From Digital Age to Nano Age. WorldWide.

Tag: Security

Robotic Automations

US government says security flaw in Chirp Systems' app lets anyone remotely control smart home locks | TechCrunch

A vulnerability in a smart access control system used in thousands of U.S. rental homes allows anyone to remotely control any lock in an affected home. But Chirp Systems, the company that makes the system, has ignored requests to fix the flaw.

U.S. cybersecurity agency CISA went public with a security advisory last week saying that the phone apps developed by Chirp, which residents use in place of a key to access their homes, “improperly stores” hardcoded credentials that can be used to remotely control any Chirp-compatible smart lock.

Apps that rely on passwords stored in its source code, known as hardcoding credentials, are a security risk because anyone can extract and use those credentials to perform actions that impersonate the app. In this case, the credentials allowed anyone to remotely lock or unlock a Chirp-connected door lock over the internet.

In its advisory, CISA said that successful exploitation of the flaw “could allow an attacker to take control and gain unrestricted physical access” to smart locks connected to a Chirp smart home system. The cybersecurity agency gave the vulnerability severity score of 9.1 out of a maximum of 10 for its “low attack complexity” and for its ability to be remotely exploited.

The cybersecurity agency said Chirp Systems has not responded to either CISA or the researcher who found the vulnerability.

Security researcher Matt Brown told veteran security journalist Brian Krebs that he notified Chirp of the security issue in March 2021 but that the vulnerability remains unfixed.

Chirp Systems is one of a growing number of companies in the property tech space that provide keyless access controls that integrate with smart home technologies to rental giants. Rental companies are increasingly forcing renters to allow the installation of smart home equipment as dictated by their leases, but it’s murky at best who takes responsibility or ownership when security problems arise.

Real estate and rental giant Camden Property Trust signed a deal in 2020 to roll out Chirp-connected smart locks to more than 50,000 units across over a hundred properties. It’s unclear if affected properties like Camden are aware of the vulnerability or have taken action. Kim Callahan, a spokesperson for Camden, did not respond to a request for comment.

Chirp was bought by property management software giant RealPage in 2020, and RealPage was acquired by private equity giant Thoma Bravo later that year in a $10.2 billion deal. RealPage is facing several legal challenges over allegations its rent-setting software uses secret and proprietary algorithms to help landlords raise the highest possible rents on tenants.

Neither RealPage nor Thoma Bravo have yet to acknowledge the vulnerabilities in the software it acquired, nor say if they plan on notifying affected residents of the security risk.

Jennifer Bowcock, a spokesperson for RealPage, did not respond to requests for comment from TechCrunch. Megan Frank, a spokesperson for Thoma Bravo, also did not respond to requests for comment.

Software Development in Sri Lanka

Robotic Automations

Exclusive: Simbian brings AI to existing security tools

Ambuj Kumar is nothing if not ambitious.

An electrical engineer by training, Kumar led hardware design for eight years at Nvidia, helping to develop tech including a widely used high-speed memory controller for GPUs. After leaving Nvidia in 2010, Kumar pivoted to cybersecurity, eventually co-founding Fortanix, a cloud data security platform.

It was while heading up Fortanix that the idea for Kumar’s next venture came to him: an AI-powered tool to automate a company’s cybersecurity workflows, inspired by challenges he observed in the cybersecurity industry.

“Security leaders are stressed,” Kumar told TechCrunch. “CISOs don’t last more than a couple of years on average, and security analysts have some of the highest churn. And things are getting worse.”

Kumar’s solution, which he co-founded with former Twitter software engineer Alankrit Chona, is Simbian, a cybersecurity platform that effectively controls other cybersecurity platforms as well as security apps and tooling. Leveraging AI, Simbian can automatically orchestrate and operate existing security tools, finding the right configurations for each product by taking into account a company’s priorities and thresholds for security, informed by their business requirements.

