Cyber News Roundup: The latest cyberthreats in Oregon: ways to protect yourself

Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

Cybersecurity threats are not just reserved for companies and political hacking. Many times, they involve theft of personal data and money from ATM machines. Recently in Warrenton, Oregon, a man noticed something unusual at an ATM. According to the Daily Astorian, a customer saw another customer using two ATM cards, which resulted in an error message as he tried to withdraw cash. The first customer noticed that there was a skimmer in the ATM card slot. A skimmer is a small device that is placed near the card reader in the ATM and is designed to steal personal information.

Skimmers are typically used at machines that read cards, such as ATM machines and pumps at gas stations. They’ve been around for decades but they are becoming more prevalent. How can consumers protect themselves?

Mark Cooper, president and founder of PKI Solutions, a Portland-based cybersecurity and Public Key Infrastructure company, said that the best way to protect yourself is to be aware of skimmers. “Along with the typical precautions — highly visible places, trustworthy businesses — it’s best to insert credit cards into machines that use EMV chip technology. EMV chips are typically placed on the left or right of the front side of a credit card to make them more secure. Most companies now use the chips to avoid forcing customers to fully insert them.”

Both banks have been checking ATMs several times each day, and customers can sign up for notifications alerting them when cards are used.

Legacy Health’s data breach hits close to home

Another security breach occurred in the healthcare industry…and it happened in Portland. Legacy Health reported that 38,000 patient records were breached in May 2018 after officials realized that some employee email accounts were apparently compromised. The good news is that Legacy Health hired a forensic firm to lead the investigation.

This marks yet another security breach at a major healthcare provider. Over the past year, Heathcare IT News has reported security issues involving patient records being exposed at Augusta University Health, UnityPoint Health and Sunspire Health, to name a few.

Healthcare IT News reported that “The health system is just the latest to be breached by a phishing attack this year. In fact, the most recent Protenus Breach Barometer found phishing attacks were the greatest cyberthreat of the second quarter of 2018.”

The best way for companies to avoid phishing scams is with employee education. Network monitoring is also highly recommended to safeguard against cybersecurity breaches.

Tips for protecting your company data

Now is a good time to examine your company’s security settings. The Seattle Post-Intelligencer offers a variety of suggestions for employees and companies to consider in Back from vacations, a good time to beef up cybersecurity. Recommendations include:

• Update passwords
• Watch for phishing scams
• Lock phones and laptops
• Download new security updates
• For small businesses, consider bringing in an IT consultant to make sure that anti-virus and anti-malware software, firewalls, encryption software and offsite storage are all up to date

Cyber Oregon partner blog post of interest

• Sword & Shield: Locked Out: Ransomware Prevention and Incident Response