Wednesday, July 8, 2020

Week in Breach

by Kevin Lancaster
New this week in cybersecurity and breach news: ransomware shuts down production of cars and beer, phishing lands a professional haul, and 2 free new coloring books to teach kids about internet safety! 

Cybersecurity & Breach News: Dark Web ID’s Top Threats 

  • Top Source Hits: ID Theft Forums
  • Top Compromise Type: Domain
  • Top Industry: Insurance
  • Top Employee Count: 1 – 10

Cybersecurity & Breach News: United States 

United States – ST Engineering  

Exploit: Ransomware
ST Engineering: Aeronautics Contractor 
1.51 – 2.49 = Severe Risk
Risk to Small Business: 1.732 = Severe
The San Antonio, Texas branch of defense, aeronautics, and space contracting conglomerate ST Engineering was hit with a MAZE ransomware attack disrupting operations and putting data at risk for a second time. This division of the international flight equipment services giant was also hit with a MAZE ransomware attack in May 2020 to the same effect. In an industry that expects top-notch security standards to be maintained by any company that wants to be a player, this is problematic and dangerous.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware like MAZE is commonly delivered to vulnerable businesses through phishing attacks, including the use of fake websites and dodgy attachments to infect systems. Phishing has grown exponentially in 2020, and COVID-19 related attacks are on track to be the biggest phishing scam driver in history.
ID Agent to the Rescue: BullPhish ID is the ideal phishing training and testing solution for today’s remote workforce, with simulation kits and video lessons in 8 languages addressing today’s most dangerous phishing threats. LEARN MORE>> 

United States – Kentucky Employee Health Plan 

Exploit: Unauthorized Database Access
Kentucky Employee Health Plan: Health Insurance Provider 
ybersecurity & breach news represented by agauge showing severe risk
Risk to Small Business: 1.462 = Severe 
Two data breaches compromised plan members’ personal data and enabled bad actors to steal more than $100,000 in gift cards. Hackers used valid login information to access the system in the first breach and were able to compound the damage of that breach in a second breach. The second breach accessed member programs to redeem reward points for gift cards. The two breaches created scrutiny and drew calls for further investigation as to whether the “bad actors” were from outside the office or if insider threats were the root cause. 
2.5 – 3 = Moderate Risk
Individual Risk: 2.703 = Moderate
Hackers accessed users’ account portals containing their screening and health assessment data. Although this attack appears to be financially motivated, healthcare-related data often makes its way to the Dark Web, where it can be used to execute additional fraud attempts. Those impacted by the breach should immediately update their account passwords while monitoring their accounts for suspicious activity.  
Customers Impacted:  2,700
How it Could Affect Your Customers’ Business: whatever the results of this investigation show, it raises the question of insider threats. Whether staffers are accidentally or deliberately giving information and passwords to bad actors, insider threats have to be a top concern for every business
ID Agent to the Rescue: Don’t wait until insider threats become a problem for your company. Download our eBook on insider threats for tips on spotting and stopping them before they become a problem GET IT NOW>>

Cybersecurity & Breach News: Canada

Canada – Chartered Professional Accountants of Canada 

Exploit: Phishing
Chartered Professional Accountants of Canada: Professional Membership Organization  
ybersecurity & breach news represented by agauge showing severe risk
Risk to Small Business: 1.317 = Severe
The organization recently disclosed that personal information for its members had been compromised following a successful phishing attack in April. CPA Canada announced the results of its completed investigation, determining that the compromised information primarily affected subscribers of its CPA Canada magazine and an indeterminate number of website users. Impacted members were sent a phishing email asking them to change their user information on the organization’s online platform. 
2.5 – 3 = Moderate Risk
Individual Risk: 2.238 = Moderate
The security alert sent to all users of the CPA Canada website or magazine subscribers notes that members should be wary of spear phishing emails using industry-specific details from CPA Canada and change their login credentials on the website as a safety precaution.  
Customers Impacted: 329,000
How it Could Affect Your Customers’ Business: A data breach caused by a human error like phishing is a sign to an organization’s membership that it doesn’t take those members’ information security seriously, making it harder to retain members and sell professional resources. 
ID Agent to the Rescue: A well-educated staff is every company’s best defense against phishing. BullPhish ID has constantly updated training and testing materials available that keep staffers informed about the latest phishing threats and on guard to resist attempts. LEARN MORE>> 

Canada – Fitness Depot 

Exploit: Ransomware 
Fitness Depot: Fitness Equipment Retailer 
cybersecurity & breach news represented by a gauge showing severe risk
Risk to Small Business: 1.871 = Severe
Fitness Depot’s online store was infected with card-skimming malware that stole customers’ personal and financial data at checkout. It took the retailer more than three months to identify the breach, giving cybercriminals ample time to capitalize on the surge of online sales since the COVID-19 pandemic began. The data breach, which began on February 18th, will likely cause online shoppers to think twice before buying from their platform, potentially disrupting a vital lifeline while many in-person shops remain closed.  
ybersecurity & breach news represented by agauge showing severe risk
Individual Risk: 1.764 = Severe
Payment card skimming malware captures all information entered at checking. This information can allow hackers to commit identity or financial fraud. Those impacted by the breach need to notify their financial institutions and to carefully monitor their accounts for misuse. In many cases, victims should enroll in credit or identity monitoring services to ensure their data’s long term integrity.  
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business:  For most consumers, cybersecurity is a critical component of their buying decisions when shopping online. Card skimming malware represents a growing threat to online stores, and companies counting on digital sales to drive revenue need to account for this risk and many others presented by online shopping. In 2020, it’s a bottom-line issue that retailers can’t afford to ignore. 
ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal AssistT, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. LEARN MORE NOW>>

