MVP Blog

Search Our Site

meetme.png
MeetMe: A dating social media app that connects people based on location. Users are encouraged to meet in person.

WhatsApp.jpg
WhatsApp: A messaging app that allows texts, video calls, photo sharing and voicemails with users worldwide.

Bumble.jpg
 Bumble: Similar to Tinder, but requires women to make the first contact. Law enforcement says kids and teens can create fake accounts and falsify their age.

live.me.png
 Live.Me: A live-streaming app that uses geolocation to share videos. The sheriff's office said users can earn "coins" to "pay" minors for photos.

askfm.png
Ask.FM: The sheriff's office said this app lets users ask anonymous questions and is known for cyberbullying.

grindr.jpg
Grindr: A dating app geared toward the LGBTQ community based on user location.

tiktok.png
TikTok: A new app popular with kids lets users create and share short videos. Law enforcement said the app has "very limited privacy controls" and users can be exposed to cyberbullying and explicit content.

snapchat.png
Snapchat: One of the most popular social media apps in the world, Snapchat lets users take and share photos and videos. The app also lets people see your location.

hola.png
Holla: This self-proclaimed "addicting" video chat app lets users meet people in seconds. Law enforcement said users have seen racial slurs and explicit content.

calculator.jpg
Calculator+: Police say this is one of several apps that are used to hide photos, videos, files and browser history.

scout.png
Skout: A location-based dating app that is supposed to prohibit people under 17 from sharing private photos. However, police say kids can easily create an account with a different age.

badoo.png
Badoo: A dating and social media app where users can chat and share photos and videos based on location. Police say the app is supposed to be for adults only, but they've seen teens create accounts.

kik.png
Kik: Police say kids can bypass traditional text messaging features using this app. Kik "gives users unlimited access to anyone, anywhere, anytime," the sheriff's office said.

wisper.png
Whisper: An anonymous social network that lets users share secrets with strangers. Police say it also shows users' location so people can meet up.

hotOrNot.png
Hot or Not: The app lets users rate profiles, check out people in their area and chat with strangers. Police say the goal of the app is to hook up.

 

dataExposedInEmail.pngApproximately 25,000 patients are being notified by Adirondack Health that their protected health information (PHI) may have been obtained by a hacker.

Vermont-based Adirondack Health is part of the Adirondacks Accountable Care Organization (ACO). Adirondacks ACO analyses health data for the entire region and is made up of all the Adirondack region’s hospitals.

The Breach

On March 4, 2019, it was discovered that an unauthorized individual had accessed an employee’s email account for two days. After discovering the unauthorized access, Adirondacks ACO began checking every email and attachment in the affected employee’s account, looking for any PHI that may have been accessed.

Adirondacks ACO discovered that two employees had been discussing information regarding patients who had missed a baby wellness exam and other screenings, as part of their population health analysis. The employees were planning to send the information, contained in a “gap-in-care” spreadsheet, to providers so they could determine how to contact their patients.

That’s when an unauthorized individual from outside the U.S. remotely obtained access to the email account. At this time, no evidence suggests that the email was opened by the unauthorized party, however, the possibility could not be ruled out.

The Exposure

The unauthorized access was not due to a phishing attack, and a spokesperson for Adirondack Health stated he does not believe the employee could have avoided it. The spokesperson also stated that policies are being changed as a result of the incident.

Information contained in the exposed spreadsheet includes patients’ names, dates of birth, Medicare ID numbers, health insurance member numbers, as well as limited treatment and/or clinical information. Some patients also had their Social Security numbers listed.

Adirondacks ACO began notifying patients of the breach in early July. 25,000 letters of notification have been sent to affected patients, with only a few remaining.

For patients who had their Social Security numbers listed on the spreadsheet, free credit monitoring and identity protection will be provided by Adirondacks ACO.

The post 25,000 Patients’ Data Exposed in Email Hack appeared first on HIPAA Secure Now!.