With Simbian’s chatbot-like interface, users can type in a cybersecurity goal in natural language, then have Simbian provide personalized recommendations and generate what Kumar describes as “automated actions” to execute the actions (as best it can).

“Security companies have focused on making their own products better, which leads to a very fragmented industry,” Kumar said. “This results in a higher operational burden for organizations.”

To Kumar’s point, polls show that cybersecurity budgets are often wasted on an overabundance of tools. More than half of businesses feel that they’ve misspent around 50% of their budgets and still can’t remediate threats, according to one survey cited by Forbes. A separate study found that organizations now juggle on average 76 security tools, leading IT teams and leaders to feel overwhelmed.

“Security has been a cat-and-mouse game between attackers and defenders for a long time; the attack surface keeps growing due to IT growth,” Kumar said, adding that there’s “not enough talent to go around.” (One recent survey from Cybersecurity Ventures, a security-focused VC firm, estimates that the shortfall of cyber experts will reach 3.5 million people by 2025.)

In addition to automatically configuring a company’s security tools, the Simbian platform attempts to respond to “security events” by letting customers steer security while taking care of lower-level details. This, Kumar says, can significantly cut down on the number of alerts a security analyst must respond to.

But that assumes Simbian’s AI doesn’t make mistakes, a tall order, given that it’s well established that AI is error-prone.

To minimize the potential for off-the-rails behavior, Simbian’s AI was trained using a crowdsourcing approach — a game on its website called “Are you smarter than an LLM?” — that tasked volunteers with trying to “trick” the AI into doing the wrong thing. Kumar explained that Simbian used this learning, along with in-house researchers, to “ensure the AI does the right thing in its use cases.”

This means that Simbian effectively outsourced part of its AI training to unpaid gamers. But, to be fair, it’s unclear how many people actually played the company’s game; Kumar wouldn’t say.

There are privacy implications of a system that controls other systems, especially concerning those that are security-related. Would companies — and vendors, for that matter — be comfortable with sensitive data funneling through a single, AI-controlled centralized portal?

Kumar claims that every attempt has been made to protect against data compromise. Simbian uses encryption — customers control the encryption keys — and customers can delete their data at any time.

“As a customer, you have full control,” he said.

While Simbian isn’t the only platform to attempt to apply a layer of AI over existing security tools — Nexusflow offers a product along a similar vein — it appears to have won over investors. The company recently raised $10 million from investors including Coinbase board member Gokul Rajaram, Cota Capital partner Aditya Singh, Icon Ventures, Firebolt and Rain Capital.

“Cybersecurity is one of the most important problems of our time, and has famously fragmented ecosystem with thousands of vendors,” Rajaram told TechCrunch via email. “Companies have tried to build expertise around specific products and problems. I applaud Simbian’s method of building an integrated platform that would understand and operate all of security. While this is extremely challenging approach from technology perspective, I’ll put my money — and I did put my money — on Simbian. It’s the team with unique experience all the way from hardware to cloud.”

Mountain View-based Simbian, which has 15 employees, plans to put the bulk of the capital it’s raised toward product development. Kumar’s aiming to double the size of the startup’s workforce by the end of the year.

Software Development in Sri Lanka

Robotic Automations

Apple alerts users in 92 nations to mercenary spyware attacks | TechCrunch

Apple sent threat notifications to iPhone users in 92 countries on Wednesday, warning them that they may have been targeted by mercenary spyware attacks.

The company said it sent the alerts to individuals in 92 nations at 12 p.m. Pacific Time Wednesday. The notification, which TechCrunch has seen, did not disclose the attackers’ identities or the countries where users received notifications.

“Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-,” it wrote in the warning to affected customers.

“This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously,” Apple added in the text.

The iPhone maker sends these kind of notifications multiple times a year and has notified users to such threats in over 150 countries since 2021, per an updated Apple support page.

