News

Chattanooga Cybersecurity Firm to Double Workforce

Chattanooga Cybersecurity Firm to Double Workforce

A Chattanooga, Tennessee, information technology infrastructure and cybersecurity consulting firm has unveiled an $8m expansion plan that will see its workforce double by 2023.

Currently, the Conversant Group operates with 46 employees from its headquarters on Cowart Street. On Monday, the company’s president and chief listening officer, John Anthony Smith, revealed plans to relocate the firm to a new site on Chattanooga’s Southside.

To facilitate the move, Conversant has purchased property at 1600 Broad Street on which it plans to erect a new four-story building. Upon completion, the building will become the company’s new headquarters.

According to Smith’s executive assistant, Chris Roach, the new headquarters will cost between $8m and $9m to erect and should be in use within the next two to three years. 

The city’s Industrial Development Board awarded a $10,000 small business incentive grant to Conversant on Monday to assist the company with the creation of new jobs. 

Conversant said the expansion would create around 46 new jobs for the city. 

“These are jobs you want in Chattanooga,” said Smith, adding that about two-thirds of the company’s employees receive an annual salary greater than $80,000.

Conversant was founded by Smith in 2009. The majority of the company’s work comes from large North American cities, including Cincinnati, Los Angeles, San Francisco, and Chicago. 

Describing what the company achieves in laymen’s terms, Smith said: “You’ve heard of cities and companies getting hacked. It can be devastating. The Chinese, the Russians—they don’t stop. 

“We’re constantly fighting to keep them out. If they do get in, we kick them out.”

Expanding to a larger site on Cincinnati’s Southside will cause Conversant employees to inhale more than just the sweet smell of success. The area is known for the odors that emanate from the Pilgrim’s Pride chicken processing plant.

“The chicken plant is bad for our city,” said Smith. “Our city stinks.”

Smith began his IT career in 1994 at the age of 14 at Thompson Machinery Commerce Corporation of Lavergne in Tennessee. Two years later, Smith founded his first company, Computech. 

Conversant is Smith’s third company. The dynamic entrepreneur founded his second company, NetAlliant Technologies, in 2002 and sold it in 2008.

Premium Domain Names – transcom.uk
Transcom ISP – The UK’s Best Business ISP
DoubleCheck any website at doublecheck.uk

Report Reveals Worst State for Healthcare Data Breaches in 2019

Report Reveals Worst State for Healthcare Data Breaches in 2019

A report into the spate of data breaches that ripped through America’s healthcare industry last year has revealed that more breaches happened in Texas than in any other state. 

The “2019 Healthcare Data Breach Report” published yesterday by HIPAA Journal shows that healthcare data breaches involving the exposure of 500 or more records occurred in every state with the exception of North Dakota and Hawaii. The Lone Star State was the worst hit, with 60 breaches recorded, followed by California, which suffered 42. 

Citing figures from the Department of Health and Human Services’ Office for Civil Rights’ breach portal, the report showed a huge year-on-year increase in both the number of breaches that occurred and the quantity of patient records exposed. 

The report found that 510 healthcare data breaches in which 500 or more records were exposed were reported in 2019, representing a 37.4% increase over the 371 such breaches reported in 2018. The total number of patient records exposed shot up from 13,947,909 in 2018 to 41,335,889 in 2019. 

Shockingly, the report disclosed that in 2019 alone, the healthcare records of 12.55% of the population of the United States were exposed, impermissibly disclosed, or stolen. 

According to the report, “more healthcare records were breached in 2019 than in the six years from 2009 to 2014.”

The largest single healthcare data breach in the US last year occurred when a network server at Optum360, LLC, was compromised after hackers illegally gained access to the systems of their business associate American Medical Collection Agency (AMCA). 

The Optum360 breach alone resulted in the exposure of 11,500,000 records; however, the AMCA hack affected 24 healthcare organizations in total, resulting in the exposure of 26,059,725 records.

Nearly a quarter—23.33%—of last year’s breaches “involved business associates to some extent,” according to the report. 

Of the breaches that occurred last year, most—59.41%—were classified as hacking/IT incidents, accounting for 87.60% of all breached records in 2019. The second biggest cause of data breaches, accounting for 28.82% of incidents that occurred, were classed as unauthorized access/disclosure incidents and involved 11.27% of all records breached.

