Weekly Email Security News Recap #3

Cybercriminals constantly breach networks, steal data, and threaten almost every aspect of the internet nowadays. That’s why we always have email security or cybersecurity news to share. 

Here are the latest top stories of the past week.

 

The U.S. Government Warns About the Illicit Actions of North Korean I.T. workers

The third week of May has already begun with malicious activities and data leakage attempts.

On Monday, the U.S. Department of State, the U.S. Department of the Treasury, and the F.B.I. issued an advisory warning of suspicious activities by North Korean I.T. workers associated with the country’s authoritarian regime.

The U.S. Government warns  U.S. companies to be conscious when hiring remote I.T. freelancers from other countries. According to the agencies,  such North Korean workers have tried to gain access to corporate networks for malicious reasons.

In many cases,  I.T. workers from the Democratic People’s Republic of Korea (DPRK) procure forged documents such as:

  • Passports
  • Work visas
  • Social security cards
  • Credit card and utility statements

They use stolen information to introduce themselves as U.S.-based or pretend to be non-North Korean. The alert provides 16 pages of information about the tactics for getting hired, methods, and interests of North Korea.

Suspected activities of illicit DPRK I.T. workers include:

  • Engaging in malicious cyber-enabled activities
  • Providing logistical support to DPRK-based malicious cyber actors
  • Assisting with the DPRK’s money-laundering and virtual currency transfers
  • Sharing access to virtual infrastructure
  • Enabling the use of data stolen by DPRK cyber actors

The Department of State’s Rewards for Justice program rewards up to $5 million for providing any information about criminal DPRK activities in cyberspace.

 

1.8 Million Texan’s Sensitive Information Exposed by a Data Breach

Moving on to Wednesday, new details have emerged of a massive data breach discovered in January.

The Texas Department of Insurance (TDI) released more information on a breach of 1.8 million Texan’s sensitive data.

As the agency regulating Texas’ insurance industry claims, the leak was due to a programming code error. The error allowed internet access to a protected area of the application.

The audit, published on May 12, discovered that between March 2019 and January 2022, workers’ personal information related to compensation claims may have been accessible to individuals outside of the TDI.

The information includes:

  • Names
  • Dates of birth
  • Phone numbers
  • Addresses
  • Social Security numbers
  • Information about injuries
  • Information about workers’ compensation claims

The TDI previously said they’d send letters to people who may have been impacted by the event. The department also provided a contact number for individuals to check whether their compensation claims are affected. 

However, the TDInever stated how many of the 1.8 million affected Texans received such letters.

After a forensic cybersecurity agency was hired to fix the issue and correct the programming code, the temporarily disconnected TDI web application was put back online.

The state’s insurance department announced that it would organize a 12-month credit monitoring and identity protection service for people affected by the data breach.

 

Conclusion

Although data security awareness has increased, these incidents show that data leaks and breaches are an issue that won’t just disappear. 

Major data breaches hit huge companies every year, and millions of people are affected.

EasyDMARC once again wants to remind you to stay protected and follow best practices to protect your cyberspace.

 

Email Security as a Service

Email Security as a Service

Email security is one of the most important aspects of any business. Why? Because email...

Read More
What’s the Difference Between SPF DKIM and DMARC?

What’s the Difference Between SPF DKIM and DMARC?

SPF, DKIM, and DMARC are the three most important email authentication protocols to prove...

Read More
How to Stop Spam Emails and Save Your Inbox [Corporate Email Edition]

How to Stop Spam Emails and Save Your Inbox [Corporate Email Edition]

Everyone agrees that email is fast becoming the preferred communication channel for businesses and...

Read More