Tuesday, June 2, 2020

Week In Breach

This week, the hits just keep coming for GoDaddy and the Toll Group, cybercriminals haven’t given up on targeting healthcare, and consumers are more ready than ever to walk away from companies that experience a data breach.  

Dark Web ID Trends:

  • Top Source Hits: ID Theft Forums
  • Top Compromise Type: Domain
  • Top Industry: Education & Research
  • Top Employee Count: 11-50

United States – Management and Network Service, LLC.  

Exploit: Phishing scam   
Management and Network Services, LLC.: Managed care provider 
gauge indicating extreme risk
Risk to Small Business: 1.479 = Extreme
Hackers accessed several employee email accounts containing patients’ personally identifiable information (PII) and protected health information (PHI). The breach, which occurred between April and July of 2019, wasn’t discovered until August 21, 2019. Although they haven’t detected data misuse, this extended duration could make it more difficult for victims to recover. In response, the company is updating its email security practices and implementing two-factor authentication to prevent a future incident.  
gauge showing severe risk
Individual Risk: 1.716 = Severe 
Patients’ personal information was compromised in the breach. This includes names, medical treatment information, diagnosis and medical details, insurance credentials, dates of birth, and Social Security numbers. In some cases, the breach also exposed driver’s license numbers, state identification card numbers, and financial details. Those impacted by the breach should immediately notify their financial institutions of the event while taking steps to ensure that their data isn’t used in other nefarious ways.     
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Cybercriminals are capitalizing on the chaos of COVID-19 to send millions of phishing scams each day. Even one malicious message can have cascading consequences for your business, making employee awareness training a top priority for companies looking to keep their data secure. 
ID Agent to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.  

United States – GoDaddy 

Exploit:  Unauthorized database access
GoDaddy: Domain service provider
gauge showing severe risk
Risk to Small Business: 1.805 = Severe
GoDaddy has reported an October data breach to California authorities after it identified an unauthorized individual operating within their platform. Although the company believes that files were not altered or modified, the company was forced to reset user account passwords and to provide a free year of its website security and malware service. It’s possible that the intruder is related to an earlier cybersecurity incident stemming from an employee who engaged with a phishing scam. The hosting platform often touts its small business services, and these organizations will now have to decide if a platform with multiple cybersecurity lapses is the best place for their digital services to reside.  
Individual Risk: GoDaddy asserts that personal data was not compromised in this breach, but customers should carefully monitor their accounts for possible misuse.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This incident highlights the growing cybersecurity threat posed by third-party partnerships, which SMBs often rely on to power their platforms and services. To protect account security, even in the event of a third-party cybersecurity incident, companies should enact simple but effective data security standards, like enabling two-factor authentication and requiring employees to use strong, unique passwords on all accounts.
ID Agent to the Rescue: Passly protects your data and business systems without breaking the bank. This integrated, all-in-one secure identity and access management solution includes multi-factor authentication, single sign-on, and secure shared password vaults. Find out more at https://www.idagent.com/passly

United States – Storenvy  

Exploit: Unauthorized database access
Storenvy: Online retailer 
gauge showing severe risk
Risk to Small Business: 2.281 = Severe
Hackers gained access to a company database containing customer information. This database was subsequently downloaded and posted online as a free resource. Making matters worse, the database contained plaintext passwords and other personal data that can quickly be used by bad actors to execute cybercrimes ranging from spear phishing scams to malware attacks. This is the company’s second data breach in two years, undermining its credibility at a critical time. Online shopping is experiencing a boon because of the COVID-19 pandemic, but customers are increasingly unwilling to do business with platforms that can’t protect their information.
gauge indicating moderate risk
Individual Risk: 2.779 = Moderate
The compromised data includes shoppers’ account passwords, order details, and payment methods. However, shipping and card information were not impacted. Victims should immediately update their account passwords, and they need to be mindful that the compromised data could be used against them in future cyberattacks.  
Customers Impacted: 1,500,000
How it Could Affect Your Customers’ Business: Both now and in the future, online retail is becoming the preferred shopping experience. This is a significant opportunity for many companies, enabling them to reach a bigger and broader audience than ever before. Unfortunately, for companies that can’t protect their platforms, many customers will take their business elsewhere.
ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID is the leading Dark Web monitoring platform in the channel. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact.

