3 Interesting Articles 

Exclusive: FBI says it has ‘contained’ cyber incident on bureau’s computer network  

CNN:  The FBI was recently targeted in a malicious cyber incident involving computer systems used in child sexual exploitation investigations. Sources say that the FBI New York Field Office was attacked, which is one of the bureau’s biggest and highest profile offices. The bureau states that the hack was an isolated incident and has been contained but the origin is still being investigated. Beyond the breach, it seems the department needs to review its data storage policies especially when dealing with evidence of such an incredibly sensitive nature. 

California Health Network Data Breach Impacts Over 3 Million People

Health News:  One of the largest private healthcare networks in the US, Heritage Provider Network (HPN), was victim of a ransomware attack in December but 3.3 million affected patients were not aware of the data breach until a couple weeks ago. HPN notified patients that personal information such as their name, date of birth, laboratory test results, diagnosis and treatment, and other personal information may have been stolen.  Healthcare organizations continue to get attacked by ransomware groups and as we reported last week, the annual number of ransomware attacks on health care delivery organizations more than doubled from 2016 to 2021, exposing the personal health information of nearly 42 million patients and causing disruptions to patient care. 

Sensitive US military emails spill online

Tech Crunch: An exposed server of the Department of Defense (DoD) had internal U.S. military emails exposed to the open internet for the last two weeks. The exposed server was hosted on Microsoft’s Azure government cloud for the DoD and typically contains sensitive but unclassified government data. The server stored about three terabytes of internal military emails, many connected to the U.S. Special Operations Command, or USSOCOM, the U.S. military unit tasked with conducting special military operations. Most likely human error caused a misconfiguration which left the server without a password. A senior Pentagon official confirmed that USSOCOM was notified of the exposed server and USSOCOM states that they are currently investigating the issue but that no one hacked their information systems. 

2 Stats You Should Know

Most companies are sitting on exposed data in the cloud – a whopping 81 percent of organizations have had sensitive SaaS data exposed. (source) 

Only 10-12% of all estimated cybercrime victims report cybercrime incidents in the United States. (source) 

1 More Thing 

Funny joke to end the week: what do you tell a hacker after a bad breakup? (source)

There are plenty of phish in the sea!