Tag Archive for: bank

ID, bank details, contact information at risk as cyber criminals hack PH Property Bendigo real estate agency

/in


A regional Victorian real estate agency has fallen victim to a data breach.

PH Property Bendigo sent an email to clients yesterday afternoon saying a staff member’s email address was hacked on March 15.

The hackers managed to get past security protocols by the company that include randomised passwords, 2-Factor Authentication for all email accounts, and an in-house internet firewall security system.

The company said four months of data was stolen which could affect about 200 customers. 

Source…

Hatch Bank says hackers used Fortra bug to steal 140,000 customer Social Security numbers

/in


Hatch Bank, a digital-first bank that provides infrastructure for fintech companies offering their own brand credit cards, confirmed hackers exploited a zero-day vulnerability in the company’s internal file transfer software that allowed access to thousands of customer Social Security numbers.

The vulnerability in Fortra’s GoAnywhere file-transfer software came to light on February 2 after security journalist Brian Krebs publicly shared details of Fortra’s security advisory because the tech company had put the advisory behind a login prompt.

The Clop ransomware gang claimed to have exploited the zero-day flaw, tracked as CVE-2023-0669, to steal data from more than 130 organizations. Community Health Systems, one of the largest healthcare providers in the United States, was the first victim to publicly disclose it had fallen victim to the zero-day bug. Hatch Bank, this week, became the second known victim.

In its data breach notification filed with Maine’s attorney general this week, Hatch Bank said that attackers exploited the vulnerability in its GoAnywhere system to steal the names and Social Security numbers of close to 140,000 customers, including 630 individuals based in Maine.

Hatch Bank said that while Fortra (previously known as HelpSystems) learned of the vulnerability in its GoAnywhere software on January 29, the tech company didn’t notify Hatch Bank until February 3 — one day after Krebs revealed news of the GoAnywhere flaw. It’s unclear if these incidents are linked and Fortra declined to answer TechCrunch’s questions.

The notification warned that hackers had unauthorized access to Hatch’s account from January 30 to January 31. “Hatch Bank immediately took steps to secure its files and then launched a diligent and comprehensive review of relevant files to determine the information that may have been impacted,” the bank said in a letter sent to impacted customers on Monday. The bank says that it has also notified federal law enforcement.

The bank says it’s providing those affected by the breach with access to free credit monitoring services. It also said it is working to implement unspecified “additional safeguards”…

Source…

Hack the Bank: how cybersecurity startup Hack the Box raised £45m in a recession

/in


Pylarinos attributes this to the company’s humble, bootstrapped beginnings. Despite having now successfully completed three funding rounds (raising a total of $70m) starting out with just a small amount of savings has meant the founders have prioritised profitability since the firm first began operating three years ago.

“We’ve always been very cost-efficient,” he reveals. “Even after our first two financing rounds, we didn’t spend any of the capital. In the current market, this gives you more points than it used to.”

The last profitable tech company

After a string of high-profile startup failures like Pakistan’s top startup Airlift last year, which previously boasted a huge valuation of $270m, it only holds that investors will recoup their losses by prioritising ‘money in the bank’ over expansion. Pylarinos concurs with this theory.

“[This year] was much harder than previous fundraisers that we did in the past,” he admits. “But there was interest because we were never this traditional startup that burns massive amounts of capital or relies on the next fundraiser to endure.”

So, when crafting a business plan, think cautiously before you emphasise growth over survival. For those of us who are used to reading about tech startups like Uber – which, despite being worth over $50bn, didn’t turn a profit until 2021 – that might be a foreign idea.

“Only a few years back, if you were a company that was not spending capital, that translated as [proof] you are not growing fast enough,” acknowledges Pylarinos. “Yet, we were growing fast enough, and spending less capital.

“With the current market conditions, I think we’re in a perfect spot. The risk of going bust in such conditions where capital is not granted, is much larger.”

Hack the Box team photo

That theory has been proved this week with a string of high-profile tech layoffs including Spotify. The Swedish music-streaming giant announced it would cut 6% of its 10,000 employees on Monday. The company has never turned a full-year net profit.

It sounds like the company could learn a thing or two from Hack the Box. Writing on the company’s blog, Spotify CEO Daniel Ek said, “in hindsight, I was too ambitious in investing ahead of…

Source…

Plumas Bank announces commitment to respecting data by becoming a 2023 Data Privacy Week Champion

/in


Plumas Bank just announced its commitment to Data Privacy Week 2023 by registering as a Champion. As a Champion, the local bank supports the principle that all organizations share the responsibility of being conscientious stewards of personal information. This year’s initiative emphasizes educating businesses on data collection best practices that respect data privacy and promoting transparency

Data Privacy Week is an annual expanded effort from Data Privacy Day — taking place from January 22 – 28, 2023. The goal is to spread awareness about online privacy among individuals and organizations. The goal is twofold: to help citizens understand that they have the power to manage their data and to help organizations understand why it is important that they respect their users’ data.

Plumas Bank Executive Vice President and Chief Information Officer, Aaron Boigon, commented, “Securing our clients’ data is a top priority at Plumas Bank. It’s important to note that everyone has a responsibility to protect their personal data. A few simple ways to protect your data are to create strong passwords and change them often, install trusted computer security software, and check your social media accounts privacy settings regularly. Throughout this week follow Plumas Bank’s social media (Facebook and LinkedIn) for tips on protecting your privacy.”

The National Cybersecurity Alliance has offered up the following themes to help guide individuals and businesses to better data privacy practices:

Advertisement

Data: The Story of You

All your online activity generates a trail of data. Websites, apps, and services collect data on your behaviors, interests, and purchases. Sometimes, this includes personal data, like your Social Security and driver’s license numbers. It can even include data about your physical self, like health data – think about how a smartwatch counts and records how many steps you take.

While it’s true that you cannot control how each byte of data about you and your family is shared and processed, you are not helpless! In many cases, you can control how you share your data with a few simple steps. Remember, your data is precious, and you deserve to be selective about…

Source…