Posted on

US Fertility says patient data was stolen in a ransomware attack

U.S. Fertility, one of the largest networks of fertility clinics in the United States, has confirmed it was hit by a ransomware attack and that data was taken.
The company was formed in May as a partnership between Shady Grove Fertility, a fertility clinic with dozens of locations across the U.S. east coast, and Amulet Capital Partners, a private equity firm that invests largely in the healthcare space. As a joint venture, U.S. Fertility now claims 55 locations across the U.S., including California.
In a statement, U.S. Fertility said that the hackers “acquired a limited number …

Read More

Posted on

A bug meant Twitter Fleets could still be seen after they disappeared

Twitter is the latest social media site to allow users to experiment with posting disappearing content. Fleets, as Twitter calls them, allows its mobile users post short stories, like photos or videos with overlaying text, that are set to vanish after 24 hours.

But a bug meant that fleets weren’t deleting properly and could still be accessed long after 24 hours had expired. Details of the bug were posted in a series of tweets on Saturday, less than a week after the feature launched.

The bug effectively allowed anyone to access and download a user’s fleets without triggering a notification that the user’s fleet had been read and by whom. The implication is that this bug could be abused to archive a user’s fleets after they expire.

Using an app that’s designed to interact with Twitter’s back-end systems via its developer API. What returned was a list of fleets from the server. Each fleet had its own direct URL, which when opened in a browser would load the fleet as an image or a video. But even after the 24 hours elapsed, the server would still return links to fleets that had already disappeared from view in the Twitter app.

When reached, a Twitter spokesperson said a fix was on the way. “We’re aware of a bug accessible through a technical workaround where some Fleets media URLs may be accessible after 24 hours. We are working on a fix that should be rolled out shortly.”

Twitter acknowledged that the fix means that fleets should now expire properly, it said it won’t delete the fleet from its servers for up to 30 days — and that it may hold onto fleets for longer if they violate its rules. We checked that we could still load fleets from their direct URLs even after they expire.

Fleet with caution.

Read More

Posted on

WeWork employees used an alarmingly insecure printer password

A shared user account used by WeWork employees to access printer settings and print jobs had an incredibly simple password — so simple that a customer guessed it.

Jake Elsley, who works at a WeWork in London, said he found the user account after a WeWork employee at his location mistakenly left the account logged in.

WeWork customers like Elsley normally have an assigned seven-digit username and a four-digit passcode used for printing documents at WeWork locations. But the username for the account used by WeWork employees was just four-digits: “9999”. Elsley told TechCrunch that he guessed the password because it was the same as the username. (“9999” is ranked as one of the most common passwords in use today, making it highly insecure.)

Read more on Extra Crunch

The “9999” account is used by and shared among WeWork community managers, who oversee day-to-day operations at each location, to print documents for visitors who don’t have accounts to print on their own. The account cannot be used to access print jobs sent to other customer accounts.

Elsley said that the “9999” account could not see the contents of documents beyond file names, but that logging in to the WeWork printing web portal could allow him to release other people’s pending print jobs sent to the “9999” account to any other WeWork printer on the network.

The printing web portal can only be accessed on WeWork’s Wi-Fi networks, said Elsley, but that includes the free guest Wi-Fi network which doesn’t have a password, and WeWork’s main Wi-Fi network, which still uses a password that has been widely circulated on the internet.

Elsley reached out to TechCrunch to ask us to alert the company to the insecure password.

“WeWork is committed to protecting the privacy and security of our members and employees,” said WeWork spokesperson Colin Hart. “We immediately initiated an investigation into this potential issue and took steps to address any concerns. We are also nearing the end of a multi-month process of upgrading all of our printing capabilities to a best in class security and experience solution. We expect this process to be completed in the coming weeks.”

WeWork confirmed that it had since changed the password on the “9999” user account.

Read More