United States - Quora
https://www.nytimes.com/2018/12/04/technology/quora-hack-data-breach.htmlhttps://blog.quora.com/Quora-Security-Update
Exploit: Unclear at this time.
Quora: A popular question and answer site that boasts 300 million monthly active users.
Quora: A popular question and answer site that boasts 300 million monthly active users.
 |
Risk to Small Business: 2.333 = Severe: People are not soon to forget that the question and answer site was unable to keep their data safe. This could cause a migration from any site to another similar one, something that is common among social media sites in particular.
|
 |
Individual Risk: 2.857 = Moderate: Those affected by this breach are at an increased risk of phishing attacks
|
Customers Impacted: Unclear at this time.
How it Could Affect Your Customers’ Business: Quora handled the breach very well, with the CEO releasing a blog post detailing what they know and apologizing to their users. The amount of time it will take for the organization to regain their users’ trust is unclear. The transparency by the organization’s leadership will greatly help it bounce back sooner than if they hadn’t responded as such.
How it Could Affect Your Customers’ Business: Quora handled the breach very well, with the CEO releasing a blog post detailing what they know and apologizing to their users. The amount of time it will take for the organization to regain their users’ trust is unclear. The transparency by the organization’s leadership will greatly help it bounce back sooner than if they hadn’t responded as such.
ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach of this type. Learn more: https://www.idagent.com/identity-monitoring-programs
Risk Levels:
1 - Extreme Risk
2 - Severe Risk
3 - Moderate Risk*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.
1 - Extreme Risk
2 - Severe Risk
3 - Moderate Risk*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.
United States – Humble Bundle https://www.scmagazine.com/home/security-news/humble-bundle-breach-could-be-first-step-in-wider-attack/
Exploit: Credential Stuffing.
Humble Bundle: Humble Bundle, Inc. is a digital storefront for video games, which grew out of its original offering of Humble Bundles, collections of games sold at a price determined by the purchaser and with a portion of the price going towards charity and the rest split between the game developers.
Humble Bundle: Humble Bundle, Inc. is a digital storefront for video games, which grew out of its original offering of Humble Bundles, collections of games sold at a price determined by the purchaser and with a portion of the price going towards charity and the rest split between the game developers.
| Risk to Small Business: 2.333 = Severe: The breach only contained user’s subscription status, but it is believed that this could be the first part of a more extreme breach. Because the bad actor knows if user’s subscriptions are active, inactive, or paused, they could send out spear-phishing emails about the subscriptions that would trick users into clicking. |
| Individual Risk: 3 = Moderate: No information directly related to the individual has been compromised other than the subscription status of users. |
Customers Impacted: A “very limited” number of people.
How it Could Affect Your Customers’ Business: This breach is a good lesson in how it is important to report any breach, as this seemingly minor breach is most likely the first step in a spear phishing campaign.ID Agent to the Rescue: ID Agent offers Dark Web ID™ which discovers compromised credentials that could be used to implement a crypto jacking script. Make sure your credentials are safe; for more information go tohttps://www.idagent.com/dark-web/
How it Could Affect Your Customers’ Business: This breach is a good lesson in how it is important to report any breach, as this seemingly minor breach is most likely the first step in a spear phishing campaign.ID Agent to the Rescue: ID Agent offers Dark Web ID™ which discovers compromised credentials that could be used to implement a crypto jacking script. Make sure your credentials are safe; for more information go tohttps://www.idagent.com/dark-web/
Risk Levels:
1 - Extreme Risk2 - Severe Risk3 - Moderate Risk*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.
1 - Extreme Risk2 - Severe Risk3 - Moderate Risk*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.
No comments:
Post a Comment