Apple also sent an identical warning to a number of journalists and politicians in India in October last year. Later, nonprofit advocacy group Amnesty International reported that it had found Israeli spyware maker NSO Group’s invasive spyware Pegasus on the iPhones of prominent journalists in India. (Users in India are among those who have received Apple’s latest threat notifications, according to people familiar with the matter.)

The spyware alerts arrive at a time when many nations are preparing for elections. In recent months, many tech firms have cautioned about rising state-sponsored efforts to sway certain electoral outcomes. Apple’s alerts, however, did not remark on their timing.

“We are unable to provide more information about what caused us to send you this notification, as that may help mercenary spyware attackers adapt their behavior to evade detection in the future,” Apple told affected customers.

Apple previously described the attackers as “state-sponsored” but has replaced all such references with “mercenary spyware attacks.”

The warning to customers adds: “Mercenary spyware attacks, such as those using Pegasus from the NSO Group, are exceptionally rare and vastly more sophisticated than regular cybercriminal activity or consumer malware.”

Apple said it relies solely on “internal threat-intelligence information and investigations to detect such attacks.”

“Although our investigations can never achieve absolute certainty, Apple threat notifications are high-confidence alerts that a user has been individually targeted by a mercenary spyware attack and should be taken very seriously,” it added.

Software Development in Sri Lanka

Robotic Automations

Microsoft employees exposed internal passwords in security lapse | TechCrunch

Microsoft has resolved a security lapse that exposed internal company files and credentials to the open internet.

Security researchers Can Yoleri, Murat Özfidan and Egemen Koçhisarlı with SOCRadar, a cybersecurity company that helps organizations find security weaknesses, discovered an open and public storage server hosted on Microsoft’s Azure cloud service that was storing internal information relating to Microsoft’s Bing search engine.

The Azure storage server housed code, scripts and configuration files containing passwords, keys and credentials used by the Microsoft employees for accessing other internal databases and systems.

But the storage server itself was not protected with a password and could be accessed by anyone on the internet.

Yoleri told TechCrunch that the exposed data could potentially help malicious actors identify or access other places where Microsoft stores its internal files. Identifying those storage locations “could result in more significant data leaks and possibly compromise the services in use,” Yoleri said.

The researchers notified Microsoft of the security lapse on February 6, and Microsoft secured the spilling files on March 5.

When reached by email, a spokesperson for Microsoft did not provide comment by the time of publication. In a statement shared after publication on Wednesday, Microsoft’s Jeff Jones told TechCrunch: “Though the credentials should not have been exposed, they were temporary, accessible only from internal networks, and disabled after testing. We thank our partners for responsibly reporting this issue.”

Jones did not say for how long the cloud server was exposed to the internet, or if anyone other than SOCRadar discovered the exposed data inside.

This is the latest security gaffe at Microsoft as the company tries to rebuild trust with its customers after a series of cloud security incidents in recent years. In a similar security lapse last year, researchers found that Microsoft employees were exposing their own corporate network logins in code published to GitHub.

Microsoft also came under fire last year after the company admitted it did not know how China-backed hackers stole an internal email signing key that allowed the hackers broad access to Microsoft-hosted inboxes of senior U.S. government officials. An independent board of cyber experts tasked with investigating the email breach wrote in their report, published last week, that the hackers succeeded because of a “cascade of security failures at Microsoft.”

In March, Microsoft said that it continues to counter an ongoing cyberattack that allowed Russian state-backed hackers to steal portions of the company’s source code and internal emails from Microsoft corporate executives.

Updated with comment from Microsoft.

Software Development in Sri Lanka

Robotic Automations

Chrome Enterprise goes Premium with new security and management features | TechCrunch

At its Google Cloud Next conference in Las Vegas, Google on Tuesday extended its Chrome Enterprise product suite with the launch of Chrome Enterprise Premium.

Google has long offered an enterprise-centric version of its Chrome browser. With Chrome Enterprise, IT departments get the ability to manage employees’ browser settings, the extensions they install and web apps they use, for example. More importantly, though, they also get a number of new security controls around data loss prevention, malware protection, phishing prevention and the Zero Trust access to SaaS apps.

