☝️ TOP STORY

Another list of American organizations notifying customers or employees of data breaches

• Kisco Senior Living, a chain of seniors’ residences in 12 states, is notifying over 26,000 people. Data copied included names and Social Security numbers;

• Green Diamond Resource Company, which logs forests in five states, is notifying almost 28,000 people about a data breach last June. Data copied includes names, Social Security numbers, financial account information, full-access credentials, and driver’s license numbers or state identification numbers.

Meanwhile … GM was collecting and sharing drivers’ data, often without their knowledge. Do you know if your car is collecting your data?

📰 Headline Highlights 📰

• European Police Chiefs call for industry and governments to take action against end-to-end encryption roll-out

• Sweden's liquor shelves to run empty this week due to ransomware attack

• GitHub comments abused to push malware via Microsoft repo URLs

• Researchers find dozens of fake E-ZPass toll websites after FBI warning

• Russian hackers claim cyberattack on Indiana water plant

• Cops Using AI That Automatically Generates Police Reports From Body Cam Footage

• Hackers accessed more than 19,000 accounts on California state welfare platform

• Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers

• KAISER PERMANENTE DATA BREACH MAY HAVE IMPACTED 13.4 MILLION PATIENTS

• LA County Health Services: Patients' data exposed in phishing attack

In other news, When UnitedHealth got it a few weeks ago, we wondered if it’ll recover. Here is how it gets Back from the Brink: UnitedHealth Offers Sobering Post-Attack Update.

MUST READ: FTC Sending $5.6 Million in Refunds to Ring Customers Over Security Failures

🤷‍♀️ What now?

Your phone is ringing. Another number you don’t recognize?

The advances in AI allows callers to harvest your voice. Do not answer.

Today’s AI is able to create your near perfect likeness deepfake with just a few seconds of recording - or a few phone call of recordings.

Don’t be the first to say “hello” when you answer the phone. After all, didn’t they call you?

Hexagon Center is pushing forward its work knowing that cybersecurity is national security. The best cyber defense is you. If everyone plays a part, the United States can be less and less attractive to cyber threat actors as their resources wanes.

This newsletter is not the only resource that we have but we need you to tell everyone you know about the things you have learned from here and invite them to subscribe to it.

Next month, we will talk about our passwords.

Inside Hexagon

The first Thursday of May each year is dedicated to raising awareness about the importance of using strong passwords to protect oneself online. Hexagon Center will dedicate the month of May to help strengthen our passwords.

If your passwords is/are under 19 characters, we need to talk. Be sure to look out for next week’s newsletter at the same time, same place.

Glossary/Legend:

• Your data - is any information about you ranging from your Social Security number to your phone number and address. It may also include your financial account information as well as your location information …

• Cyber Attackers and Cyber Predators - these terms refer to people who use any kind of technology, including cell phones, to prey on us.

• URL - (Uniform Resource Locator) is a unique identifier used to locate a resource on the Internet. It is also referred to as a web address.

• Phishing Attack - a type of cyber attack where a malicious actor sends a fake message that appears to come from a trusted source.

• DRP - Disaster Response Plan. A plan on what to do in times when there is a disaster and you have lost your devices.

• Ransomware - is a set of technologies that allow computers to perform advanced functions. AI combines math, computer science, and cognitive science to mimic human behavior.

• Deepfake - A synthetic media that has been manipulated to replace one person's likeness with another. Deepfakes are created by a special type of machine learning called "deep" learning. They can be videos, photos, or audio recordings that appear real but have been manipulated with AI.

HOUSEKEEPING

Spread cybersecurity culture

Do you have any suggestions on how we can further share this newsletter? Tell your friends and family about us by sharing with them the Hexagon Center official website:

hexagoncenter.org

You may reply to this newsletter or email us at
[email protected]

Send us any questions or things you want to talk about. Please share some fun facts with us. We welcome feedback and suggestions.

Hexagon Center is formed as a nonprofit corporation in California for public benefit,
in the process of attaining 501(C)(3) status.

_DISCLAIMER

_{Cybersecurity is an ever-changing field, and threats may evolve. While Hexagon Center strives to provide accurate and timely information, we cannot guarantee absolute security. Users are responsible for implementing their security measures and staying informed about the latest cybersecurity developments.}

_{SEE MORE DISCLAIMER HERE}