Email and network servers proved the most vulnerable locations for personal health information, with the majority of incidents involving phishing and spear-phishing attacks. Of the 510 breaches to occur, 214 involved records located on email and 132 affected records on network servers.

Premium Domain Names – transcom.uk
Transcom ISP – The UK’s Best Business ISP
DoubleCheck any website at doublecheck.uk

Alleged Source of Soccer Leaks to Stand Trial

Alleged Source of Soccer Leaks to Stand Trial

The alleged source of a series of information leaks that rocked soccer and sparked an FFP investigation into the finances of Manchester City Football Club is to be tried before a Portuguese court.

An appeal lodged by Portuguese national Rui Pinto to have the accusations against him dismissed as “unfounded” was rejected earlier this month by the Lisbon Court of Appeal. The 31-year-old, who has been held in jail since his arrest in March 2019, will now stand trial on 93 charges related to hacking, violation of correspondence, computer sabotage, illegitimate access, and attempted extortion.

Pinto is accused of gaining unauthorized access to the email accounts of a number of football clubs throughout Europe. It is further alleged that Pinto sent information pilfered from those clubs to German media for publication. 

Revelations allegedly leaked by Pinto regarding the English Premier League football club Manchester City prompted the Union of European Football Associations (UEFA) to open an investigation to determine whether the club breached Financial Fair Play (FFP) rules. 

The investigation is ongoing, with a result expected from UEFA’s adjudicatory chamber in the next few months. If evidence of a breach is detected, Manchester City could be expelled from the Champions League. The club, which denies the allegations, will be allowed to appeal against whatever decision UEFA reaches. 

Information allegedly leaked by Pinto seemed to reveal that Manchester City had falsely inflated the amount of money it was making in sponsorship deals secured from firms linked to its Abu Dhabi ownership. If the deception proves to be true, then the club will have been caught out in a deliberate attempt to circumvent UEFA’s financial fair play rules. 

To share the information allegedly obtained from various football clubs, Pinto created the website Football Leaks. Pinto is accused of using this platform to share illegally obtained secret transfer documents and players’ contracts.

According to a press release put out by his own lawyers, Pinto is also the source of leaked documents that led the Angolan justice system to accuse Isabel dos Santos, daughter of former Angolan president José Eduardo dos Santos, of mismanagement and embezzlement when she was an administrator of the state oil company Sonangol.

Premium Domain Names – transcom.uk
Transcom ISP – The UK’s Best Business ISP
DoubleCheck any website at doublecheck.uk

US Education Non-Profit Leaks Data on Thousands of Students

US Education Non-Profit Leaks Data on Thousands of Students

A US education non-profit appears to have unwittingly leaked the personal information of thousands of students after leaving two online MongoDB databases exposed.

The privacy snafu was discovered by noted researcher Bob Diachenko and affected the Institute of International Education (IIE), an organization set up to promote educational and cultural exchanges with other countries.

“Although the database itself did not contain documents, it did contain links with active access tokens to documents stored elsewhere,” explained Security Discovery. “Links to passport scans, application forms, visas, emails, and other documents were discovered.”

Also among the leaked data were medical forms, funding information, student dossiers, US arrival documents and tax forms.

As the links to the sensitive personal documents were contained in around three million log files, it’s hard to estimate the total number of affected students, but Diachenko claimed they run into the thousands “if not more.”

Two identical MongoDB databases hosted at different IP addresses were left unsecured in the same manner, allowing anyone scanning for exposed systems to open them and take a look inside.

If either database was accessed it could provide a treasure trove of sensitive information for use in follow-on fraud, according to Security Discovery.

“An identity thief couldn’t ask for a better payload. The alarming amount of personal and financial data would make it easy for a criminal to open up new accounts and lines of credit in victims’ names, for example,” it warned.

“College-aged students are prime targets for identity theft because they often have clean credit reports and decent credit scores. We strongly urge impacted students to check their credit reports regularly in the upcoming months. Tax fraud is another threat, so impacted students should be on the lookout for tax scams during the upcoming tax season.”

Although IIE secured the data on February 6, eight days after being alerted to the leak by Diachenko, it did not respond personally to any of his messages, or to provide any public comment to those affected.

