United States – Whisper
Exploit: Unsecured database.
Whisper: Privacy-focused messaging app.
Risk to Small Business: 2.111 = Severe:
Developers overlooked basic security protocols when they left a database containing customer information unprotected by even a password, and hackers pounced. As a result, 900 million files dating back to the company’s launch in 2012 were made available online. Although the company was quick to secure the database, its reactive efforts will do little to assuage the doubts and concerns of its privacy-minded customer base.
Individual Risk: 2.571 = Moderate:
Users’ names were not stored in the exposed database, but nicknames, ages, ethnicities, genders, hometowns, group memberships, and location data were all available. Some personal information was highly sensitive and could be used to execute spear phishing campaigns or targeted ransomware attacks.
Customers Impacted: Unknown.
How it Could Affect Your Customers’ Business: Ransomware attacks not only negatively impact productivity and manufacturing, they also negatively impact growth. Companies like Visser Precision have many high-profile and mission-critical clients. Cybersecurity incidents can put those organizations at risk, making them less likely to do business with companies that have data security issues.
ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal AssistTM, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.
United States – Champaign-Urbana Public Health District
Exploit: Ransomware.
Champaign-Urbana Public Health District: Healthcare service provider.
Risk to Small Business: 2.111 = Severe:
A ransomware attack disabled the healthcare provider’s website as concerns over Coronavirus are reaching a fever pitch. While the incident spared the provider’s email accounts, health records, and patient records, it limited the agency’s ability to communicate with patients. The Champaign-Urbana Public Health District has begun using its social media accounts to communicate with the public, and they’ve launched a backup website to replace the disabled page. This is an expensive and potentially harmful incident at a time when quickly communicating information can be a matter of life and death.
Individual Risk: At this time, no personal information was compromised in the breach
Customers Impacted: Unknown.
How it Could Affect Your Customers’ Business: The particular malware strain that infected the Champaign-Urbana Health District targets enterprises running Windows 10. It’s a reminder that ransomware is on the rise and companies can take simple steps to ensure that malware doesn’t enter their system through outdated software, phishing attacks, or other vulnerabilities
ID Agent to the Rescue: BullPhish IDTM simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.
Canada – EVRAZ
Exploit: Ransomware.
EVRAZ: Steel manufacturer.
Risk to Small Business: 2 = Severe:
A ransomware attack crippled the company’s North American operations, including production at its Canadian steel plants. This attack complicates the company’s financial outlook at a time when it is already experiencing a significant drop in share price. Now, EVRAZ will have to grapple with the high cost of recovery, diminished productivity, and making significant improvements to its IT infrastructure – expenses no company needs during a time of worldwide uncertainty.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Few cyberattacks wreak as much havoc as ransomware attacks. Not only are they one of the most expensive attacks to recover from, but they are uniquely disruptive, creating many obstacles on the road to recovery. Every organization can protect itself from possible ransom attacks and other malware by securing accounts and otherwise safeguarding critical IT.
ID Agent to the Rescue: AuthAnvilTM protects everyone’s password integrity. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect user credentials and company data from ransomware and other malware. Find out more at https://www.idagent.com/authanvil-multi-factor-authentication.
Canada – Koodo
Exploit: Unauthorized database access.
Koodo: Wireless carrier
Risk to Small Business: 1.88 = Severe:
On February 13th, hackers used compromised credentials to access Koodo’s database. Once inside, they stole sensitive user data from August and September 2017. Hackers were not able to access phone numbers, which would have allowed them to receive two-factor authentication codes and further compromise user accounts. In response, Koodo has disabled some features to prevent hackers from misusing customer accounts.
Individual Risk: 2.428 = Severe:
Customer account details, including account numbers and identifying information, were obtained by the thieves and are now for sale on the Dark Web. It’s possible that hackers can use customer data to change user account information or receive two-factor authentication codes, which would further compromise personal data. Those impacted by the breach should take steps to ensure that their accounts are secure and that they are not vulnerable to additional attacks.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Data breaches have profound implications for companies and customers. In this instance, a customer-focused data breach could have undermined the company’s network integrity, allowing hackers to further infiltrate Koodo’s IT infrastructure. Rather than waiting to discover a data breach, use responsive monitoring tools to take preemptive steps to identify stolen credentials and to prevent a breach before it occurs.
ID Agent to the Rescue: We go into the Dark WebTM to keep you out of it. Dark Web ID is the leading Dark Web monitoring platform in the Channel. Our award-winning platform combines sophisticated human and Dark Web intelligence with search capabilities to identify, analyze and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact.
France – Lise Charmel
Exploit: Ransomware.
Lise Charmel: Retailer.
Risk to Small Business: 2 = Severe:
A ransomware attack devastated the high-end lingerie retailer, costing it millions and forcing it into receivership. The attack, which first began on November 8, 2019, encrypted the company’s entire IT infrastructure, including employee workstations and data stores. As a result, all company employees were rendered unable to work with dire consequences for the 70-year-old business.
