IT Security Stories to Watch: Hackers Attack Hard Rock Hotel & Casino
Hackers reportedly used malware to launch a cyber attack against the Hard Rock Hotel & Casino Las Vegas. And as a result, the hotel and casino topped this week's list of IT security newsmakers to watch, followed by CareerBuilder, the University of California, Berkeley (UC Berkeley) and Partners HealthCare. Here's a closer look at four IT security stories to watch during the week of May 4.
Hackers reportedly used malware to launch a cyber attack against the Hard Rock Hotel & Casino Las Vegas.
And as a result, the hotel and casino topped this week’s list of IT security news makers to watch, followed by CareerBuilder, the University of California, Berkeley (UC Berkeley) and Partners HealthCare.
What can managed service providers (MSPs) and their customers learn from these IT security news makers? Check out this week’s list of IT security stories to watch to find out:
1. Hackers rock Hard Rock Hotel & Casino
A malware attack may have allowed hackers to steal credit card information used at the Hard Rock Hotel & Casino Las Vegas’ retail and service locations, according to Reuters.
The attack, discovered on April 3, may have impacted credit or debit card transactions between Sept. 3, 2014 and April 2, 2015, Hard Rock Hotel & Casino officials said. In addition, the possible data breach may have included customer names and credit card numbers, company officials noted, but PIN numbers or other sensitive customer information were unaffected.
Hard Rock Hotel & Casino officials said they are working with law enforcement and credit card companies to investigate the incident.
2. Proofpoint discovers CareerBuilder phishing attack
Security-as-a-service (SECaaS) provider Proofpoint recently detected a CareerBuilder phishing attack.
Hackers used phishing and social techniques to lure job seekers into opening a malicious document, Proofpoint said, and all job search websites could be susceptible to similar attacks as well.
“In this attack, the actor browses open positions listed on CareerBuilder.com, a popular online job search and recruiting service, and attaches resumes to job postings as malicious documents in Microsoft Word format. In this specific case, we observed the actor attach a Word document named ‘resume.doc,’ or ‘cv.doc,'” Proofpoint wrote in a blog post. “Proofpoint contacted CareerBuilder to alert [it] to this threat, and [the company] took prompt action to address the issue.”
3. UC Berkeley releases details about data breach
UC Berkeley officials are alerting current students and other individuals about a computer data breach that may have resulted in unauthorized access to their Social Security numbers or other personal information.
“The data breach involved unauthorized access to a campus web server maintained by a unit within UC Berkeley’s Division of Equity and Inclusion,” the university said in a prepared statement. “The server was used to store information including family financial information submitted by students. This included documents containing Social Security and bank account numbers.”
Roughly 260 undergraduate students and former students and 290 parents and other individuals may have been affected by the data breach, UC Berkeley said. Paul Rivers, UC Berkeley’s interim chief security officer, also noted that the university is offering free credit monitoring services for one year to those who might have been impacted.
4. Partners HealthCare discloses data breach
Partners HealthCare has notified 3,300 patients about a data breach. Patients at Massachusetts General Hospital, Brigham and Women’s Hospital and several other affiliated hospitals may have been affected by the incident.
The Associated Press reported that Partners officials found out that some of its workers received phishing emails and responded to these messages in November. These emails may have contained patient information, Partners said, such as names, addresses, telephone numbers and Social Security numbers.
Partners last week noted that it contacted law enforcement and has taken steps to secure email accounts. The Boston-based nonprofit healthcare system also said it has no evidence that any patient information has been misused.
What do you think will be the biggest IT security stories for MSPs this week? Share your thoughts in the Comments section below, via Twitter @dkobialka or email me at [email protected].
About the Author
You May Also Like