The Week in Breach News – United States
United States – Delaware Division of Public Health
https://news.delaware.gov/2020/11/15/delaware-division-of-public-health-announces-data-breach-incident/
Exploit: Accidental Data Sharing
Delaware Division of Public Health: State Health Agency
Risk to Business: 2.311 = Severe
The Delaware Division of Public Health announced that in mid-September, a temp sent two emails containing COVID-19 test results for approximately 10,000 individuals to the wrong party. The August 13, 2020, email included test results for individuals tested between July 16, 2020, and August 10, 2020. The August 20, 2020, email included test results for individuals tested on August 15, 2020. Investigators have determined that these emails were sent by mistake, as the information was supposed to be sent to a member of the call center staff to assist individuals in obtaining their test results.
Individual Risk: 2.824 = Moderate
The information mistakenly released in this foul-up included the date of the test, test location, patient name, patient date of birth, phone number if provided, and test result.
Customers Impacted: 10,000
How it Could Affect Your Customers’ Business: Human error remains the number one cause of a data breach. Security awareness training is the most effective way to prevent unfortunate employee errors.
ID Agent to the Rescue: No business can afford to overlook regular cybersecurity awareness training and risk mitigation. Our digital risk protection platform has the solutions that you need to provide strong security for your business at a great price. LEARN MORE>>
United States – Vertafore Inc.
https://siliconangle.com/2020/11/15/data-belonging-27-7m-texas-drivers-stolen-latest-case-unsecured-storage/
Exploit: Unsecured Database
Vertafore Inc.: Insurance Company
Risk to Business: 1.702 = Severe
Information about 27.7 million Texas drivers has been exposed online and stolen from an unsecured database belonging to insurance company Vertafore Inc. after someone put three major company files on an unsecured storage server.
Individual Risk: 2.662 = Moderate
The company says that no identification misuse has been determined, but they’re also offering free credit monitoring and identity restoration services to all Texas driver’s license holders potentially affected by the data breach.
Customers Impacted: $27.7 million
How it Could Affect Your Customers’ Business Bad data handling is a symptom of poor cybersecurity hygiene, and it can easily lead to bigger problems like ransomware and password compromise.
ID Agent to the Rescue: Ransomware is typically delivered as the nasty cargo of a phishing attack. Improve your staff’s phishing resistance to fight back against ransomware threats. LEARN MORE>>
United States – X-Cart
http://www.digitaljournal.com/tech-and-science/technology/x-cart-suffers-from-ransomware-attack/article/580881
Exploit: Third Party Software
X-Cart: eCommerce Platform Creator
Risk to Business: 2.003 = Severe
X-cart discovered the danger of vetting errors when attackers exploited a vulnerability in a third-party software tool to gain access to X-Cart’s store hosting systems. Some stores went down completely, while others reported issues with sending email alerts. The incident is under investigation and service has been restored for clients.
Individual Risk: No personal or consumer information was reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Cyberattacks can come from unexpected quarters, like a vulnerability in third-party software that you rely on.
ID Agent to the Rescue: Passly adds essential protection to your systems and data through secure identity and access management to place a strong shield between your business and cybercrime. LEARN MORE>>
United States – Wildworks (Animal Jam)
https://www.informationsecuritybuzz.com/expert-comments/animal-jam-kids-virtual-world-hit-by-data-breach-impacting-46m-accounts-expert-commentary/
Exploit: Third Party Data Breach
Wildworks: Video Game Developer
Risk to Business: 1.664 = Severe
Wildworks, the developer of the online kid’s playground Animal Jam, announced a data breach involving a third-party vendor that exposed the information of millions of children on the Dark Web. The information appeared on the Dark Web as the booty of cybercrime gang ShinyHunters.
Individual Risk: 1.902 = Severe
Exposed information includes 46 million player usernames, which are human moderated to make sure they do not contain a child’s proper name, 46 million SHA1 hashed passwords and approximately 7 million email addresses of parents whose children registered for Animal Jam.
Customers Impacted: 46 million
How it Could Affect Your Customers’ Business: Third-party service providers may not have the same commitment to data security as you do. It pays to do your homework to avoid these problems whenever possible.
ID Agent to the Rescue: Information like this can hang around for years after it hits the Dark Web. Make sure your staff’s credentials haven’t been exposed with Dark Web ID 24/7/365 monitoring. SEE HOW IT WORKS>>
United States – Pluto TV
https://www.bleepingcomputer.com/news/security/hacker-shares-32-million-pluto-tv-accounts-for-free-on-forum/
Exploit: Hacking
Pluto TV: Online Television Service
Risk to Business: 2.166 = Severe
Hackers from the cybercrime gang ShinyHunters have announced the acquisition of 3.2 million Pluto TV user records that were purportedly stolen during a data breach. The data appears to be somewhat out of date, and Pluto TV has not confirmed the breach.