Canada – York University

Exploit: Malware attack
York University: Academic institution
gauge indicating moderate risk
Risk to Small Business: 2.670 = Moderate
A cyberattack corrupted several of York University’s servers and workstations, forcing the school to take its remaining network offline to stop the spread. As a result, students and staff were unable to access remote learning applications and other digital resources. In addition, students who are upset by a lack of communication from the university are complaining to the media, inviting brand erosion and other long-term consequences.    
Individual Risk: At this time, there is no evidence that personal information was compromised in the breach. However, users should carefully monitor their accounts and credentials for misuse or abuse.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: As many organizations move their operations online, testing the integrity of IT infrastructure is a critical component of ensuring a smooth transition. Of course, cybersecurity isn’t just a matter of convenience. In today’s regulatory environment, the risks of remote work make compliance a critical issue during this unprecedented time.
ID Agent to the Rescue: With Compliance Manager, any company can automate data privacy standards and documentation responsibilities, making compliance a simple, intuitive process for everyone. Click the link to get started today: https://www.idagent.com/compliance-manager.  

France – Tarkett 

Exploit: Ransomware 
Tarkett: Floor and wall covering producer   
gauge indicating severe risk
Risk to Small Business: 2.117 = Severe
A cyberattack has disrupted Tarkett’s operations, causing its shares to plummet. The attack, which occurred on April 29th, forced the company to disable its information technology systems and to implement other defensive measures to protect employee, company, and customer data. In response, the company has hired a third-party cybersecurity team to restore operations, but the expense triumvirate, including recovery, reputation, and share costs, could be significant.    
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Tarkett has hired cybersecurity experts and has notified its cyber-insurance provider, but these measures won’t make their problems go away. Shareholders are recognizing the immense negative impact of a ransomware attack and bailing on the company, which has a long, arduous recovery ahead. Rather than waiting to respond to an attack, this incident, and hundreds like it, should encourage every organization to re-examine their defensive capabilities with this threat in mind.
ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal Assist, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.

Germany – Fresenius          

Exploit: Ransomware  
Fresenius: Private hospital operator
gauge showing severe risk
Risk to Small Business: 1.751 = Severe 
A ransomware attack has disrupted many of the company’s operations. Although patient care continues, this attack is especially problematic as the healthcare provider is playing a crucial role in the COVID-19 pandemic with a deluge of patients presenting with the virus. The incident is emblematic of a broad uptick in healthcare-related cyberattacks, and it serves as a reminder that, in 2020, quality patient care includes comprehensive cyber-readiness.  
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware attacks are a persistent and expensive threat to every organization. Ensuring that your defensive posture is equipped to handle this problem is critical to thriving in our current digital environment.
ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id

Australia – Home Affairs         

Exploit: Unsecured database 
Home Affairs: National government agency regulating homeland security and immigration
gauge showing severe risk
Risk to Small Business: 2.157 = Severe
An unsecured database exposed the information for hundreds of thousands of users who uploaded their information to a department form for skilled workers looking to migrate to Australia. The breach compromised peoples’ personally identifiable information for an at-risk population. The breach is especially untimely because the Australian government is asking people to trust its cybersecurity and data privacy acumen by downloading a COVID-19 tracing app that relies on peoples’ sensitive personal data. It’s a reminder that brand reputation and cybersecurity are inextricably linked, and companies that care about the former will prioritize the latter.  
gauge showing severe risk
Individual Risk: 2.285 = Severe
The exposed database included users’ partial names, ADUserIDs, age, country of birth, marital status, and desired application outcomes. It applies to applicants as far back as 2014, and it could be used to execute additional cybercrimes or instances of fraud. Those impacted by the breach should carefully scrutinize incoming messages while also being aware that their data could quickly spread on the Dark Web where cybercriminals use that information for a variety of malicious purposes.   
Customers Impacted: 774,326
How it Could Affect Your Customers’ Business: This week, the Australian government is asking citizens to download the CovidSafe app, a contact tracing app that can help deter the spread of the novel Coronavirus. Unfortunately, as we detail at the end of the newsletter, consumers are increasingly unwilling to work with platforms that can’t protect data. In this case, preserving consumer trust may be an actual matter of life or death, and, for many organizations, their survival in today’s digital landscape is likely predicated on their ability to protect their data
ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at https://www.idagent.com/dark-web/.  

Australia – Toll Group       

Exploit: Ransomware
Toll Group: Transportation and logistics company   
1.51 – 2.49 = Severe Risk
Risk to Small Business: 2.105 = Severe
After recovering from a ransomware attack in early 2020, Toll Group has once again been victimized by bad actors. This attack exploited vulnerabilities in a Remote Desktop Protocol to infect the company’s network. To prevent the malware’s spread, Toll Group brought many of its servers offline, compounding the cost by curtailing productivity during an already precarious time.  
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: COVID-19 is reorienting our business practices. Most notably, many employees are now working remotely, which opens organizations up to a litany of cybersecurity threats. Bad actors are exploiting those vulnerabilities, which means that organizations intending to thrive throughout this time will need to account for those risks as part of their evolving defensive posture.
ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help to ensure you are getting the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.  

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

No comments:

Post a Comment