Tuesday, August 11, 2020

Week in Breach

BlackBaud’s breach woes cause complications worldwide, double extortion ransomware comes calling, and how neglecting basic security awareness training can cost a fortune – plus the NEW agenda for CONNECT IT GLOBAL!

Cybersecurity and Breach News: Dark Web ID’s Top Threats 

  • Top Source Hits: ID Theft Forum
  • Top Compromise Type: Domain
  • Top Industry: Education & Research
  • Top Employee Count: 501+

Cybersecurity and Breach News – United States 

United States –  National Cardiovascular Partners


Exploit: Unauthorized Account Access

National Cardiovascular Partners: Healthcare Provider

cybersecurity and breach news represented by a gauge showing severe risk

Risk to Small Business: 2.232 = Severe 

Patient data was exposed after hackers were able to gain access to the Excel spreadsheet where it was stored through an employee account compromise. Undetected for over 3 weeks, the spreadsheet contained patient information, including names, contact information, and a host of other sensitive data that varied by patient. No word on what else the hackers may have obtained. 

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.377 = Severe 

Impacted patients are being notified and offered a one-year membership in Experian IdentityWorks, an identity theft protection service. These patients should also take appropriate measures against identity theft, spear phishing, fraud, and other criminal uses.

Customers Impacted: 78,070

How it Could Affect Your Customers’ Business: Handling sensitive medical data is a proposition that requires excellent security training as well as a strong suite of cybersecurity solutions. Not only was this incident preventable, but it was also expensive – and it will not just cost a fortune in recovery, it will also invite regulatory penalties. 

ID Agent to the Rescue: Password and account compromise can be prevented. Multifactor authentication with Passly makes a stolen password powerless by requiring another identifier, like a unique code, to access systems and data that the bad guys won’t have. LEARN MORE>>

United States – IndieFlix


Exploit: Unsecured Database

IndieFlix: Streaming Service

cybersecurity & breach news represented by a gauge showing severe risk

Risk to Small Business: 1.603 = Severe 

Another unsecured data bucket on a publicly accessible Amazon Simple Storage (S3) server is the culprit for a data breach at the streaming platform IndieFlix. The exposed data includes over 90,000 files. Some of the data includes scans of confidential motion picture acquisition agreements, tax ID requests that include filmmaker social security numbers and employer identification numbers, and detailed contact information of thousands of film professionals – plus thousands of unlocked video files of short films, movie clips, and trailers that can be accessed and downloaded by anyone with a direct link to the files.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.599 = Severe 

3,217 scans of requests for tax identification numbers that include addresses, signatures, as well as social security numbers and/or employer identification numbers of the filmmakers or their distribution agents were compromised. Film industry professionals and organizations that have signed agreements with IndieFlix or given the company their contact details between 2013 and 2016, should be aware of the potential for their data, including financial information, to be used for fraud and spear phishing attacks. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Sloppy storage causes big problems that can have a huge impact on a company’s reputation client confidence. By improving security awareness training, employees will develop better handling habits for data and passwords.

ID Agent to the Rescue: ID Agent’s digital risk protection platform includes security awareness training to encourage better digital behavior and improve information security.  LEARN MORE>> 

United States – Athens Independent School District


Exploit: Ransomware

Athens Independent School District: Public School System

cybersecurity and breach news  gauge indicating extreme risk

Risk to Small Business: 1.207 = Extreme

A school system in East Texas has paid cybercriminals a ransom of $50K for the key to unencrypt its data. The school board noted that it had no choice but to pay the ransom because it could not complete recovery in time to start the new school year. The report also noted that other school systems in East Texas have been hit with ransomware attacks recently as well. The district has cyberattack insurance. 

Individual Risk: No personal or financial data about students or staff was reported as compromised at this time. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business:  Ransomware is today’s biggest cybersecurity headache, and it’s usually delivered through a poisoned phishing email. A well-timed ransomware attack can create a big payday for cybercriminals as impacted victims are left with little recourse when they’re on a tight schedule. 

ID Agent to the Rescue:  Phishing isn’t just an email problem anymore. BullPhish ID can raise awareness of different kinds of phishing attacks to train staffers to be alert to suspicious messages and report them instead of interacting with them. SEE A DEMO>>

United States – Ledger


Exploit: Unauthorized Database Access 

Ledger: Cryptocurrency Storage Hardware Developer

cybersecurity news represented by agauge showing severe risk

Risk to Small Business: 1.993 = Severe 

Cryptocurrency wallet maker Ledger has announced that they experienced a data breach that exposed contact information for many clients. The breach was discovered by a participant in a bug bounty program. A marketing database containing email addresses for approximately one million users was unsecured, and a subset of 9,500 customers also had other contact information including first and last name, mailing addresses, and phone numbers exposed.

cybersecurity and breach news represented by a gauge indicating moderate risk

Individual Risk: 2.775 = Moderate 

Only basic information like email addresses was exposed for a majority if the affected clients, but some customers’ addresses and phone numbers were compromised as well. Clients should be suspicious of potential spear phishing attacks. 

