February 2018 External Threat Summary

External threats come in many forms, below are the stories that you need to know about.

Blackpool schools’ CCTV live streams were broadcast on US website.

Parents reassured after live footage from Blackpool schools’ CCTV cameras was ‘hosted on US website’

LAPD Twitter account hijacked by unknown party.

The Los Angeles Police Department main Twitter account @LAPDHQ was hacked Monday to declare the force’s members are “white supremacists.”

Popular hashtags are being hijacked by bots on Twitter in ongoing advertising campaigns.

Adult entertainment-themed Twitter bots – known as pornbots – have emerged as the most recent scourge on the social media service, creating big headaches for companies that use Twitter for outreach.

Sensitive information of thousands of FedEx customers worldwide leaked.

Personal information for thousands of FedEx customers worldwide has been exposed after a legacy Amazon Web Services (AWS) cloud storage server was left open to public access without a password.

Two misconfigured databases expose personal records of thousands.

The Maryland Joint Insurance Association left internet access to a data repository of customer files containing information such as customer names, addresses, phone numbers, birth dates, and full Social Security numbers; together with financial data such as check images, full bank account numbers, and insurance policy numbers.

Maryland Joint Insurance Association customers’ data exposed via misconfigured storage device.

A private-sector program providing property insurance in the state, exposed personally identifiable information for thousands of individuals to the public internet via a misconfigured storage device.

AWS S3 cloud storage bucket exposes 12,000 social media influencers.

Marketing Startup Exposed Thousands of Social Media Stars

Disclaimer: This monthly update contains key stories of interest pertaining to external threat management. We cannot guarantee the accuracy of linked third-party content and accept no responsibility for the content created by a third-party.