Individual Risk: 2.611 = Moderate
Exposed information includes a member’s display name, email address, bcrypt hashed password, birthday, device platform, and IP address. The data is estimated to be about two years old.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Protecting your client records and other sensitive data from thieves has to be a top priority, no matter how old it is. Customers expect that you’ll keep it safe with reasonable security precautions in place.
ID Agent to the Rescue: Passly helps keep data safer by providing strong protection against hacking with single sign-on to make it easy to control access exactly where you need it. LEARN MORE>>
United States – The North Face
https://chainstoreage.com/report-hackers-may-have-obtained-north-face-customer-data
Exploit: Credential Stuffing
The North Face: Outdoor Apparel Retailer
Risk to Business: 2.322 = Severe
Hackers mounted a successful attack against outdoor retailer The North Face, capturing an unknown amount of client data in the process. While retail operations were not disrupted, the company has released a caution to customers about the incident.
Individual Risk: 2.711 = Moderate
The company noted that the breach includes “products you have purchased on our website, products you have saved to your ‘favorites,’ your billing address, your shipping address(es), your VIPeak customer loyalty point total, your email preferences, your first and last name, your birthday (if you saved it to your account), and your telephone number (if you saved it to your account)”. Payment information was stored separately and more securely and not impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Credential stuffing attacks have gained new fuel from a bountiful harvest of Dark Web data dumps adding fresh ammo for cybercrime.
ID Agent to the Rescue: Multifactor authentication with Passly is the perfect tool to guard your business against credential stuffing attacks. LEARN MORE>>
The Week in Breach News – Canada
Canada – The City of Saint John, N. B.
https://www.itworldcanada.com/article/saint-john-n-b-shuts-it-systems-after-significant-cyber-attack/438315
Exploit: Ransomware
The City of Saint John, N. B.: Municipal Government
Risk to Business: 1.222 = Extreme
A massive cyberattack has ground many municipal operations to a halt in Saint John, New Brunswick. The suspected ransomware attack on the city government caused havoc. Government officials said in a statement that while its 911 communications network is open, the cyberattack has shut the city’s website, email, online payment system, and customer service applications.
Individual Risk: No personal or consumer information was reported as impacted in this incident so far, but it is still being remediated.
Customers Impacted: 68,000
How it Could Affect Your Customers’ Business: Ransomware isn’t just about capturing data anymore, it can also be intended to shut down your business. Security awareness training prevents up to 70% of cybersecurity incidents.
ID Agent to the Rescue: Phishing resistance training is one of the most important ways that any organization can protect their systems and data. Not only does it improve your staff’s phishing resistance, but it also boosts their overall cybersecurity awareness too. LEARN MORE>>
The Week in Breach News – United Kingdom & European Union
United Kingdom – Sandcliffe Motor Group
https://www.am-online.com/news/dealer-news/2020/11/09/sandicliffe-customer-data-breach-could-affect-thousands
Exploit: Ransomware
Sandcliffe Motor Group: Automobile Retailer
Risk to Business: 1.802 = Severe
A ransomware attack has exposed the information of employees and customers of Sandcliffe Motor Group. The chain of 10 dealerships around the UK has traced the source to an employee clicking a link in a phishing email.
Individual Risk: 1.613 = Severe
The company noted that bank account details and medical histories may be included in the information that was snatched. Clients and employees should be aware of the possibility that their personally identifiable or financial data was compromised and be alert to spear phishing and identity theft attempts.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Phishing never goes away, and it’s always the fastest, easiest way for cybercriminals to strike.
ID Agent to the Rescue: Don’t just hope that you’re not next – fight back against ransomware threats with our eBook “Ransomware 101”. See why you’re at risk and how to protect your business fast. GET THE BOOK>>
Germany – Miltenyi Biotec
https://www.securityweek.com/biotech-company-miltenyi-biotec-discloses-malware-attack
Exploit: Malware
Miltenyi Biotec: Cell and Therapy Research Solutions Provider
Risk to Business: 2.322 = Severe
Malware is to blame for a recent spate of order processing snafus at Miltenyi Biotec, a major manufacturer and distributor of essential solutions used in scientific research and medical therapies. The company noted that it has been able to control the problem and does not anticipate a significant future impact.
Customers Impacted: Unknown
Individual Risk: No personal or consumer information was reported as impacted in this incident so far, but it is still being remediated.
How it Could Affect Your Customers’ Business: Malware can arrive on your doorstep in many ways, but it’s most likely to come attached to a phishing email.
ID Agent to the Rescue: Don’t wait until malware knocks on your door to update phishing resistance training for every staffer with easy, remote-friendly training using BullPhish ID. SEE BULLPHISH ID IN ACTION>>
The Week in Breach News – Australia & New Zealand
Australia – Nexia Australia and New Zealand
https://www.itwire.com/security/melbourne-firm-denies-data-stolen-during-ransomware-attack.html
Exploit: Ransomware
Nexia Australia and New Zealand: Accounting Firm
Risk to Business: 1.806 = Severe
REvil ransomware strikes again, this time at major accounting firm Nexia. The company informed regulators of an attack on November 3, 2020. While the REvil gang had up until recently boasted of the score on its website, the information has since disappeared, leading to speculation that the ransom was paid. The firm has not confirmed what if any data was stolen, although the REvil group did confirm that it had data in its initial posting.
