Tuesday, July 30, 2019

In Other News:

Company Cut Off from Government Contracts After Data Breach 

Last month, Perceptics, a maker of license plate readers used by the U.S. Customs and Border Patrol (CPB), endured a significant data breach that resulted in 65,000 files published to the Dark Web. 

As a result, the company has been placed on a veritable government black-list, suspending Perceptics from procuring government contracts. Although the suspension is technically limited to the CPB, the notice, which cites “evidence of conduct indicating a lack of business honesty or integrity,” could shun the company from doing business with other government agencies. 

Before the suspension, Perceptics had a 30-year working relationship with CPB, and their dissolution indicates the weight of unimpeachable cybersecurity standards for companies handling sensitive personal information on behalf of the government.

What’s more, Perceptics will still face administrative proceedings that will determine the company’s fate as it pertains to future work with the U.S. Government. 

The incident is a warning to all companies: cybersecurity is an obligation, not just a suggestion. Data breaches place people’s data at risk but are increasingly becoming capable of compromising an organization’s financial stability. Rather than leaving it up to chance, coordinate with a trusted third-party to ensure that your cybersecurity posture is ready to meet the moment

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Monday, July 29, 2019


United States - Georgia’s Administrative Office of the Courts and Judicial Council of Georgia

Exploit: Ransomware
Georgia’s Administrative Office of the Courts and Judicial Council of Georgia: Digital information arm for the Georgia state court system

twib-severeRisk to Small Business: 2.333 = Severe: A malware attack infected the agency’s computer network with ransomware, encrypting their files and disrupting many of their services. Officials have yet to reveal the ransom amount, but it marks the second significant ransomware attack for a Georgian government agency in 15 months. Fortunately, the agency does not store personal information on the affected network, and servers were brought offline to prevent malware from spreading. The previous attack in 2018 cost $7.2 million, foreshadowing another expensive blow that can be measured in time and money.
Individual Risk: No personal information was compromised in the breach. 
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware attacks wreak havoc on an organization's operational and financial integrity. To make matters worse, they are increasingly becoming more common and costly. Nevertheless, many ransomware attacks are delivered through phishing emails, which can be thwarted through organizational cybersecurity training for employees. Given the exceedingly high recovery expense and cascading damages caused by a ransomware attack, such training is the most cost-effective way of protecting your company.
ID Agent to the Rescue: BullPhish ID™ simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.

United States - Alive Hospicehttps://finance.yahoo.com/news/alive-hospice-notice-data-privacy-000000493.html 

Exploit: Unauthorized email account access
Alive Hospice: Healthcare provider offering hospice and family support services
twib-severeRisk to Small Business: 2 = Severe: On May 6th, hackers gained access to an employee’s email account containing personally identifiable information for patients at Alive Hospice. Although the company quickly reset the account password, the intruder was able to view significant amounts of sensitive data. In this case, a single email account was able to compromise newsworthy amounts of patient data, while also interrupting business processes. Alive Hospice will incur the expense of credit and identity monitoring services, along with the less quantifiable reputational cost that accompanies a data breach. 
twib-severeIndividual Risk: 2 = Severe: Although there is no indication that hackers have misused any company data, they did have access to patients’ names, contact information, dates of birth, social security numbers, driver’s license numbers, credit/debit card numbers, medical history information, treatment and prescription information, physician information, medical record number, Medicaid/Medicare numbers, health insurance information, and other in-house account details. Therefore, those impacted by the breach should enroll in the free credit and identity monitoring services being offered by Alive Hospice while remaining vigilant about monitoring their accounts for suspicious activity. 
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Personally identifiable information (PII) can quickly make its way to the Dark Web, where it can do considerable damage to those affected by a breach. Therefore, understanding what happens to compromised patient data is a significant part of any data breach recovery effort. 

ID Agent to the Rescue: Dark Web ID™ monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at: https://www.idagent.com/dark-web/.