Chrome Enterprise Premium, which will cost $6/user/month, mostly extends the security capabilities of the existing service, based on the insight that browsers are now the endpoints where most of the high-value work inside a company is done.

Authentication, access, communication and collaboration, administration, and even coding are all browser-based activities in the modern enterprise,” Parisa Tabriz, Google’s VP for Chrome, wrote in Tuesday’s announcement. “Endpoint security is growing more challenging due to remote work, reliance on an extended workforce, and the proliferation of new devices that aren’t part of an organization’s managed fleet. As these trends continue to accelerate and converge, it’s clear that the browser is a natural enforcement point for endpoint security in the modern enterprise.”

These new features include additional enterprise controls to enforce policies and manage software updates and extensions, as well as new security reporting features and forensic capabilities that can be integrated with third-party security tools. Chrome Enterprise Premium takes Zero Trust a step further with context-aware access controls that can also mitigate the risk of data leaks. This includes approved applications and those that were not sanctioned by the IT department.

“With Chrome Enterprise Premium, we have confidence in Google’s security expertise, including Project Zero’s cutting-edge security research and fast security patches. We set up data loss prevention restrictions and warnings for sharing sensitive information in applications like generative AI platforms and noticed a noteworthy 50% reduction in content transfers,” said Nick Reva, head of corporate security engineering at Snap.

The new service is now generally available.

Software Development in Sri Lanka

Robotic Automations

Google injects generative AI into its cloud security tools | TechCrunch

At its annual Cloud Next conference in Las Vegas, Google on Tuesday introduced new cloud-based security products and services — in addition to updates to existing products and services — aimed at customers managing large, multi-tenant corporate networks.

Many of the announcements had to do with Gemini, Google’s flagship family of generative AI models.

For example, Google unveiled Gemini in Threat Intelligence, a new Gemini-powered component of the company’s Mandiant cybersecurity platform. Now in public preview, Gemini in Threat Intelligence can analyze large portions of potentially malicious code and let users perform natural language searches for ongoing threats or indicators of compromise, as well as summarize open source intelligence reports from around the web.

“Gemini in Threat Intelligence now offers conversational search across Mandiant’s vast and growing repository of threat intelligence directly from frontline investigations,” Sunil Potti, GM of cloud security at Google, wrote in a blog post shared with TechCrunch. “Gemini will navigate users to the most relevant pages in the integrated platform for deeper investigation … Plus, [Google’s malware detection service] VirusTotal now automatically ingests OSINT reports, which Gemini summarizes directly in the platform.”

Elsewhere, Gemini can now assist with cybersecurity investigations in Chronicle, Google’s cybersecurity telemetry offering for cloud customers. Set to roll out by the end of the month, the new capability guides security analysts through their typical workflows, recommending actions based on the context of a security investigation, summarizing security event data and creating breach and exploit detection rules from a chatbot-like interface.

And in Security Command Center, Google’s enterprise cybersecurity and risk management suite, a new Gemini-driven feature lets security teams search for threats using natural language while providing summaries of misconfigurations, vulnerabilities and possible attack paths.

Rounding out the security updates were privileged access manager (in preview), a service that offers just-in-time, time-bound and approval-based access options designed to help mitigate risks tied to privileged access misuse. Google’s also rolling out principal access boundary (in preview, as well), which lets admins implement restrictions on network root-level users so that those users can only access authorized resources within a specifically defined boundary.

Lastly, Autokey (in preview) aims to simplify creating and managing customer encryption keys for high-security use cases, while Audit Manager (also in preview) provides tools for Google Cloud customers in regulated industries to generate proof of compliance for their workloads and cloud-hosted data.

“Generative AI offers tremendous potential to tip the balance in favor of defenders,” Potti wrote in the blog post. “And we continue to infuse AI-driven capabilities into our products.”

