Follow us:
  1. Home
  2. News
  3. Cybersecurity News

The Weekly Hack: Hackers break into Tampa mayor’s Twitter account and post that missiles are headed to Florida

The medical records of Seattle-area patients were accessible via Google search

Photo (c) stevanovicigor - Getty Images
Tampa Mayor Bob Buckhorn had a dire warning for his constituents.



It was not a drill, but it also wasn't real. The “emergency alert” was part of a thread of 60 some-odd posts on Buckhorn’s Twitter account that also included racist messages, child pornography, and a bomb threat against the Tampa International Airport.

Buckhorn is now back online and thanking Twitter for kicking the hackers out of his account. Tampa police said that the threats were not credible and are currently investigating how the hackers managed to obtain Buckhorn’s password.

In case anyone was still confused, the mayor’s spokesman sent out a news release yesterday telling followers that the Twitter posts were “clearly not Mayor Buckhorn.”

Porn site visitors

Are you using a secret credit card to subscribe to premium access on a porn site? Make sure the password is secret too. Security researchers are warning that user login details on porn websites have become a popular target for hackers, who then resell the information on the Dark Web.

The New Kaspersky lab counted nearly 850,000 attempts to access user login info on PornHub and XNXX. There is a market for those details on the Dark Web, where some hackers may simply want to enjoy premium porn subscriptions bankrolled by a stranger. But others may use those login details to access credit card information.

The attackers obtain passwords with fake videos connected to malware, so the researchers say that users should be careful to avoid any videos that don’t seem to fit on the site. In some cases, even people that don’t have premium accounts have been targeted.

"Users of adult-content websites should keep in mind that such malware can remain unnoticed on a victim’s device for a long time, spying on their private actions and allowing others to do the same, without logging the user out so as not to arouse their suspicion," researchers told The Sun newspaper.

The University of Washington Medical Center

Someone in Seattle just wanted to do an innocent Google search on the name of a person they had met. Instead, the search led to the stranger's medical records.

Megan Flory told the local news that she and a friend were able to access the medical records of strangers through Google searches in December. The records belonged to the University of Washington Medical Center, the county hospital.

“It clearly said it was UW Medicine,” Flory recounted. She said she found as many 120 names through the Google search, revealing a list of people who had taken tests for HIV. The test results were not published.

Flory says she immediately reported the breach to UW Medicine. The hospital is just now reportedly distributing letters to patients. Officials estimate that 974,000 people are affected by the breach.

But hospital staff told KIRO 7 that the breached information did not contain medical records, patient financial information, or social security numbers.

“UW Medicine became aware of a vulnerability on a website server that made protected internal files available and visible by search on the internet on Dec. 4, 2018,” a spokesman told the local news.

Medical records are a popular target for hackers. A counseling center in Kentucky recently discovered that 16,000 patients records were accessed, and an American who had lived in Singapore is currently facing criminal charges for allegedly leaking a government-run HIV patient database online there.

Arizona businesses

A payment processor that works with numerous business in the Tucson area was hacked, potentially exposing the credit information of customers who shopped at Hacienda Del Sol Guest Ranch, Karichimaka, Tucson Truck Terminal, or Voyager RV Resort, among other potential business. People who notice anything suspicious are urged to contact a local hotline.

Take an Identity Theft Quiz

Get matched with an Authorized Partner

    Share your comments