United States - U.S. Virgin Islands Police Department 
Exploit: Ransomware
U.S. Virgin Islands Police Department: Law enforcement agency serving the United States Virgin Islands
extreme gaugeRisk to Small Business:  1.666 = Severe: An April ransomware attack on the island’s police computer network encrypted all files stored on the department’s servers. The impacted data included information related to internal affairs and citizen complaints, and the “Blue Team” and “IAPRO” programs were unavailable for several weeks. In addition, backups for some systems were also corrupted, requiring the department to install new versions of the affected software. Not only is the department struggling to provide services to its constituents, but it will also face a significant repair cost that is growing by the day. 
correct severe gaugeIndividual Risk: 2.571 = Moderate: Hackers did encrypt information related to citizen complaints, which could include sensitive personal information. However, there is no indication that this information was viewed or stolen during the ransomware attack.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business:The true price tag on a data breach can be deceptive, as recovery costs must be added to the opportunity cost of interrupted business processes and reputational damages. Organizations must be capable of knowing if personal information is accessed in an attack and need internal protocols to protect infrastructure and mitigate damage as much as possible.

ID Agent to the Rescue: SpotLight ID™ allows MSPs, Resellers and Channel Partners to deliver comprehensive personal identity protection for clients’ employees and customers, ultimately safeguarding corporate systems. Get started here: https://www.idagent.com/identity-monitoring-programs. 

United States - Maryland Department of Labor 
Exploit: Unauthorized database accessMaryland Department of Labor: Local government agency serving the state of Maryland
twib-severeRisk to Small Business: 2.222 = Severe: Hackers gained access to two agency databases that contained personally identifiable information. The breach, which occurred in April, involved data from those who received unemployment benefits in 2012 or pursued a general equivalency diploma in 2009, 2010, or 2014. It’s unclear why the agency waited several months to notify those impacted by the breach, but this cybersecurity incident underscores a troubling trend in government agencies in general and Maryland in particular. The agency will now be responsible for paying victims for two years of credit monitoring services, while also spending precious funds on recovery efforts. 
extreme gaugeIndividual Risk: 2.222 = Severe: A damage assessment conducted by a third-party forensics team concluded that no personal information was downloaded in the attack. However, hackers did have access to a deluge of personal data, including names, social security numbers, birth dates, city or county of residence, graduation dates, and record numbers. Those impacted by the breach are encouraged to closely monitor their credentials and to enroll in the credit monitoring services being offered by the agency.
Customers Impacted: 78,000
How it Could Affect Your Customers’ Business: It’s no secret that data breaches, especially those that compromise sensitive personal information, are always harmful. However, organizations can work to repair the damage by supporting those impacted with protection. By continuously monitoring the Dark Web, where stolen credentials are quickly bought and sold, businesses can grow and retain their customer base while generating loyalty.

ID Agent to the Rescue: Did you know that SpotLight ID is 100% US-based and more comprehensive than LifeLock® and others? Discover more about the personal identity protection solution here:  https://www.idagent.com/identity-monitoring-programs

United States - Mercy Health 

Exploit: Email security breach
Mercy Health: Catholic healthcare ministry serving Ohio and Kentucky
twib-severeRisk to Small Business: 2 = Severe Risk: A compromised email account at a third-party vendor in 2018 ultimately resulted in compromised personal information for Mercy Health patients. The third-party vendor, OS Inc., was involved in a similar data breach last year and was responsible for updating information for Medicare beneficiaries and billing for certain services. The incident reflects the complicated cybersecurity threats facing institutions working with third parties, specifically as it relates to managing personally identifiable information. 
twib-severeIndividual Risk: 2.285 = Severe Risk: Hackers did not gain access to financial or medical information, but they were able to view significant amounts of personally identifiable information, including names, dates of birth, dates of service, patient identification numbers, Social Security numbers, and medical record numbers.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Working with contractors and third parties is often a requirement in today’s digital ecosystem. However, those partnerships can create vulnerabilities that organizations need to address before allowing third parties to access their data. Therefore, robust cybersecurity protocols should be a prerequisite for any business relationship that includes that exchange of sensitive personal information.  

ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID is the leading Dark Web monitoring platform in the Channel. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact

United States - American Land Title Company (ALTA) https://www.bleepingcomputer.com/news/security/industry-breach-alert-published-by-us-national-trade-association-alta/

Exploit: Phishing attack
American Land Title Company (ALTA): National trade association representing various real estate entities
twib-severeRisk to Small Business: 1.888 = Severe Risk: A so-called ethical hacker contacted ALTA regarding 600 data entries accessed by its members using a phishing campaign. The compromised data may have included highly sensitive company data from ALTA organizations. This is the second phishing scam targeting ALTA members this year when a similar scam that originated within the organization was sent to member companies.
twib-severeIndividual Risk: 2.285 = Severe Risk: While the data accessed pertains to the companies involved, it could also include personal information, including domain identification, IP addresses, usernames, and passwords. ALTA organizations should encourage employees to monitor their accounts for suspicious activity and to ensure that they use unique, strong passwords for all accounts, especially those containing personally identifiable information. 
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessPhishing scams are unleashed with speed and precision, and they can quickly compromise your organization’s data. Fortunately, they are also entirely defensible with comprehensive awareness training. Knowing if your organization’s credentials are compromised before a data breach occurs can prevent a security incident before it harms your company and your customers.

ID Agent to the RescueDark Web ID alerts MSPs when their customers’ employee emails and passwords have been compromised and are for sale to the highest bidder, before a breach occurs. Learn how you can partner up with us here: https://www.idagent.com/dark-web.

Canada - The Boyd Group Income Fund https://finance.yahoo.com/news/boyd-group-income-fund-reports-214500293.html

Exploit: Ransomware
The Boyd Group Income Fund: Unincorporated, open-ended mutual fund trust

correct severe gaugeRisk to Small Business: 2.555 = Moderate: An internal notification system detected a ransomware attack on June 27th, causing the company to shut down some of its services. Many of the company’s offices were able to continue operations uninterrupted. However, some locations were temporarily disabled, causing them to lose sales during that period. Fortunately, the company previously established a ransomware response policy that dictated immediate actions and prevented the malware from spreading further into their network. The Boyd Group believes that these protocols will minimize the financial impact on their business while helping them recover quickly. Of course, they will still be receiving multiple invoices from cybersecurity experts who are analyzing their network and security protocols.
whiteboxIndividual Risk: No personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessThe Boyd Group’s response plan will certainly mitigate some of the damage from this data breach. For one, the company attained ransomware insurance that will help them recoup any financial loss resulting from the attack. Additionally, their planned response minimized the malware’s ability to compromise their network. Even so, there are always costs associated with full recovery, meaning that a proactive defense is still the most critical component of a data breach security system.

ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.

United Kingdom - St. John Ambulance https://www.theinquirer.net/inquirer/news/3078418/st-john-ambulance-ransomware-attack

Exploit: Ransomware
St. John Ambulance: Non-profit providing first aid and emergency medical service training

Risk to Small Business: 2.444 = Severe: On July 2, the non-profit organization was affected by a ransomware attack that temporarily blocked St. John Ambulance from accessing training systems and customer data. The charity’s IT department was able to restore data from backups, claiming that normal operations were reestablished in less than thirty minutes. This scenario underscores the importance of installing proactive cybersecurity measures, which enabled St. John Ambulance to avoid paying a ransom to recover their content.
 twib-severeIndividual Risk: 2.285 = Severe: The personal information of everyone who opened an account or booked and attended a training course until February 2019 may have been compromised. Although St. John Ambulance expressed confidence that the information was not shared outside of the organization, hackers did gain access to names, course credentials, certificate information, invoicing details, and other course-related content. The company uses a third-party payment processing agent to execute transactions, so no payment information was compromised in the breach. Nevertheless, those impacted should carefully monitor their accounts for unusual activity.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Having the technological capabilities to recover from a ransomware attack should be a top priority for any organization. More importantly, every company needs the capability to verify that sensitive data accessed during a ransomware attack doesn’t make its way onto the Dark Web. Since many ransomware attacks begin with malware delivered through phishing emails, comprehensive awareness training can stop these types of attacks from occurring in the first place.

ID Agent to the Rescue: Monitoring the Dark Web for stolen credentials is critical for MSPs who want to provide comprehensive security to their customers. BullPhish ID compliments that data with simulated phishing attacks and security awareness training campaigns to educate employees, making them the best defense against cybercrime: https://www.idagent.com/bullphish-id.

Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com