Wednesday, October 21, 2020

The Week in Breach News

United States –  Boom! Mobile

https://securityaffairs.co/wordpress/108925/malware/ajg-ransomware-attack.html 

Exploit: Skimming (MageCart)

Boom! Mobile: Telecom 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.997 = Severe 

Credit card skimming software has landed at Boom! Mobile, courtesy of the cybercriminal skimmers at Fullz House. The card skimmer code settled in, collecting payment card information from input fields every time it detects any changes and immediately exfiltrating the harvested data for a week. The company’s mobile payment system is still undergoing repairs. 

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.517 = Severe 

Customers of Boom! Mobile who made electronic payments through the company’s website should consider their credit card information compromised and be alert to potential identity theft or fraud using that account.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Malware like this runs on a script that’s been grafted into the payment system, meaning cybercriminals have access to the nuts and bolts of that business. 

ID Agent to the Rescue: Passly guards against intrusion with cracked, stolen, or compromised passwords by adding simple but effective secure identity and access management protection.  LEARN MORE>>


United States – Friendemic

https://www.infosecurity-magazine.com/news/marketing-firm-spills-nearly-three/

Exploit: Unsecured Database 

Friendemic: Marketing Firm

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.227 = Severe 

Digital marketing firm Friendemic committed a classic blunder that led to a nasty data breach. An unsecured Amazon S3 bucket resulted in the exposure of  2.7 million records including full names, phone numbers, and email addresses, alongside 16 OAuth tokens stored in plaintext. The company noted that the information was not current customer data and the OAuth tokens were not currently in use. 

Individual Risk: No individual information was reported as compromised in this incident, although the potential is there. No details about the uncovered data are available.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Failing to secure a database, even an old one, shows a basic lack of attention to cybersecurity best practices, and that doesn’t build customer confidence.

ID Agent to the Rescue: BullPhish ID is an easy, cost-effective solution to help companies train staffers to be aware of cybersecurity risks including phishing with “set it and forget it” campaign management and plug-and-play training kits. LEARN MORE>>


United States – AAA Ambulance Service, Inc.

https://www.hattiesburgamerican.com/story/news/local/hattiesburg/2020/10/05/aaa-ambulance-service-hattiesburg-ms-reports-july-data-breach/3625304001/

Exploit: Ransomware

AAA Ambulance Service, Inc.: Ambulance Service 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.602 = Severe 

Hattiesburg, Mississippi based AAA Ambulance Service, Inc. is just one of several medical sector targets impacted by ransomware this week. A ransomware attack was repelled by the company’s security in July, but it was recently discovered that some client data was obtained around August 2020. 

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.316 = Severe 

Personal information about clients of the service was obtained by hackers, including client date of birth, Social Security number, driver’s license number, financial account number, diagnosis information, medical treatment information, patient account number, prescription information, medical record number, and health insurance information. Customers who may have been impacted have been contacted by the company and are also being offered complimentary credit monitoring services through TransUnion.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Serious personal information deserves serious security – and even a seemingly unsuccessful cyberattack can still result in data loss. Not only will healthcare sector companies have to pay recovery costs, but they’ll also be on the hook for regulatory penalties.

ID Agent to the Rescue: Ransomware is almost inevitably the nasty result of an employee falling for a phishing attack. BullPhish ID keeps staffers trained on current threats, with 4 new phishing resistance training kits added every month.  LEARN MORE>>


United States – Chowbus

https://www.businessinsider.com/chowbus-data-breach-leaked-information-hundreds-thousands-users-2020-10

Exploit: Accidental Insider Threat

Chowbus: Asian Food Delivery Service

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.267 = Moderate

A Chowbus staffer committed a blunder this week, resulting in a massive cybersecurity disaster. An email address registered with the company sent a link to files containing details of about 4,300 restaurants as well as information for 400,000 customers. So far, the incident appears to be a simple human error. 

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.660 = Moderate 

The 400,000 customer accounts leaked included clients’ names, postal addresses, phone numbers, and email addresses. All of the impacted accounts may not be unique, and no payment data was compromised. The restaurant information included was not specified. 

Customers Impacted: 4,300 restaurants and approximately 400,000 customers.

