Cybersecurity News: Malicious insiders strike, gambling with security doesn’t pay off for a gambling app, and the debut of our newest eBook to help you transform into a marketing superhero!
Cybersecurity News: Dark Web ID’s Top Threats
- Top Source Hits: ID Theft Forum
- Top Compromise Type: Domain
- Top Industry: Hospitality
- Top Employee Count: 1-10
Cybersecurity News: United States
United States – DataViper
Exploit: Unauthorized Database Access (Malicious Insider)
DataViper: Information Security
Risk to Small Business: 1.239 = Extreme
A malicious insider is the culprit in a data breach at information security firm DataViper. 8,200 databases containing the personal information of millions of users were snatched from the company’s data leak monitoring service. The hacker, purportedly a former employee of Night Lion who is using that name for Dark Web activity, claims to have spent three months inside DataViper servers while exfiltrating databases indexed for the DataViper data leak monitoring service. The hacker also posted ads on the Empire Dark Web marketplace where they put up for sale 50 of the biggest databases that they found inside DataViper’s backend.
Individual Risk: 2.117 = Severe
While these databases contained the information of billions of people worldwide, much of the information was from old breaches. Some new information was included, but researchers have not ascertained how much and what kind. This kind of information is often used in phishing and credential stuffing attacks.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Insider threats are a menace to every business. Our insider threats eBook helps companies spot and stop insider threats. While most insider incidents at organizations are caused by unintentional threats like human error, malicious insider attacks count for more than 20% of insider incidents. Some malicious insiders sell company secrets or even their own credentials on the Dark Web.
ID Agent to the Rescue: Our digital risk protection platform includes Dark Web ID to alert businesses to user passwords appearing in Dark Web markets to help organizations detect password compromise and insider threats faster. LEARN MORE>>
United States – Benefit Recovery Specialists
Exploit: Malware
Benefit Recovery Specialists: Medical Billing and Debt Collection
Risk to Small Business: 1.974 = Severe
A malware incident was just confirmed at Benefit Recovery Systems by the US Department of Health and Human Services’ Office for Civil Rights. Several computers at the Houston-based company were infected, leading to a breach that exposed thousands of customer records. In a breach notification statement posted on BRSI’s website, the company says that on April 30, it discovered a malware incident affecting certain company systems. The company stated that customer files containing personal information may have been accessed and/or acquired by the unknown actor between April 20 and April 30, 2020.
Individual Risk: 2.227 = Severe
Information that may have been exposed includes name, date of birth, date of service, provider name, policy identification number, procedure code, and/or diagnosis code. A small number of Social Security numbers may also have been exposed. Patients that were impacted should be alert for spear phishing attempts or identity theft.
Customers Impacted: 275,000
How it Could Affect Your Customers’ Business: Healthcare data is one of the hottest commodities in today’s data markets – especially COVID-19 related patient or research data. Plus, healthcare companies face steep fines for HIPPA violations like this, making it prudent for every healthcare organization to add data loss prevention and security awareness training as priorities before a breach.
ID Agent to the Rescue: Phishing is a common delivery system for malware. Our security awareness training solution BullPhish ID helps prevent malware attacks by teaching users to be aware of phishing attempts. LEARN MORE>>
Cybersecurity News: Canada
Canada – Canadian Defence Academy
Exploit: Ransomware
Canadian Defence Academy: Military Training College System
Risk to Small Business: 1.694 = Severe
Computer systems at Canada’s four military academies have been taken offline by a purported ransomware attack. The schools affected include the Royal Military College, the Royal Military College Saint-Jean, the Canadian Forces College and the Chief Warrant Officer Robert Osside Profession of Arms Institute. Early indications suggest this incident resulted from a mass phishing campaign. An officer at an engineering school that was impacted reported the incident as a ransomware attack on his personal blog. The incident has not affected any classified systems or classified research.
Individual Risk: No personally identifying information or personal financial data was reported as exposed in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is the business scourge that keeps information security professionals up at night. Most ransomware arrives through a successful phishing attack, and phishing is the biggest threat of 2020 so far, with a more than 600% increase in attempts noted since the start of the pandemic.
ID Agent to the Rescue: Protection from ransomware starts as protection from phishing. Improved phishing resistance training with BullPhish ID will arm staffers with the knowledge and awareness that they need to spot and stop potentially ransomware-infected emails. LEARN MORE>>
Cybersecurity News: United Kingdom
United Kingdom – Xchanging
Exploit: Ransomware
Xchanging = Insurance Managed Services Platform
Risk to Small Business: 2.307 = Severe
Ransomware strikes again, this time taking systems hostage at Xchanging, the UK based subsidiary of DXC Technology. The problem appears to be limited to several of the company’s customer-facing services. Xchanging offers business process services in areas such as customer administration, finance and procurement, and technology services including application management, infrastructure management, specialist software, and data integration. No data is believed to have been stolen in this incident.
