Identity Matters - December 2023

Another year is in the rearview mirror, yet the cybersecurity issues of the past cannot be left behind. Only by carefully watching the road can enterprises apply the lessons of the past to the challenges of the new year. Simeio stands by, ready to inform you of the top cyber incidents and developments during the holiday season. Because Identity Matters.

Industry Highlights

Xfinity Data Breach, Comcast Hack Affects Nearly 36 Million Customers

The prospect of a compromised ISP is chilling to all users from private home internet to major corporate services. Now 35.8 million Xfinity users have joined that unenviable list of victims. On Dec. 6, Xfinity reported that a hack, first discovered in October, had exposed critical user information. These included usernames, passwords, real names, contact information, partial Social Security numbers, and even the answers to account recovery questions.

For USA Today’s full breakdown and information on how Xfinity is helping affected customers, go here

Apple: 2.5B Records Exposed, Marking Staggering Surge in Data Breaches

In the wake of Apple-targeting malware appearing in hacker circles, the tech giant has not been idle in its cybersecurity readiness. Pulling data from both IBM and Forrester , Apple has released a report revealing some staggering statistics. These include 95% of organizations that experienced a recent breach having been previously compromised. Additionally, a total of more than 2.5 BN personal records were exposed between 2021 and 2022.

Get the full context of these and other relevant findings on DarkReading’s article here

MOVEit Vulnerability Hits Delta Dental: 7 Million Records Exposed

It seems that every other month, Identity Matters must cover a new sad chapter in the ongoing MOVEit breach. The latest batch of victims comes from sunny California, where about 7 MN customers of the major healthcare provider Delta Dental had their private information exposed. The compromised information included addresses, Social Security numbers, passport details, financial information, and more.

Go to Infosecurity Magazine for a full breakdown of the breach and the greater context of MOVEit here

2.7M Medical Records Exposed in Double-extortion Ransomware Attack

The healthcare industry is not only one of the most vulnerable sectors for cyber attacks, but one where successful breaches prove particularly devastating. Case in point, patient care solutions developer ESO has reported the infiltration of its systems by a sophisticated ransomware attack. This resulted in the encryption of company systems. Besides the price of the ransom itself, the company could also face civil and regulatory costs for allowing patient information to be exposed.

Get the full breakdown of the incident at SC Magazine , here

NSA Publishes 2023 Cybersecurity Year in Review

Closing out December brings inevitable reflection on the past year, and the cybersecurity community is no different. Coming off the desk of no less than the NSA , their 2023 Year in Review report runs the gamut of high-profile topics from the establishment of an AI security center to the repulsion of Chinese state-sponsored cyber-intrusions.

Catch up on 2023’s most high-profile cybersecurity developments in the full report available here

2024 Outlook: The Cybersecurity Trends Health System Leaders Need to Know

Just as the end of the year elicits contemplation of the past 12 months, it also brings up the possibilities offered by the new year. Fierce Healthcare dives into the most pressing issues facing the modern health cybersecurity landscape ranging from ransomware to sweeping data breaches. The article moves through the most relevant attack vectors including IoT (Internet of Things), phishing campaigns, and device targeting.

Learn the full scope of threats in Fierce Healthcare’s report here

Simeio Spotlights

Simeio Appoints Nick Rowe as Chief Operating Officer

Our company always talks about how our excellence in service comes from our excellence in people. Today we've added another veteran to that proven pedigree. Simeio is honored and excited to welcome Nick Rowe ?as Simeio's new COO. Chris Schueler , CEO of Simeio, reports that, “with a proven track record of success in leading and managing high-performing teams, Nick has a deep understanding of Simeio’s customers and markets.”

Learn the full details of this impactful new hire here .

The Role of Identity Governance in Zero Trust Security Models

The guiding principle of the Zero Trust security model is the concept of identity governance.? This paradigm acts as the foundational layer for security in increasingly perimeterless IT environments. Nowhere is this more evident than in the financial sector, where the compromise of a single identity can have ruinous consequences for both the customer and the enterprise.

Learn how IGA forms the central pillar of an effective Zero Trust rollout here ?

The Definitive Guide to Navigating Retail's Digital Identity Chaos

Modern retail relies upon the digital marketplace to stay afloat. Securely managing the digital identities of both customers and employees is just as important and ensuring their usage is as easy and frictionless as possible. Reliably verifying entity, individual, organizational, or device identities across multiple channels is critical to mitigating risks, enhancing user experiences, and harnessing opportunities in the digital space.

Learn how your business can navigate the digital identity quagmire with Simeio’s definitive guide here