Tuesday, April 23, 2019

Breached companies!!!

Exploit: Employee phishing scam
Verity Medical Foundation: Healthcare provider based in San Jose, CA
correct severe gaugeRisk to Small Business: 2.333 = Severe: VMF recently notified its patients of another security breach it suffered on January 16th of this year, immediately following two similar phishing incidents. A hacker was able to compromise an employee’s Office 365 account for several hours and send phishing emails internally and externally to gather usernames and passwords. Although the organization maintains that there is no evidence of patient information being accessed, they will now face scrutiny by the media and patients, along with being forced to deploy mandatory training for employees.
correct severe gauge                                               
Individual Risk: 2.571 = Severe: Aside from account usernames and passwords, protected health information including DOBs, patient identification numbers, phone numbers, addresses, health plans, treatments received, SSNs, and even insurance details may have been exposed. While the company believes that it was unlikely that the attacker was after the data, affected patients should enlist in identity monitoring and additional security measures.
Customers Impacted: 14,894 patients
How it Could Affect Your Customers’ Business: The compounding effects of back-to-back breaches can amount to serious losses for organizations. Even worse, employee phishing attacks are entirely preventable through the implementation of security training and education. If breach occurs, businesses are forced to enroll their employees in such programs anyway, and likely at a higher cost. By then, however, the damage will have already been done.

ID Agent to the Rescue:  BullPhish ID™ simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
Exploit: Malware installation on point-of-sale (POS) systems
Earl Enterprises: Hospitality industry giant that owns Buca Di Beppo, Planet Hollywood, Earl of Sandwich, and other restaurant brands
correct severe gaugeRisk to Small Business: 2 = Severe: In a press release published last Friday, the company announced that hackers had planted malware on POS systems, affecting over 100 restaurants between May 23, 2018, and March 18, 2019. After noticing a mysteriously large card dump in February, cybersecurity researchers realized that this incident is related to a database that is already available for sale on the Dark Web. In addition to dealing with customer churn and brand degradation, the company will now have to do its best to protect the users whose card information is up for grabs on the Dark Web.
correct severe gauge                                               Individual Risk: 2.428 = Severe Credit and debit card numbers, expiration dates, and cardholder names were exposed in the incident and will eventually be sold to the highest bidder on the Dark Web. Anyone who dined at Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology, or Tequila Taqueria should consider cancelling their cards, monitoring their financial reports, and changing their passwords.
Customers Impacted: 2.15 million cardholders
How it Could Affect Your Customers’ BusinessIn the wake of a breach, understanding how fraudsters plan on using stolen data is crucial to risk mitigation. If Earl Enterprises had worked with security providers capable of monitoring the Dark Web, the company would have been able to identify the threat earlier and act accordingly.
ID Agent to the Rescue: Dark Web ID™ can find out how payment data is being used on the Dark Web, even in the case of a malware attack. We work with MSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/.
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
Exploit: Ransomware infection to third-party system
Canadian Internet Registration Authority: Canada's not-for-proft agency that manages domain registry
correct severe gaugeRisk to Small Business: 2 = SevereOn March 26th, the CIRA’s parking garage suffered from a ransomware attack, allowing anyone to enter without a security check and park for free. The compromise persisted for two days, resulting in systems being locked with a ransom note displayed by the attackers. Since the parking garage company Precise Link did not have a backup of the files, restoring the systems will come at an incredibly high cost.
correct severe gaugeIndividual Risk: 2.482 = Severe It is unclear if the hackers gained access to employee data, but the risk for citizens should be little to none.
Customers Impacted: To be determined
How it Could Affect Your Customers’ BusinessVendors that serve as third-party service providers for large firms should be wary of upcoming attacks. As hackers shift their focus towards the smallest vulnerabilities within an organization, they will certainly consider targeting the third-party companies that manage their data. To avoid future compromises, companies should work with a security solution that employs a Dark Web monitoring tool which can be crucial in determining if stolen information is trading hands between cybercriminals.

ID Agent to the Rescue: BullPhish ID™ simulates cyber attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against ransomware and cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
Exploit: Faulty security productRoyal Bank of Scotland: Retail banking company in Scotland
correct severe gaugeRisk to Small Business: 2 = SevereAfter RBS group provided its business banking customers with free software, it was discovered that the product had a major security flaw. Attackers could have exploited the glitch to access and gain complete control of user computers, allowing them to view emails, internet history, and bank details. The patch was fixed, and the company explained that it should only affect Natwest customers, but such an incident could easily spook any clientele.
correct severe gauge                                              Individual Risk: 2.428 = Severe: It is unlikely that attackers were able to take advantage of the compromise since the company was able to immediately patch the flaw once it was discovered. Nevertheless, patrons of the bank should monitor their financial statements for suspicious activity.
Customers Impacted: Around 50,000 customers
How it Could Affect Your Customers’ BusinessThis incident serves as a great example of why rapid detection is so important to preventing breach. Since the compromise was uncovered by security researchers, the company was able to make changes in the nick of time. By leveraging advanced monitoring tools that can proactively search the Dark Web for customer and employee data, security providers and businesses can be more confident in their solutions.