Google isn’t the only company attempting to productize generative AI–powered security tooling. Microsoft last year launched a set of services that leverage generative AI to correlate data on attacks while prioritizing cybersecurity incidents. Startups, including Aim Security, are also jumping into the fray, aiming to corner the nascent space.

But with generative AI’s tendency to make mistakes, it remains to be seen whether these tools have staying power.

Software Development in Sri Lanka

Robotic Automations

AI data security startup Cyera confirms $300M raise at a $1.4B valuation | TechCrunch

Artificial intelligence continues to be a big threat, but it’s also a huge promise in the world of cybersecurity. Today, one of the startups tackling both the opportunity and the challenge is announcing a major round of funding. Cyera has built an AI-based platform to help organizations understand the location and movement of all the data in their networks — critical for taking the right steps to secure that data, whether to defend against cyberattacks or to keep it from inadvertently leaking into a large language model.

The company has raised $300 million in a Series C round that values it at $1.4 billion, TechCrunch has learned.

Growth rounds continue to be a major challenge for tech startups, so Cyera’s fundraise is notable not just for its size, but also because it nearly triples the company’s valuation in less than a year — it last raised a $100 million Series B in June 2023. This speaks to the company’s traction — it didn’t disclose numbers, but its customers include a number of giant multinationals — as well as its outlook on the market and how it’s addressing that.

TechCrunch and other outlets reported on this fundraise when it was still in the works, and today’s news confirms several of the details we uncovered, including the size of the round and the lead investor, Coatue, which is new to the startup’s cap table. Other new investors include Spark Capital, Georgian, and strategic backer AT&T Ventures.

AT&T is a noteworthy name here. In March, TechCrunch revealed that the multinational carrier had to initiate a mass reset of accounts after the details of 7.6 million current account holders, and more than 65 million former account holders, were dumped online due to a data breach that happened in 2019. Incidents like that are typical of what drives companies to sign up to companies like Cyera, sometimes ahead of any crisis, sometimes in order to prevent another crisis.

“You have no idea how many times a month I get a phone call from a CISO asking delicately for some time,” said Cyera CEO Yotam Segev in an interview. “‘I’ve got something going on,’ they say. ‘I need you. How fast can you guys scan my environment?’ It happens every time. And what we do is, we jump on it. We send a squad, we have them figure out what data was in scope. They sometimes don’t even know what data was breached.” (AT&T’s breach, it should be noted, took place before Cyera was founded.)

In a nutshell, Cyera has built a platform that takes a full assessment of an organization’s data, where it was created, and where it’s stored and where it’s being used.

That’s no small task in itself, since most organizations today work across hybrid environments with a variety of apps, devices, clouds and on-premises servers, with the total amount of data now being counted in tens of zetabytes and exponentially growing to hundreds of zetabytes in the next couple of years, analysts predict. That spaghetti of connections and activity has turned into a nightmare when it comes to auditing data.

Cyera is part of the general category of “posture management,” and there are dozens of others in the space, including big names like CrowdStrike, Zscaler, Wiz, Palo Alto Networks, and Fortinet. All of them will largely agree on why you need to have good posture management: It’s important to know what you have and where it is in order to take care of it. Cyera’s extra step is using AI to handle that process, and it looks at the next generation of enterprise applications and use cases, and the challenges they will pose for data posture management. In today’s world, that next generation is all about one thing: artificial intelligence.

“If you think about it, AI security is where the biggest gap is today for enterprises,” said Segev. “They just have no control over their data, and AI runs on data,” he said in reference to how large language models are built and subsequently work. “But if you don’t even know what data you have, where it lives, how many duplicates of it there are, and what’s the source of truth versus a copy from five years ago, then how are you supposed to actually go and leverage this technology to its full extent? When you think about the risks that AI produces for these companies, it’s all about losing their proprietary data.”