Individual Risk: At this time, no personal data was compromised in the breach.
Customers Impacted: Unknown.
How it Could Affect Your Customers’ Business: Ransomware attacks have been ramping up and they can have serious consequences. Businesses must be prepared to defend their infrastructure and to orchestrate a comprehensive recovery process. This incident is a reminder that cybersecurity is a bottom-line issue that has real implications for a company’s viability in today’s dangerous digital landscape.
ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of dynamic, well-designed cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help you get the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team is here to support you from call to close! Learn more here: https://www.idagent.com/goal-assist.
United Kingdom – Anteus Tecnologia
Exploit: Exposed database.
Anteus Tecnologia: Developer and distributor of fingerprint identification systems
Risk to Small Business: 1.888 = Severe:
A cyberattack on February 20, 2020, compromised customers’ personal data and payment information but didn’t impact customer funds. The company admitted that the breach occurred because of a known vulnerability, raising questions about the priority of data security at the fintech startup. Now Loqbox is poised to experience significant customer blowback and regulatory scrutiny as it falls under the purview of Europe’s GDPR.
Individual Risk: 2.142 = Severe:
In addition to precise fingerprint data, the database also contained the email addresses and phone numbers of employees who store their information with the company. Those impacted by the breach should take every precaution to secure their data and beware of potential instances of fraud resulting from this compromised information.
Customers Impacted: 76,000.
How it Could Affect Your Customers’ Business: Today’s regulatory landscape promises steep penalties for companies that fail to protect customer information. In this environment careless errors, like failing to password protect a database, are especially egregious to regulators and customers – and all companies need to ensure that data security is a day-one, top-down priority.
ID Agent to the Rescue: Compliance ManagerTM can automate regulatory compliance in maintaining required data privacy standards, eliminating guesswork, and ensuring efficiency at every stage. Learn more at https://www.idagent.com/compliance-manager.
Australia – Melbourne Polytechnic
Exploit: Unauthorized database access.
Melbourne Polytechnic: Academic institution.
Risk to Small Business: 1.555 = Severe:
Melbourne Polytechnic has updated its data breach notification to reflect an incident that occurred between September and December 2018. The school didn’t identify the breach until October 2019 and has since been conducting an IT investigation to assess the damage. In response, the institution has issued an apology to staff and students impacted by the breach. However, users are still in danger of further compromise because the stolen data puts them at serious risk for fraud and other cybercrimes.
Individual Risk: 1.857 = Severe:
The compromised data is limited to staff and student information between September and December 2018. However, it includes highly sensitive personal details, including PII, healthcare-related data, and financial information. In addition, some victims had their usernames, email addresses, and passwords stolen. Although the culprit has been apprehended, this information has a long shelf life on the internet, and those impacted by the breach should carefully monitor their accounts and credentials for potential misuse.
Customers Impacted: 90,000.
How it Could Affect Your Customers’ Business: Consumers and employees are increasingly unwilling to work with companies that can’t protect their information. While recovery costs and regulatory fines make a data breach an expensive pitfall, the damage to a company’s reputation can never be fully repaired, ensuring that any breach will have cascading consequences that outlive the initial incident.
ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised, allowing companies to quickly act to mitigate the effects of a data breach. We work with MSSPs to strengthen their security suite with the leading Dark Web monitoring and reporting tool in the Channel. Discover more at https://www.idagent.com/dark-web/.
Australia – Manheim Auctions
Exploit: Ransomware.
Alinta Energy: Car auction house.
Risk to Small Business: 2 = Severe:
The world’s largest wholesale auction house for cars got a surprise it didn’t want on Valentine’s Day- ransomware. Hackers accessed and encrypted the network of the Australian branch of Manheim Auctions, demanding a head-turning $30 million ransom to release the company. The company was forced to post a message to customers on its Facebook page noting the diminished functionality while promising not to pay the ransom. Even without paying the ransom, the company won’t emerge unscathed. Recovery efforts will be incredibly expensive, and the productivity loss and reputational cost incurred will have long-lasting implications.
Individual Risk: At this time, no personal data was compromised in the breach.
Customers Impacted: 1,100,000
How it Could Affect Your Customers’ Business: Recovering from a ransomware attack is an expensive proposition. Regardless of whether or not companies choose to pay the ransom, these attacks have a profound impact on the victim’s bottom line. Rather than rewarding bad actors, every company should invest in a robust ransomware defense for protection from these costly incidents.
ID Agent to the Rescue: The most common way that ransomware is delivered is phishing. Designed to protect against human error, Bullphish ID simulates phishing attacks and manages security awareness training campaigns to educate employees, making them the best defense against this kind of cybercrime. Learn more here: https://www.idagent.com/bullphish-id.
Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863
No comments:
Post a Comment