclosure came as part of a takedown notice sent to Google to force the search engine to take down links to the leaked files. The notice also detailed that the hackers did away with “masses of copyrighted items including documents, images, videos and sound.” Hackers approached media outlets with the news that they had broken into HBO’s networks and released episodes of “Ballers,” “Insecure” and “Room 104” as well as the script for an upcoming episode of “Game of Thrones.” Also released by the hackers: Two episodes of “Barry,” the hit-man comedy starring Bill Hader that is not scheduled to air until 2018 on the network. The hackers leaked personal information of a senior HBO executive, containing access information to dozens of online accounts, including online banking, and personal health services. Source: Variety
Amazon halts sales of Blu phone on reports data being sent to China
Amazon has stopped selling Blu smartphones amid concerns that user data is being sent to third-party servers in China. Cybersecurity firm Kryptowire says many Blu smartphone models have been sending full text messages, phone numbers of contacts, and other private information. Blu said a “small fraction” of its devices were behaving in such a way last year, but the phones have been fixed. Source: Tech Radar
Some Anthem Medicare patients’ data may have been exposed
A data breach may have exposed personal health information of more than 18,000 Anthem Medicare enrollees, after one of the insurer’s health care consulting firms discovered that one of its employees had been involved in identity theft. Members’ Social Security and Medicare identification data may have been exposed. Source: CNBC
Echo can be turned into transmitter with malware, researcher says
A hacker could turn an Amazon Echo into an eavesdropping microphone. Security researcher Mark Barnes said anyone can install malware that would stream audio from the hacked device. The technique requires gaining physical access to the Echo, and it works only on devices sold before 2017. But there’s no software fix for older units, and the attack can be performed without leaving any sign of hardware intrusion. Source: Wired
Court rules suit against insurer can go ahead, after all
A class-action lawsuit filed against health insurer CareFirst Blue Cross Blue Shield after a 2014 cyber attack affecting the personal data of 1.1 million individuals is being revived: A federal appeals court ruling has overturned a lower court’s decision to dismiss the case. Source: Bank Info Security
Voting machines prove vulnerable to cyber attack
Hackers at a cybersecurity conference hacked a slew of voting machines, demonstrating to researchers how easy the process can be. The conference acquired 30 machines for hackers to toy with. Every one was hacked. Source: The Hill
Sheriff’s deputy sentenced for using work computer to steal identities
Palm Beach County, Florida, sheriff’s deputy Frantz Felisma, who used his work computer to steal identities, was sentenced to five years in federal prison and ordered to pay $175,000 in restitution. He admitted to stealing dozens of drivers’ identities over an 18-month period. Source: The Fort Lauderdale Sun-Sentinel
Cyber attack takes a bite out of Oreo maker’s bottom line
Cyber attacks are having an impact on corporate earnings. Oreo cookie maker Mondelez, drugmaker Merck and others said that a “worm” attack in the last week of the second quarter disrupted operations. Mondelez reported a 5 percent drop in quarterly sales, blaming shipping and invoicing delays caused by the June 27 attack of the worm NotPetya. Merck warned that NotPetya had halted production of some drugs. The attack also slowed deliveries at FedEx. Source: Fortune
Tax preparer convicted of identity theft involving children
An Ames, Iowa, tax preparer was convicted of wire fraud and identity theft in the preparation of false tax returns. Lony Tap Gat falsely listed his and other children as dependents on his clients’ personal income tax returns, inflating the clients’ refunds. Source: The Associated Press via U.S. News
Hacked car wash could trap driver inside vehicle
Security researchers from Whitescope Security and QED Secure Solutions hacked into a car wash’s system to make it to do things that could damage a vehicle and trap its occupants. The hack requires an automatic car wash that’s connected to the internet. Researchers had bay doors open and close with a vehicle underneath, ignoring sensors meant to prevent this. Hackers also can access the wash’s arm, which can strike the vehicle. Source: CNet
Cyber attacker displays nasty images on digital billboard
Swastikas and far-right images were displayed on a digital billboard in Cardiff, Wales, after a hacker gained control. Cardiff contacted the company that owns and operates the screen, and it was switched off. Source: BBC News
This column originally appeared on ThirdCertainty.com