Segev and his co-founder, Tamar Bar-Ilan (CTO), both cut their teeth in the Israeli military, a training ground that puts engineers into real-world scenarios for testing out the most cutting-edge tech. What’s caught the eye of investors is that they have added a strong entrepreneurial layer (plus some charm and salesperson flair) to those learnings.

“We’re going to use this investment to continue to grow our offerings for the customers into the data security platform that they deserve and want,” Segev said. “They don’t want to stitch together 20 products in order to make this program a reality. They want to buy from one vendor.”

Previous backers Sequoia, Accel, Redpoint, and Cyberstarts all also participated in the Series C, and this brings the total raised by Cyera — headquartered in New York with roots in Israel — to $460 million in just three years.

Although Doug Leone is no longer an active partner at Sequoia, he remains a board member at select companies, including Cyera.

“The co-founders here are as good as any I’ve been in business with. They are clear outliers,” he said in an interview. “They had a vision of the increased need and awareness of the need that would hit us like an avalanche. Data is the crown jewel of any company.” 

“The customer’s reactions to Cyera as a platform remind me of our early days at ServiceNow,” said David Schneider, general partner at Coatue Management, in a statement. “I am confident that Cyera will grow to become a key part of enterprise’s data security, which is so crucial with the advent of AI.”

Software Development in Sri Lanka

Robotic Automations

Sprinto raises $20M to bring automation to security compliance management | TechCrunch

Sprinto, a security compliance and risk platform, has raised a $20 million Series B round to build more automation into its compliance management platform and widen its customer base to include the wide gamut of companies that operate digitally but aren’t tech-first.

Compliance with frameworks such as SOC 2, GDPR (General Data Protection Regulation) and HIPAA (Health Insurance Portability and Accountability Act ) has become crucial for companies across sectors to ensure data security and privacy, but compliance management remains a cumbersome process for most businesses, as it requires teams to maintain records frequently and regularly monitor data flows.

Sprinto is working to automate this aspect of security compliance management, which involves vendor risk management, vulnerability assessment, access control, evidence collection and other filing tasks. The company’s platform connects directly with its customers’ HR, IT, and engineering systems via over 160 integrations and has baked-in support for popular frameworks like SOC 2, ISO 27001, GDPR, CCPA (California Consumer Privacy Act), HIPAA, PCI-DSS (Payment Card Industry Data Security Standard), and CIS. Sprinto uses a mix of AI, GPTs and its own internal large language model to offer efficiencies in compliance management. The company said it aims to focus more on bringing intelligence to the platform by bolstering its R&D.

“Our goal is to help companies build trust and grow their business using the trust they’ve built,” Sprinto’s co-founder, Girish Redekar, told TechCrunch.

The all-equity Series B funding round, which takes the company’s total capital raised to $31.8 million, was led by Accel. Existing investors Elevation Capital and Blume Ventures also participated.

The market for automated compliance management solutions already has players such as Vanta and Drata, which Sprinto considers its key competitors. However, Redekar said Sprinto primarily focuses on automating the entire compliance management process and helping businesses build trust.

Redekar founded Sprinto with Raghuveer Kancherla after their startup Recruiterbox was acquired by the private-equity firm Turn/River Capital in 2018. The co-founders were familiar with how difficult and onerous a problem compliance can be, and they set out to address that problem with their new startup.

Sprinto employs about 200 people, and Redekar said it currently has more than 1,000 customers across 75 countries, but a majority of its client base is in the U.S. and Europe. It plans to expand its presence in both these markets by attracting traditional businesses that have deployed tech but are not natively a tech company.

“The largest opportunity is in companies that are digitally native; they are not necessarily tech-first, but are tech-enabled. Increasingly, every company is a digital company in one way or another. We are really focused on growing that market,” Redekar told TechCrunch.