Premium Domain Names – transcom.uk
Transcom ISP – The UK’s Best Business ISP
DoubleCheck any website at doublecheck.uk

US Slaps More IP Theft and Sanctions Charges on Huawei

US Slaps More IP Theft and Sanctions Charges on Huawei

The US Department of Justice (DoJ) turned the heat up on Huawei on Thursday by filing new charges of racketeering and conspiracy to steal trade secrets.

The new charges build on a January 2019 23-count indictment against Huawei, its affiliates and CFO Meng Wanzhou which accused the Chinese firm of conspiracies to break sanctions on Iran and to steal trade secrets from T-Mobile USA, as well as wire fraud and other charges.

The latest superseding indictment focuses again on Huawei and subsidiaries Huawei Device, Huawei Device USA, Futurewei Technologies and Skycom Tech, as well as Meng, who is founder Ren Zhengfei’s daughter and remains in Canada under house arrest awaiting extradition to the US.

It alleges a “decades-long effort” by the company and its subsidiaries to misappropriate IP from six US companies including “trade secret information and copyrighted works, such as source code and user manuals for internet routers, antenna technology and robot testing technology.”

The means by which the Shenzhen giant is alleged to have done this will be familiar to China-watchers: entering into confidentiality agreements with the IP owners and then breaking them by misappropriating the IP, recruiting employees of the US firms to steal the IP, and using third-parties like professors to obtain and pass across the tech.

It’s even claimed that, on one occasion in 2004, a Huawei employee broke into a trade conference at night to take photos of a rival’s networking device, although the company maintains the man was acting alone.

The DoJ claimed Huawei ran an employee bonus scheme to reward those who obtained competitor information. It alleged that by gaining access to non-public IP for router source code, phone antenna tech and robotics, Huawei was able to cut its R&D budget and accelerate development, giving it an unfair commercial advantage.

There are also new allegations centered around sanction-busting business activity in Iran and North Korea, and apparent attempts by Huawei to keep this a secret, as well as lying about Huawei’s relationship to Skycom and trying to obstruct the DoJ investigation.

Huawei is claiming the charges are based largely on “recycled civil disputes from the last 20 years that have been previously settled, litigated and in some cases, rejected.” It argued in a statement sent to Infosecurity that they are an attempt to damage the firm’s reputation for reasons related to competition rather than law enforcement.

Premium Domain Names – transcom.uk
Transcom ISP – The UK’s Best Business ISP
DoubleCheck any website at doublecheck.uk

US Chain Rutter’s Hit by POS Malware Dating Back to 2018

US Chain Rutter’s Hit by POS Malware Dating Back to 2018

Rutter’s has become the latest US convenience store chain to suffer a breach of customer card data via Point of Sale (POS) malware.

Notified by a third party about potential unauthorized access to cards used at the firm’s locations, it launched an investigation and on January 14 discovered the malware installed on payment processing systems.

“The malware searched for track data (which sometimes has the cardholder name in addition to card number, expiration date, and internal verification code) read from a payment card as it was being routed through the payment processing systems,” the firm explained in a statement.

“However, chip-enabled (EMV) POS terminals are used inside our convenience stores. EMV cards generate a unique code that is validated for each transaction, and the code cannot be reused. As a result, for EMV cards inserted into the chip-reader on the EMV POS devices in our convenience stores, only card number and expiration date (and not the cardholder name or internal verification code) were involved.”

This means that users with old magstripe cards may have had their cards cloned for use in face-to-face fraud. On the EMV side, most e-commerce providers ask for a CV2 number and the name of the cardholder, so these customers would seem to be more insulated from follow-on fraud.

However, the number of cards affected in this breach could be huge. Over 70 outlets in Pennsylvania and West Virginia were affected and the malware is said to have been active October 1 2018 to May 29 2019. However, access to card data began as early as August 30 2018 for one outlet and September 20 2018 for nine more.

The news comes just weeks after convenience store chain Wawa notified customers of a similar breach. One dark web marketplace claimed last month that as many as 31 million cards may have been stolen in the raid, and are being uploaded to the site by the hackers.

Premium Domain Names – transcom.uk
Transcom ISP – The UK’s Best Business ISP
DoubleCheck any website at doublecheck.uk