ID Agent to the Rescue: Dark Web ID can monitor the Dark Web and find out if your employee or customers data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/.
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
Exploit: Remote unlock
Total: Oil and Gas company that operates gas stations 
extreme gaugeRisk to Small Business: 2 = Severe: French authorities arrested five men connected to a scheme in which they stole over 120,000 liters in fuel from gas stations around Paris. Knowing that managers often do not change the default lock code on the gas pump, the hackers used a special remote to reset fuel prices and remove fill-up limits. The fraud was discovered back in April 2018 and one suspect was arrested, but last Monday all known members were apprehended. Along with losing over $168,000 in fuel, the company was forced to change protocols to avoid a similar incident from occurring in the future.
correct moderate gauge                                               Individual Risk: 2.598 = Moderate: No individuals are at risk.
Customers Impacted: N/A 
How it Could Affect Your Customers’ Business:  As we’ve come to learn, employees hold the keys to many valuable and potentially vulnerable pieces of most businesses. To prevent such attacks from occurring in the first place, employees must be trained to spot vulnerabilities and take proper action in the event of breach.
ID Agent to the Rescue: Designed to protect against human error, Bullphish ID simulates phishing attacks and manages security awareness training campaigns to educate employees, making them the best defense against cybercrime. Learn more here: https://www.idagent.com/bullphish-id
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
Exploit: System vulnerability
Facebook: American social media company
correct severe gaugeRisk to Small Business: 2.333 = SevereAfter news broke that the personal details of over 60,000 Australians were exposed in a cyber-attack against Facebook last year, it looks like the final number has almost doubled. The revelations were disclosed in a confidential correspondence between Facebook and Australia’s privacy watchdog, the OAIC. The company maintains that passwords and payment information was not at risk, but certainly stands to lose disenchanted users once they are notified.
correct severe gaugeIndividual Risk: 2.428 = Severe: Although hackers were able to access only names, emails, and phone numbers for 47,912 Australians, a whopping 62,306 Facebook users had their hometowns, recent check-ins, birthdays, education, work history, Facebook search history, genders, relationship status, religions, and more exposed. Additionally, over 1,000 could have had their private conversations accessed through Messenger. As such, the extent of this breach is certainly alarming and AU citizens should do everything in their power to prevent identity fraud.
Customers Impacted: At least an additional 60,000+ users
How it Could Affect Your Customers’ BusinessFor companies operating across borders, the landscape of cybersecurity has changed dramatically. With recent laws being implemented in Europe and Australia, businesses will be forced to notify affected customers in the wake of a cyberattack. If this wasn’t bad enough, public awareness and media surrounding data breaches continues to grow exponentially, making customer turnover and the loss of brand equity a reality instead of a simple afterthought.
ID Agent to the RescueDark Web ID can monitor the Dark Web and find out if your employee or customers data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/.
1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
Exploit: Password spraying
Taalem Education Group: Organization that runs the Dubai British School of Jumeirah Park
correct moderate gaugeRisk to Small Business: 2 = Severe: A British school in Dubai is warning parents of a cyberattack on its network, which employed password spraying to take advantage of weak passwords and compromise employee email accounts. After recognizing and dealing with the incident within a few hours, their IT team reset compromised accounts and blocked attackers from the system. Since the breach, however, hackers did send phishing emails to employees and parents of students attempting to defraud them. Although the school has done their due diligence by securing their networks and warning parents and employees, it will be important to avoid similar incidents going forward.
correct moderate gaugeIndividual Risk: 2.428 = SevereIf parents and employees tread carefully and do not open up fraudulent phishing links, they should be able to avoid the scam. Yet, there is some risk since such a scheme can result in financial losses or identity theft.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessIt’s no secret that hackers are targeting employee accounts to enter organizational ecosystems. Employee email accounts generally contain a level of trust or authority, and cybercriminals understand that they can leverage this to trick other employees and parents. By partnering with a solution that brings employee training to the fore and simulates phishing campaigns, you can always be prepared when fraudsters come knocking at your door.

ID Agent to the Rescue:  With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
Exploit: IT System breach
Toyota: Japanese car maker
correct moderate gauge
Risk to Small Business: 2.333 = Severe: Toyota announced another data breach last week, making it the second incident within the past few months. After breaching the Australian arm of the company, this time hackers targeted main offices in Japan to access sales information for up to 3.1M customers. The company has yet to determine if details were extracted vs. just accessed but explained that customer financial information was not stored on the compromised servers. Additionally, they are uncertain if the hacks were perpetrated by the same group, yet security experts believe that APT32 cyber criminals are the likely culprits. Furthermore, it is being speculated that the hacker scheme involved leveraging the data gained in the Australian breach to execute the latest attack on the company’s Japan office headquarters.
correct moderate gaugeIndividual Risk: 2.571 = Moderate: Details regarding what information was exposed are still being determined, but Toyota customers should watch out for suspicious activities on their personal and payment accounts. Also, looking back to see what information was provided to the car maker can help determine the level of risk that may be involved.
Customers Impacted: 3.1 million users
How it Could Affect Your Customers’ Business: Just because a company has been hacked before does not mean that it won’t be targeted again. In this case, it is quite possible that the fraudsters intended to extract valuable information from the Australian breach of Toyota in order to access their main offices. To keep systems airtight, companies must reevaluate what data is shared across working groups, departments, and offices, along with emphasizing the importance of adhering to cybersecurity best practices when it comes to their employees.

ID Agent to the Rescue:  Monitoring the Dark Web for stolen credentials is critical for MSPs who want to provide comprehensive security to their customers. BullPhish ID complements that data with simulated phishing attacks and security awareness training campaigns to educate employees, making them the best defense against cybercrime: https://www.idagent.com/bullphish-id
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

No comments:

Post a Comment