Redekar did not disclose the startup’s valuation, but Ravi Adusumalli, co-managing partner at Elevation Capital, said Sprinto has grown over 20x since it raised its Series A in 2021. Redekar said the company’s ARR rose 3x from 2022 to 2023, and is projected to double in the coming year.

“We are able to go a mile beyond just checking a box where you can show to an auditor that we do this, but we actually want to make you more secure. We want to do it more continuously. And we want to be able to build tools that help you demonstrate what you’re doing to external stakeholders,” he said.

The startup plans to utilize the fresh funding for product R&D and to cater to new businesses. Redekar said the plan is to scale its current intelligent automation by four times in less than 12 months.

“Sprinto is doing an incredible job of helping companies focus on their core business by making compliance low-touch, automated, and efficient. With a deep understanding of the product and a sharp focus on execution, Sprinto has been on a rare growth trajectory. We are thrilled to partner with Girish, Raghuveer, and their team at Sprinto in their mission to ensure that compliance becomes a driver of growth for businesses,” said Shekhar Kirani, partner at Accel, in a prepared statement.

Software Development in Sri Lanka

Robotic Automations

Hackers stole 340,000 Social Security numbers from government consulting firm | TechCrunch

U.S. consulting firm Greylock McKinnon Associates (GMA) disclosed a data breach in which hackers stole as many as 341,650 Social Security numbers.

The data breach was disclosed on Friday on Maine’s government website, where the state posts data breach notifications.

In its data breach notice sent by mail to affected victims, GMA said it was hit by an unspecified cyberattack in May 2023 and “promptly took steps to mitigate the incident.”

GMA provides economic and litigation support to companies and U.S. government agencies, including the U.S. Department of Justice, bringing civil litigation. According to its data breach notice, GMA told affected individuals that their personal information “was obtained by the U.S. Department of Justice (“DOJ”) as part of a civil litigation matter” supported by GMA.

The reasons and target of the DOJ’s civil litigation are not known. A spokesperson for the Justice Department did not respond to a request for comment.

GMA said that individuals notified of the data breach are “not the subject of this investigation or the associated litigation matters,” and that the cyberattack “does not impact your current Medicare benefits or coverage.”

“We consulted with third-party cybersecurity specialists to assist with our response to the incident, and we notified law enforcement and the DOJ. We received confirmation of which individuals’ information was affected and obtained their contact addresses on February 7, 2024,” the firm wrote.

GMA told victims that “your personal and Medicare information was likely affected in this incident,” which includes names, dates of birth, home address, some medical information and health insurance information, and Medicare claim numbers, which included Social Security numbers.

It’s unclear why it took GMA nine months to determine the extent of the breach and notify victims.

GMA, and the firm’s outside legal counsel, Linn Freedman of Robinson & Cole LLP, did not immediately respond to a request for comment.

Software Development in Sri Lanka

Robotic Automations

Roku says 576,000 user accounts hacked after second security incident | TechCrunch

Streaming giant Roku has confirmed a second security incident in as many months, with hackers this time able to compromise more than half a million Roku user accounts.

In a statement Friday, the company said about 576,000 user accounts were accessed using a technique known as credential stuffing, where malicious hackers use usernames and passwords stolen from other data breaches and reuse the logins on other sites.

Roku said in fewer than 400 account breaches, the malicious hackers made fraudulent purchases of Roku hardware and streaming subscriptions using the payment data stored in those users’ accounts. Roku said it refunded customers affected by the account intrusions.

The company, which has 80 million customers, said the malicious hackers “were not able to access sensitive user information or full credit card information.”

Roku said it discovered the second incident while it was notifying some 15,000 Roku users that their accounts were compromised in an earlier credential stuffing attack.

Following the security incidents, Roku said it rolled out two-factor authentication to users. Two-factor authentication prevents credential stuffing attacks by adding an additional layer of security to online accounts. By prompting a user to enter a time-sensitive code along with their username and password, malicious hackers cannot break into a user’s account with just a stolen password.

Software Development in Sri Lanka