Cybersecurity & Breach News: United Kingdom

United Kingdom – Inventory Hub 

Exploit: Accidental Data Sharing
Inventory Hub: Property Management Inventory Platform 
ybersecurity & breach news represented by agauge showing severe risk
Risk to Small Business: 2.209 = Severe
A recently unearthed flaw in the security of this property management platform made members’ names and addresses, internal and external property images, inventories of each property’s contents, and information about physical security including photos of alarms, cameras, and locks available for an indeterminate amount of time. According to the researcher who discovered the vulnerability, the opening allowed would-be burglars to access exact layouts of all the listed properties, plus inventories of the contents, and user records back to 2017.  
cybersecurity & breach news Week in Breach gauge indicating moderate risk
Individual Risk: 2.607 = Moderate
User information including names, physical addresses, and lists of contents for properties listed on the platform since 2017 were compromised. Users should remain on guard for potential spear phishing attacks using these details.
Customers Impacted: 8,871
How it Could Affect Your Customers’ Business: Data breaches that leak personal information can be dangerous and lead to other types of criminal activity. Users of a service like Data Hive expect that even their most basic personal information will be kept safe when they choose a partner company, and increasingly reject service providers that fail them.  
ID Agent to the Rescue: It pays for your customers to know quickly if a flaw in third party security has caused a data breach. Dark Web ID immediately alerts businesses if their information or important data appears on the Dark Web, allowing them to address the flaw and stop the problem before it becomes a catastrophe. LEARN MORE NOW>> 

Cybersecurity & Breach News: Africa

South Africa – Life Health Care         

Exploit: Unauthorized Database Access
Life Health Care: Healthcare Provider 
cybersecurity & breach news gauge indicating extreme risk
Risk to Small Business: 2.605 = Extreme
The healthcare provider, which operates 49 hospitals and dozens of other healthcare facilities across South Africa and Botswana, was hit with an attack that compromised its data storage and intake systems. The attack affected its admissions systems, business processing systems, and email servers, although investigators have not yet determined how much patient data (if any) has been compromised. The healthcare provider said that patient service and care were not impacted, although patients could expect longer wait times for the resolution of administrative requests.  
ybersecurity & breach news represented by agauge showing severe risk
Individual Risk: 2.230 = Severe 
Patients who have been treated at any of Life Health Care’s facilities should expect that their personal information and health information has been compromised and take appropriate measures to protect their identities. 
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Healthcare facilities that fall victim to cyberattacks aren’t just facing the costs of a standard breach recovery – they’re also facing potentially hefty regulatory fines, as well as the negative impact on patient trust. 
ID Agent to the Rescue: Digital threats are causing more serious (and expensive) damage than ever before. A comprehensive digital risk protection platform ensures that companies have all the bases covered for both security and compliance. See how ours fits the bill.  LEARN MORE NOW >> 

Cybersecurity & Breach News: Australia & New Zealand      

Australia – Lion Beer Australia 

Exploit: Ransomware
Lion Beer Australia: Brewing Conglomerate 
cybersecurity & breach news gauge indicating extreme risk
Risk to Small Business: 1.302 = Extreme
At Lion Brewing Australia, operations were disrupted by a ransomware attack as it began to reopen and restaff its 8 breweries in Australia and New Zealand. The attack came just as the company was able to resume operations after a period of closure caused by COVID-19 restrictions. The company has been forced to shut down its key systems entirely, reverting to manual systems to operate and process orders in this devastating incident that has still not been fully resolved. 
Individual Risk: No employee or customer information was reported affected by this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: A successful ransomware attack can be catastrophic for a business at any time, and its typically powered by information obtained from the Dark Web. Ransomware is especially problematic right now, and a nasty surprise as businesses try to start recovering lost revenue in the wake of the COVID-19 pandemic.   
ID Agent to the Rescue: Watch for trouble to prevent disasters like this. Dark Web ID uses human and machine intelligence to search for and analyze Dark Web threats to your company, alerting you fast when potential trouble arises LEARN MORE>> 

Cybersecurity & Breach News: Asia & Pacific  

Japan – Honda Motor Company Inc.      

Exploit: Ransomware
Honda Motor Company Inc.: Automotive and Equipment Manufacturer 
cybersecurity & breach news gauge indicating extreme risk
Risk to Small Business: 1.308 = Extreme
Honda was recently walloped by a huge cyberattack that briefly shut down production at its factories worldwide. The attackers are suspected of using SNAKE/EKANS ransomware to infiltrate equipment and computer systems connected to operations and production in every Honda facility, leading to delayed post-pandemic reopenings at some factories. Honda is undertaking restoration operations at its factories, sales centers, and business units and has successfully restored most functionality.  
Individual Risk: No individual data was reported as compromised in this breach, nor does Honda believe that individual data was affected. 
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is a powerful foe, and even unsophisticated ransomware like SNAKE/EKAN can bring a mighty company like Honda to its knees fast. Without a comprehensive digital risk protection strategy in place, companies are at a higher risk of attack by bad actors looking to steal data or disrupt operations.
ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. ID Agent’s Partner Success Team will set you up for the win! Learn more here:  

The Week in Breach Risk Levels

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
Bit by bit helps client networks run smooth and secure.. visit our website at 877.860.5863

No comments:

Post a Comment