Weekly Email Security News Recap #3 [June 2022]
With the third week of June over, we bring you the top email security breach news and cybersecurity news.
The past week was quite dynamic regarding cybercrime and email security breach news.
From a US deputy marshal violating private data to 70,000 patients impacted in a data breach, here’s the week’s most important news.
Deputy US Marshal Charged with Abusing His Official Position
A US deputy marshal has recently been accused of abusing his official position. He accessed online records and tracked the location of his former co-workers.
The US lawman is 48 year-old Adrian Pena from Texas.
Pena uploaded fraudulent law enforcement records to the Securus system, which is used for police work.
His goal? To track the people he had a personal relationship with. Pena’s “investigation” also affected the targets’ partners—he traced their addresses too.
As a result, the deputy will face many years in prison if convicted of faking records and obtaining confidential personal data. He has been charged with 11 counts of the latter offence, each carrying a sentence of up to ten years.
Department of Justice investigators stated that Pena lied about using the Securus service for personal reasons. He also convinced one of his victims to sign a false testimony about giving Pena unlimited access to cell phone information.
The DOJ gave no further information about when Pena’s case will be heard in court.
Free Beer For Father’s Day Scam Goes Viral
The cybersecurity news of the past week is connected to Father’s Day.
A message has gone viral on WhatsApp as recipients share the opportunity to win with friends.
The reality is there’s no free beer for Father’s day; it’s just another opportunity for cybercriminals to trick people and steal their data. The viral message includes an embedded link—likely loaded with malware or other malicious script.
WhatsApp has warned users not to reveal PIN codes to strangers and set up two-step verification for more protection.
Heineken has also spoken out about the fraud with a tweet confirming it had reported the case to law enforcement.
Up to 70,000 Patients Impacted in Kaiser Permanente Data Breach
The week began with a massive data breach affecting 69,589 individuals.
On Monday, this email security breach news story made headlines. It concerns the protected medical information of patients at Kaiser Foundation Health Plan of Washington.
It’s unclear who’s behind the breach, but according to Kaiser Permanente’s website notice, an unauthorized party had accessed one employee’s emails.
The compromised emails led to a data breach which took place in early April, and may have exposed patients’:
- First and last names
- Medical record numbers
- Dates of service
- Laboratory test results
- Doctor’s data
According to Kaiser Permanente, no financially sensitive information like credit card numbers or Social Security numbers were exposed in the data breach.
The American health plan provider stopped the unauthorized access within hours and initiated an investigation to determine the scope of the incident.
Kaiser Permanente began notifying impacted patients about the potential fraud by mail on June 3.
Regulators from the US Department of Health and Human Services Office for Civil Rights report 69,589 records exposed in the email security breach at Kaiser’s Washington unit.
With the increasing number of online services like streaming, shopping, and banking, it’s no surprise that cybercrime is also skyrocketing.
In cyberspace, threat actors can carry out their illicit actions without being caught or punished. This is a modern problem that big and small companies, individuals, and each of us face daily.
EasyDMARC reminds you to follow cyber hygiene and offers the easiest ways to protect your domain.