Individual Impact: No information is available about any personal or financial data that was exposed in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is a menace that every company must be on guard for at every turn to avoid messy and damaging incidents like this, with correspondingly expensive results.
ID Agent to the Rescue: Phishing resistance training with BullPhish ID is the key to guarding against ransomware with 80+ plug and play phishing simulation campaigns just waiting to transform your staffers from your largest attack surface to your largest defensive asset. LEARN MORE>>
The Week in Breach News – Asia Pacific
India – Press Trust of India
https://www.nationalheraldindia.com/national/massive-ransomware-attack-hits-news-agaency-pti-services-resume
Exploit: Ransomware
Press Trust of India: News Reporting Service
Risk to Business: 2.169 = Severe
Major Indian news agency Press Trust of India was shut down for several hours over the weekend after a ransomware attack disrupted its operations, leaving millions of subscribers including major news sources in the dark. Service was restored by the next day and an investigation is underway, but the suspected culprit is ransomware.
Individual Impact: No personal data was exposed in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Snarling systems and impacting production are two goals that we’re seeing on the rise on cybercriminal hit lists, and frequently ransomware is the tool that they prefer to shut down businesses.
ID Agent to the Rescue: Don’t get locked out of your business by ransomware. Phishing resistance training with BullPhish ID transforms your staffers from your largest attack surface to your largest defensive asset. LEARN MORE>>
Singapore – RedDoorz
https://www.bleepingcomputer.com/news/security/58-million-reddoorz-user-records-for-sale-on-hacking-forum/
Exploit: Unauthorized Database Access
RedDoorz: Hotel Management and Booking Platform
Risk to Business: 2.070 = Severe
The bad guys slipped through the door at the hotel and travel booking platform RedDoorz, and they took home some souvenirs. A threat actor is selling a RedDoorz database containing 5.8 million user records on a Dark Web forum.
Individual Risk: 2.037 = Severe
In the information exposed on the Dark Web, cybercriminals showed that they had obtained user records that included the member’s email, bcrypt hashed passwords, full name, gender, link to profile photo, phone number, secondary phone number, date of birth, and occupation as well as miscellaneous personal details. Users of the platform should be wary of spear phishing attempts using this data.
Customers Impacted: 5.9 million
How it Could Affect Your Customers’ Business: Putting extra security between your client records and hackers is a smart move to avoid becoming part of the booming Dark Web data economy.
ID Agent to the Rescue: Information from attacks like this frequently makes its way to Dark Web data markets and dumps, including stolen password lists. Make sure your employee credentials are protected from unexpected risk when you have them monitored with Dark Web ID SEE DARK WEB ID AT WORK>>
Malaysia – 123RF
https://www.hackread.com/ransomware-attack-brazil-top-court-encrypts-backups/
Exploit: Unauthorized Database Access
123RF: Stock Photo Provider
Risk to Business: 2.233 = Severe
Popular stock photo source 123RF discovered that someone had stopped by or more than just some free art this week after 8.3 million of its client records appeared on the Dark Web. Based on the dates listed, the information is likely a year or so old.
Risk to Business: 2.427 = Severe
The pilfered data includes user records showing 123RF members’ full name, email address, MD5 hashed passwords, company name, phone number, address, PayPal email if used, and IP address. There is no financial information stored in the database. Users should be on the lookout for possible spear phishing emails like fake PayPal notices using this data.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Guarding user records is essential in today’s business world because savvy users are likely to take their business elsewhere after a breach.
ID Agent to the Rescue: How strong are the passwords that you’re using to protect your data and systems. Find out how bad passwords are born, and how they help hackers steal your data in our eBook “Is That Your Password?“. GET THE BOOK>>
The Week in Breach – South America
Chile – Cencosud
https://www.bleepingcomputer.com/news/security/retail-giant-cencosud-hit-by-egregor-ransomware-attack-stores-impacted/
Exploit: Malware
Cencosud: Retail Conglomerate
Risk to Business: 2.342 = Severe
Cencosud was hit with a ransomware attack that encrypted devices throughout their retail outlets and impacted the company’s operations. Most retail locations of the South American retail giant are operational, but other services including its in-house credit cards have been impacted. Egregor ransomware is suspected as the culprit. Cencosud manages a wide variety of stores in Argentina, Brazil, Chile, Colombia, and Peru.
Individual Risk: While it’s clear that a great deal of information and major systems were encrypted, there are no specifics on any data stolen.
Customers Impacted: Unknown
Bit by bit helps client networks run smooth and secure.. visit our website at