 

 

Facebook Status: Away on Vacation

Socihackers_social_media.pngal media is great for a lot of things.  Sharing photos, reconnecting with old friends, finding like-minded people and groups to share ideas and hobbies.  But when does sharing become oversharing?

Hackers gain access to your personal data via your profile and the information you share there – and you don’t even realize it’s happening.  Photos with your children and pets with identifying names on them, locations of where you’ve been, or where you are currently on vacation.

By posting this all and not ensuring that your profile is private or protected, you are handing over valuable information that attackers can use to guess passwords or hack your accounts while you are away on vacation, – and likely less engaged with the day to day happenings – like bank account deductions. Not away on vacation? That doesn’t mean you’re off the hook either.

Tagged in a photo from that recent work conference?  Now they know where you work and what you do for a living.  Some people even post detailed resumes online that give away an incredible amount of information.

While your likes and dislikes can create online engagement for you, it can also be a goldmine for marketing agencies and now cybercriminals who can not only guess your whereabouts and possible login information, but they can also create duplicate (fake) online profiles using all of the personal information you’ve shared.  Using professional headshots only adds to their bank of resources and credibility.

How to Avoid Oversharing

Make sure your profile security is set to the strictest parameters available.  Do not allow yourself to be “tagged” without approval.  Do not indicate when you are traveling – wait until you are home to share photos and stories.

Professionally speaking, give details that are headlines, but not entire outlined details of your experience and career.

Social media isn’t going away, and the power it holds can be used for wonderful things to enrich your life.  Just be sure that you aren’t giving away too much to the wrong people.

The post Hackers Using Social Profiles appeared first on HIPAA Secure Now!.

Credential Stuffing

trojanHorse.pngEvery year it seems there’s a constant slew of major hacks at big companies that end up with millions of username/password pairs being compromised. These results in the real world are what’s known as credential stuffing. Credential stuffing is when hackers use long lists of stolen login credentials in a large-scale automated attempt to log into various websites. Therefore users should make their credentials more secure and not something not commonly used.

Banking Trojans

In network security terms, a Banker trojan- horse or (Banker Trojan) is a malicious program used to obtain confidential information about victims via online banking and payment systems. How a banking trojan works is it disguises itself as a genuine app or software that users download and install. Once installed it positions itself in a way to access your banking details. Once it has the login information, it can beam it back to the malware developer granting them access to your bank account. Easy right?

Quantum Cryptography

Quantum cryptography is the science of exploiting quantum mechanical properties to execute cryptographic tasks. Essentially, quantum cryptography is based on the usage of individual particles/waves of light (photons) and their intrinsic quantum properties to develop an unbreakable cryptosystem - essentially because it is impossible to measure the quantum state of any system without disturbing that system. It is theoretically possible that other particles could be used.

 


 

momo.pngMomo, with its bulging eyes and stringy hair, reportedly appears on sites or apps like WhatsApp, Facebook and YouTube, sometimes in conjunction with kids’ videos meant to depict the popular game "Fortnite" or kids show character Peppa Pig. A trend called the “Momo Challenge” has been stirring up fervor in recent weeks. This terrifying doll asks the viewer to participate in challenges that range from innocuous to deadly including murdering and suicide. This “character” has been appearing around the internet for at least a year, according to international police agencies and news outlets. These videos are targeting children.

Educating Your Children

While the MoMo challenge is nothing more than a viral hoax, it still lays the underlying problem that your kids need to be educated and careful when on the internet, even if you think they are watching something as simple as their favorite kid show on YouTube. It’s not just this creepy character that kids need to be aware of on the Internet but of various things from disturbing content to cyber criminals aiming to extort information. 

History

To clear things up, this isn’t the first sighting of “the Momo challenge” but it has resurfaced, and people are still unaware of its presence on the internet. This is nothing more than an internet hoax that is reappearing that reminds us to watch over what our kids are doing on the internet and what they might be, being exposed to.

 


 

Contact Us Today!