United States – Tandem Diabetes Care
Exploit: Phishing scam
Tandem Diabetes Care: Medical device manufacturer
Risk to Small Business: 2.555= Severe
Five employees fell for a phishing scam that gave hackers access to email accounts containing customer data between January 17 and January 20, 2020. Although the company acted quickly to secure the compromised employee accounts, they were unable to recoup the stolen information. Given the sensitive nature of their industry, Tandem Diabetes Care will likely face increased regulatory scrutiny and hefty financial penalties.
Individual Risk: 2.428 = Severe
Although Tandem Diabetes Care has expressed in the integrity of their data storage, hackers likely had access to names, contact information, service-related details – even some patients’ Social Security numbers were exposed in the breach. Victims should consider enrolling in credit and identity monitoring services.
Customers Impacted: 140,000
How it Could Affect Your Customers’ Business: In response to this breach, Tandem Diabetes Care is updating its email security protocols to prevent a similar incident in the future. However, phishing scams account for a significant portion of all data breaches, and preparing for these attacks should be a built-in component of every organization’s defense strategy.
ID Agent to the Rescue: BullPhish IDTM simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id
United States – University of Utah Health
https://www.securityweek.com/university-utah-health-discloses-data-breach?&web_view=true
Exploit: Phishing scam
University of Utah Health: Research and teaching hospital
Risk to Small Business: 1.889= Severe
A phishing scam provided hackers with access to the University of Utah Health’s network for more than a month, beginning on January 22, 2020. In addition, the healthcare provider discovered malware on its network that allowed hackers to access patient data. Although the University of Utah Health responded quickly, bad actors still had prolonged access to company and customer data, including HIPPA-protected healthcare records – creating financial, reputational, and regulatory consequences both now and in the future.
Individual Risk: 2.428= Severe
The compromised accounts included patients’ names, dates of birth, medical record numbers, and clinical data. This information can be used to craft authentic-looking spear phishing campaigns. Victims should carefully evaluate all digital communications, and consider enrolling in identity and credit monitoring services to ensure that this information isn’t being misused in other ways.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Like many companies responding to a data breach, the University of Utah Health is promising changes to its defensive posture to prevent a similar breach in the future. However, companies should assume that malware attacks and phishing scams are an “if” not a “when” proposition, and they should prepare their defensive posture accordingly.
ID Agent to the Rescue: Designed to protect against human error, Bullphish ID simulates phishing attacks and manages security awareness training campaigns to educate employees, making them the best defense against cybercrime. Learn more here: https://www.idagent.com/bullphish-id
United States – Tupperware
Exploit: Malware attack
Tupperware: Home products line
Risk to Small Business: 2.334= Severe
Hackers infiltrated Tupperware’s online store, injecting payment skimming malware into the checkout process. The malicious script was active for at least five days, and it effectively mimicked Tupperware’s official payment form. After shoppers entered their data into the fake form, a “time out” error appeared, redirecting customers to the actual payment page and disguising the theft, which allowed it to go undetected.
Individual Risk: 2.428= Severe
The payment skimming malware collected customer data entered including names, addresses, phone numbers, credit card numbers, expiration dates, and CVV codes. This data could allow hackers to commit financial theft or identity fraud. Those impacted by the breach should immediately notify their banks, as they will likely need to be issued new payment cards and carefully monitor their accounts for misuse.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: The COVID-19 pandemic has heightened the already-important online shopping experience for many businesses, and online shopping is a singular respite in an otherwise bleak outlook for retailers. Companies can’t afford to lose customers because of a cybersecurity vulnerability. Many customers indicate that they will not return to an online store after a data breach, which means that companies looking to capitalize on their online stores need to make sure this avenue is secure.
ID Agent to the Rescue: Dark Web IDTM can find out how payment data is being used on the Dark Web, even in the case of a malware attack. We work with MSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/
Canada – Finastra
https://krebsonsecurity.com/2020/03/security-breach-disrupts-fintech-firm-finastra/
Exploit: Ransomware
Finastra: Financial technology provider
Risk to Small Business: 2.556= Severe
A ransomware attack has forced Finastra to bring its Canadian services offline temporarily. The company worked quickly to secure its IT infrastructure after detecting the breach, but those efforts will not alleviate the high recovery and reputational cost of the incident. Finastra believes that company and customer data is secure, and that customer and employee data was not exposed or exfiltrated nor were client networks impacted.
Individual Risk: None
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware attacks are on the rise and uniquely consequential, carrying incredible repair costs and unparalleled opportunity costs as companies are rendered unable to conduct business and employees are left unable to work. Since there are no satisfying solutions to a ransomware attack once it strikes, companies should turn their attention to ensuring that their cyber defensive capabilities can turn away this growing threat.
ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal AssistTM, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring and other services to guard against ransomware. Learn more here: https://www.idagent.com/goal-assist
Canada – Data Deposit Box
Exploit: Unsecured database
Data Deposit Box: Cloud storage provider
Risk to Small Business: 2.334= Severe
Cybersecurity researchers identified an unsecured database containing thousands of customer files uploaded to the company’s secure cloud storage service. The exposed records include information dating back to 2016, which the company eventually secured. However, it’s unclear how long cybercriminals could have accessed this data or why it took Data Deposit Box nearly a week to close the database after being notified that it wasn’t password protected.