Customers Impacted: 1 million 

How it Could Affect Your Customers’ Business: Simple security failures like thismoneor the data breach caused by phishing at Twitter don’t increase client confidence in companies that promise secure technology. 

ID Agent to the Rescue: Convincing your clients that they need to upgrade their cybersecurity, especially security awareness training, can be a hard sell in today’s economy. Through Goal Assist, our Partners can get a timely assist with a tricky sales call from one of our experts to help them notch the win. LEARN MORE>> 

United States – Havenly


Exploit: Unauthorized Database Access

Havenly: Interior Design Collaboration Website 

cybersecurity news represented by agauge showing severe risk

Risk to Small Business: 2.302 = Severe

As part of last week’s ShinyHunters data dump, the account details of millions of Havenly users were leaked on the Dark Web. The leaked data included affected users’ login name, full name, hashed password, email address, phone number, zip, and other data related to the usage of the site. Havenly noted that it does not store credit card numbers and no financial data was involved in this incident

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.503 = Moderate 

No financial data was reported as compromised in this breach, but users should be aware of the personal details that were stolen being used to conduct spear phishing attempts.

Customers Impacted: 13 million

How it Could Affect Your Customers’ Business: Data dumps from major players in the data selling business are becoming more common. These dumps often include email addresses and login credentials for work accounts that staffers may be using (or reusing) for convenience. 

ID Agent to the Rescue: Take the sting out of potential password reuse problems with Passly. Even if an employee is recycling an already compromised password, Passly puts crucial extra layers of protection between bad actors and sensitive data. LEARN MORE>>

United States – Drizzly 


Exploit: Unauthorized Database Access

Drizzly: Alcohol Delivery Service

cybersecurity news represented by agauge showing severe risk

Risk to Small Business: 2.101 = Severe 

Online booze startup Drizzly just announced that it suffered a data breach. Hackers were able to snatch customer email addresses, DOBs, hashed passwords, and some delivery addresses. The company says that no financial information was taken, but researchers noticed that hackers trying to sell Drizzly’s data claim to also have credit card numbers. 

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.661 = Moderate 

No financial information was reported stolen, by the company, but cybersecurity reports put that claim in question. Users of the service should change their passwords immediately and monitor their credit accounts for fraud. 

Customers Impacted: 2.5 million

How it Could Affect Your Customers’ Business: As more competition pops up in online delivery service spaces, customers will be inclined to choose to do business with companies that can protect their data. 

ID Agent to the Rescue: Are you monitoring the Dark Web for compromised user credentials? You should be. Find out about credentials that have been compromised at an organization before the bad guys do with Dark Web ID. LEARN MORE>>

Cybersecurity and Breach News – Canada

Canada – Pivot Technology Solutions


Exploit: Ransomware 

Pivot Technology Solutions – Managed Services Provider

cybersecurity news represented by agauge showing severe risk

Risk to Small Business: 1.513 = Severe 

A ransomware attempt at Canadian MSP Pivot Technology Solutions was ultimately foiled, but not before the attackers were able to access and copy sensitive company data for some US employees and consultants. Compromised staff and associate data included names, addresses, dates of birth, gender, disability status, and type of insurance coverage. Cybercriminals also stole payroll data including details about deductions, 401k forms, income, and benefits as well as scooping up, banking details like routing and account numbers, and Social Security numbers. 

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.074 = Severe 

The company is offering free monitoring solutions to affected staffers and advises anyone who suspects that their information may have been involved to monitor accounts for financial and identity compromise. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is the bane of cybersecurity professionals around the world. It is typically used to encrypt data, but even an attempt that fails to encrypt data can still expose sensitive information. 

ID Agent to the Rescue: Updated phishing resistance training is upgraded protection against ransomware. BullPhish ID’s constantly updated phishing resistance training features plug-and-play training campaigns including engaging videos in 8 languages.  LEARN MORE>>

Cybersecurity and Breach News – United Kingdom & European Union

United Kingdom – Avon


Exploit: Unsecured Database

Avon: Cosmetics Manufacturer and Distributor

cybersecurity news represented by agauge showing severe risk

Risk to Small Business: 1.883 = Severe 

A misconfigured cloud server at global cosmetics powerhouse Avon was the culprit of a 7GB data breach at the cosmetics giant after it was discovered by researchers. The Elasticsearch database on an Azure server was publicly exposed with no password protection or encryption for nine days. The treasure trove of information available included personally identifiable information of both customers and employees, including full names, phone numbers, dates of birth, emails, and home addresses with GPS coordinates. Also included in the haul were an eye-popping 40,000+ security tokens and OAuth tokens plus internal logs, account settings, and technical server information.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.339 = Severe 

While no financial data was reported as exposed, the personal information that was available to cybercriminals opens Avin customers and staffers up to spear phishing attempts and potential identity theft. 