Customers Impacted: 1.000+
Individual Risk: No personally identifying information or personal financial data was reported as exposed in this incident.
How it Could Affect Your Customers’ Business: Every business has relationships with service providers, making the risk of a third-party data breach unavoidable. Especially when transacting business with companies that handle payment, financial or personnel data, organizations have to be cognizant of the potential for a data breach that comes through business services relationships, and the Dark Web danger that brings to the table.
ID Agent to the Rescue: Teaching clients about the risks of incidents like a third-party data breach is essential for increasing MRR, but it can be an undertaking that MSPs could use a hand with. That’s why our Partners love Goal Assist. We provide marketing materials, training, and more to our Partners – we’ll even hop on a call to help you notch the win! LEARN MORE>>
Cybersecurity News – European Union
Portugal – Energias de Portugal (EDP)
Exploit: Ransomware
Energias de Portugal: Energy Provider
Risk to Small Business: 2.109 = Severe
Energy giant EDP reported through its North American subsidiary, EDP NA, that it had been affected by a ransomware attack using Ragnar Locker. While the attack was not recent, the company just confirmed the parameters of it publicly as it became apparent that recovery would include notifying potentially affected customers. The attackers reportedly demanded that EDP Group pay a ransom of 1580 bitcoins for a decryptor and to stop the cybercriminals from releasing over 10 TB of data allegedly stolen in the incident.
Individual Risk: 2.022 = Severe
Attackers reportedly gained access to some personal information stored on the impacted servers, including personally identifying information and Social Security numbers. No financial or payment card data was accessed. The company is offering customers one year of free data protection via Experian as a proactive measure.
Customers Impacted: 11,500
How it Could Affect Your Customers’ Business: As ransomware continues to wreak havoc with cybersecurity at businesses of any size, every business needs to have a plan in place to both recover from a ransomware incident and bolster their security to defend against potential ransomware attacks because Dark Web activity has never been higher – or a bigger threat to businesses.
ID Agent to the Rescue: Our Partners enjoy access to our comprehensive digital risk protection platform, enabling them to help their clients put the innovative security solutions in place that help guard against threats like ransomware. LEARN MORE>>
Cybersecurity News – Australia & New Zealand
New Zealand – Fisher and Paykel
Exploit: Ransomware
Fisher and Paykel: Appliance Manufacturer and Distributor
Risk to Small Business: 2.374 = Severe
The saga continues for New Zealand appliance company Fisher and Paykel, as they continue to experience damage following a ransomware attack last month. In June, attackers took the company’s data hostage, releasing a teaser on the Dark Web as part of its initial ransom demand. The attackers used Nefilim ransomware, whi9ch is effective against Windows systems. A larger trove of corporate data just hit the Dark Web after the company apparently failed to meet the ransom demand. So far the materials released are financial documents dating back to 2014.
Individual Risk: No personally identifying information or personal financial data was reported as exposed in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: It’s become increasingly common for ransomware attacks to have multiple components, with attackers initially making a ransom demand while providing sample data as proof that they have information, and then escalating incidents if their demands are not met. With a huge rise in phishing attempts, businesses can’t afford to take security awareness training chances.
ID Agent to the Rescue: Security awareness training that includes phishing resistance with BullPhish ID helps companies shore up their primary line of defense against ransomware, turning workers who are potential security risks into real security assets. LEARN MORE>>
Cybersecurity News: Asia & Pacific
India – T7 Games/Ouroboros Games
Exploit: Unsecured Database
T7 Games/Ouroboros Games: Gambling Games Application Developer
Risk to Small Business: 1.217 = Extreme
The world’s most popular social gambling app Clubillion suffered a major data breach that affects customers around the world. A research team initially discovered the problem on March 19, finding the database hosted on Amazon Web Services during the course of working on a web mapping project. The developers of Clubillion were notified by the researchers quickly, but continued inaction exposed approximately 200 million user records per day – 50GB worth of data. The active database included constantly updated gameplay information for affected users as well as IP addresses, e-mail addresses, winnings, and private messages. The database was recorded as open for 16 days before action was taken to contain the leak.
Individual Risk: 2.219 = Severe
While researchers did not see any personally identifying or financial information in the affected database, the complexity of the breach prevents certainty about exactly what was leaked. Users of the app should be aware of potential phishing attacks fueled by this data.
Customers Impacted: 160,000+
How it Could Affect Your Customers’ Business: Staffers aren’t just using their favorite apps and services on their personal phones and computers – they’re doing it on their work machines too. As companies continue to adopt “Bring Your Own Device” policies and the work/personal line gets murkier for staffers, companies have to be concerned about the potential for danger caused by breaches in entertainment and social media apps.
ID Agent to the Rescue: Protect company systems with an essential second layer of security. Multifactor authentication with Passly means that even if a staffer’s password is stolen or compromised through an incident like this, the authentication code needed to log in to company systems puts another door between cybercriminals and company data. LEARN MORE>>
The Week in Breach Risk Levels
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863
No comments:
Post a Comment