Individual Risk: 2.428= Severe
The exposed database includes users’ personally identifiable information that was uploaded to the cloud service, including admin login credentials, IP addresses, email addresses, and GUIDs. The login credentials were stored in plain text, so those impacted by the breach should immediately change their Data Deposit Box password and any other account credentials using the same password combination.
Customers Impacted: 270,000
How it Could Affect Your Customers’ Business: The cost of a data breach is at an all-time high, and it’s expected to continue climbing higher in the years ahead. An unforced error, like failing to password protect a database, is especially troubling for a company that is trusted to provide secure services. As a result of this seeming carelessness, Data Deposit Box has undermined its core value proposition and incurred a costly recovery process, both of which were entirely avoidable.
ID Agent to the Rescue: Good passwords are the single fastest way to secure your data. With AuthAnvilTM, you can protect your employees’ password integrity. Our integrated multi-factor authentication, single sign-on, and identity management solutions will protect your credentials and your data. Find out more at: https://www.idagent.com/authanvil-multi-factor-authentication
United Kingdom – Hammersmith Medicines Research
Exploit: Ransomware
Hammersmith Medicines Research: Medical testing provider.
Risk to Small Business: 2.112 = Severe
Hammersmith Medicines Research was hit with a ransomware attack that encrypted its systems and stole company data that was later posted online. This incident is particularly ill-timed as Hammersmith Medicines Research is a provider of critical COVID-19 testing. The attack was perpetrated by the Maze ransomware group, who previously promised not to attack healthcare facilities during the COVID-19 outbreak. It’s a reminder that there is no honor among thieves, and companies should not use their promises as an excuse to avoid putting their best foot forward when it comes to cybersecurity.
Individual Risk: 2.714 = Moderate
It’s clear that cybercriminals exfiltrated company data in the attack. However, Maze attackers only published a sample online, intending to pressure the company to pay the ransom. All patients and employees should assume that their personal information was compromised, and they should carefully monitor their accounts for usual activity or messages.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: As we reported on our blog, healthcare providers are an especially enticing target for cybercriminals because they collect and store uniquely sensitive and valuable information. In 2020, many ransomware attacks also include a data breach, incurring the ire of regulators and clients. Every healthcare provider has millions of reasons to prevent a ransomware attack before it strikes.
ID Agent to the Rescue: With Compliance ManagerTM, any company can automate data privacy standards and documentation responsibilities, making compliance a simple, intuitive process for everyone – especially useful in the healthcare space. Click the link to get started today: https://www.idagent.com/compliance-manager
European Union – Norwegian Cruise Line
http://techgenix.com/norwegian-cruise-line-data-breach/
Exploit: Phishing scam
Norwegian Cruise Line: Cruise tourism provider
Risk to Small Business: 2.334 = Severe
A Norwegian Cruise Line employee was reeled in by a phishing scam that compromised the personal details of thousands of independent travel agents. The information was then posted on Dark Web forums, making it widely accessible to bad actors. The company, already reeling from the COVID-19 crisis, has now damaged its relationship with partners that are critical to its recovery.
Individual Risk: 2.714= Moderate
The data breach includes plain text passwords and email addresses for thousands of travel agents. While many are associated with TUI and Virgin Holidays, it also covers independent agents and those working with other organizations. Those impacted by the breach should immediately reset their login credentials while also monitoring their accounts for unusual or suspicious activity.
Customers Impacted: 27,000
How it Could Affect Your Customers’ Business: This incident underscores the heightened risk and outsized consequences of falling for scams during the COVID-19 crisis. With more employees working remotely and a general, pervasive sense of uncertainty overshadowing many companies, there is a higher risk of damage from cyberattacks including phishing and ransomware encountered (and interacted with) by anxious employees.
ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity, especially in today’s remote work landscape. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help to ensure you are getting the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist
Australia – Henning Harders
Exploit: Ransomware
Henning Harders: Freight forwarding and logistics firm
Risk to Small Business: 2.556 = Moderate
Henning Harders was the victim of a ransomware attack that restricted its operations between March 15 and March 18. However, the company, which refused to pay the ransom demand, is having continual cybersecurity trouble. Hackers have begun posting the company’s stolen data on the Dark Web and using the information to send spear phishing emails to employees. While the company is touting its restored operations, it’s clear that it will have to deal with a lingering data security issue that will not be resolved quickly.
Individual Risk: 2.857 = Moderate
Henning Harders was the victim of a ransomware attack that restricted its operations between March 15 and March 18. However, the company, which refused to pay the ransom demand, is having continual cybersecurity trouble. Hackers have begun posting the company’s stolen data on the Dark Web and using the information to send spear phishing emails to employees. While the company is touting its restored operations, it’s clear that it will have to deal with a lingering data security issue that will not be resolved quickly.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Increasingly, ransomware attacks are just a first step for cybercriminals, who will continue to exploit businesses by selling company data on the Dark Web or using it to enact phishing scams. The high recovery expense, opportunity cost, reputational damage, and productivity degradation of ransomware attacks make this growing menace as a uniquely harrowing cyber risk.
ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at https://www.idagent.com/dark-web/
Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
No comments:
Post a Comment