Customers Impacted: 19 million

How it Could Affect Your Customers’ Business: Basic security failures are unacceptable at companies of any size. Consumers are becoming more aware of the potential risk that comes from having their personal data exposed and will be less likely to do business with companies that fail to secure it. 

ID Agent to the Rescue: Add protection for your data and systems that really delivers with Passly. The 1 -2 punch of multifactor authentication and secure password storage vaults lock up your access points, keeping cybercriminals at bay.  SEE PASSLY’S FEATURES >>

Germany – Dussmann Group


Exploit: Ransomware

Dussmann Group: Services Conglomerate

cybersecurity news represented by agauge showing severe risk

Risk to Small Business: 1.827 = Severe 

Nefilim Ransomware is responsible for a data breach at Dresdner K├╝hlanlagenbau GmbH (DKA), a subsidiary of the Dussmann Group. The attackers began the sale of 14 GB of sensitive data including archives contain numerous documents, including Word documents, images, accounting documents, and AutoCAD drawings before encrypting systems. In total, the gang claims to have encrypted four domains and stolen approximately 200GB of archived data. 

Individual Risk: No personal or financial information was reported as stolen in this incident. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Dark Web data brokers aren’t just looking for password lists and credit card numbers. They also want proprietary data and business secrets like formulas and schematics like the ones stolen in this incident. 

ID Agent to the Rescue: Insider threats can cause company secrets to be revealed, and that can put your business at risk. Whether malicious or unintentional, employee actions like failure to secure information are a problem that every business needs to take seriously. Learn to spot and stop insider threats in our “Stop Insider Threats” resource package that’s full of information for you and your customers. DOWNLOAD IT>>

Cybersecurity and Breach News – Middle East & Africa

Israel – Promo.com


Exploit: Third Party Data Breach

Promo.com: Marketing Video Creation

cybersecurity news represented by agauge showing severe risk

Risk to Small Business: 2.092 = Severe 

The Israeli-based marketing video creation site has disclosed a data breach after a database containing 22 million user records was leaked for free on a hacker forum. The exposed data includes content creators’ first name, last name, email address, IP address, approximated user location based on their IP address, and gender, as well as encrypted, hashed passwords. Promo.com says that the information was stolen as part of a third party data breach involving one of their service providers. 

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.802 = Moderate 

No financial data was stolen in this incident, but the personal information stolen may open creators that use the site up to identity theft and spear phishing attempts. 

Customers Impacted: 23 million

How it Could Affect Your Customers’ Business: A data breach at a third party provider is almost as dangerous to a company’s security and reputation as an in-house incident. 

ID Agent to the Rescue: ID Agent’s dynamic digital risk protection platform offers both cutting-edge security awareness training, credential monitoring, and essential tools to protect data and systems – and business owners’ peace of mind.  LEARN MORE>>

Cybersecurity and Breach News – Australia & New Zealand

Australia – Regis Healthcare


Exploit: Ransomware

Regis Healthcare: Aged Home Operator

cybersecurity news represented by agauge showing severe risk

Risk to Small Business: 2.002 = Severe 

Care home operator Regis is reporting that it suffered a cyberattack leading tom a data breach that was allegedly perpetrated by “foreign attackers” using Maze ransomware. The stolen data from 2 servers includes the personal information of a small number of residents at Regis facilities and a staff member

cybersecurity news gauge indicating extreme risk

Individual Risk: 2.705 = Moderate 

While no financial information was reported stolen, a great deal of very specific and highly sensitive personal health data has been compromised. This is especially troubling as COVID-19 anxiety runs high, and may lead to public personal ramifications for patients that were affected as well as lending itself to spear phishing and blackmail attempts.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: The ripple effect of one breach can sometimes be felt throughout an industry, as many services and companies are intertwined. By adding a solid digital risk protection platform to their security plan, businesses can gain a more holistic view of their risks to start patching up holes in security before a problem becomes a disaster.

ID Agent to the Rescue: Get expert advice on how to position your clients for maximum protection against digital risk – and how to position yourself for greater success and increased MRR all in one powerful webinar. DOWNLOAD IT>>

The Week in Breach Cybersecurity and Breach News Risk Levels

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach Cybersecurity and Breach News are calculated using a formula that considers a wide range of factors related to the assessed breach.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

No comments:

Post a Comment