How it Could Affect Your Customers’ Business: The number one cause of a data breach never really changes – human error is typically at fault, whether it’s giving up a phished password or making an email forwarding mistake.

ID Agent to the Rescue: The ID Agent digital risk protection platform enables organizations of any size to implement security awareness training quickly and easily, bringing staffers up to date on the latest threats without breaking the bank.  LEARN MORE>> 


United States – Daniel B. Hastings

https://www.freightwaves.com/news/ransomware-hackers-claims-attack-on-texas-customs-broker

Exploit: Ransomware 

Daniel B. Hastings: Freight Forwarder

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.326 = Moderate 

In the latest incident in a spate of recent trucking and freight transport industry cyberattacks, Laredo, Texas-based Daniel B. Hastings was hit with a ransomware attack. the Conti ransomware group posted a selection of the company’s files on Saturday, and sources say that they appear authentic. They include completed U.S. Customs and Border Protection documents for shipments involving multiple countries, companies, and modes of transport.

Individual Risk: No personal data has been reported as impacted in this incident. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is a devastating weapon that bad actors are using to shut down essential services and attacks in the transportation and freight sectors have been increasing, with recent incidents involving several trucking and shipping companies. 

ID Agent to the Rescue: Learn how to protect systems and data from ransomware in our eBook “Ransomware 101“. DOWNLOAD IT NOW>>


United States – Georgia Department of Human Services 

https://www.cbs46.com/news/cyber-attack-targets-georgia-department-of-human-services/article_57f9749e-0a72-11eb-a724-3b34ced6f18f.html

Exploit: Employee Email Account Compromise 

Georgia Department of Human Services: State Agency 

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.414 = Extreme 

A massive breach at the Georgia Department of Human Services has left the highly sensitive data of adults and children in Child Protective Services (CPS) cases of the DHS Division of Family & Children Services (DFCS). The employee email account compromise ocurred in May 2020. Georgia DHS secured the account quickly, but damage included 

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.202 = Extreme 

Extremely sensitive information about parens, children, and families that has contact with DFCS was stolen in this attack, including full names of children involved in those cases and household members, relationship to the child receiving services, county of residence, DFCS case numbers, DFCS identification numbers, date of birth, age, number of times contacted by DFCS, an identifier of whether face-to-face contact was medically appropriate, phone numbers, email addresses, Social Security numbers, Medicaid identification numbers, Medicaid medical insurance identification numbers, medical provider names and appointment dates, plus some psychological reports, counseling notes, medical diagnoses, or substance abuse information and bank information.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Not only does a data breach leave a huge mess of expensive cleanup behind, in many industries like healthcare, a data breach can also mean your organization will be paying big regulatory penalties and fines too. 

ID Agent to the Rescue: Information like the personal and medical data obtained in this breach will be a hot commodity on the Dark Web. Protect your systems and data from Dark Web danger with 24/7/365 credential monitoring through Dark Web ID.  SEE DARK WEB ID IN ACTION>>


The Week in Breach News – Canada


Canada – Unity Health Toronto

https://www.canadiansecuritymag.com/toronto-hospital-network-says-info-of-about-150-patients-allegedly-stolen/

Exploit: Unauthorized Database Access (Malicious Insider) 

Unity Health Toronto: Hospital

cybersecurity news represented by agauge showing severe risk New This Week in Cybersecurity News Breach News This Week

Risk to Business: 1.969 = Severe 

A malicious insider caused a hubbub at a Canadian hospital. A disgruntled staffer at a third-party service provider stole patient information from Unity Health Toronto, which they then followed up with an attempt to extract payment from the organization for the return of the data. Unity Health Toronto disclosed that at least 150 patient records were impacted in this insider incident.

cybersecurity news represented by agauge showing severe risk New This Week in Cybersecurity News Breach News This Week

Individual Risk: 1.994 = Severe 

The records exposed contained patient names, medical history, diagnoses and treatments, according to the network. The company noted that no financial or health insurance information was included. 

Customers Impacted: 150

How it Could Affect Your Customers’ Business: Third party risk is a problem that every business faces in our increasingly interconnected world. When sensitive data is involved, the need to secure information that third party vendors have access to that could harm your business is paramount. 

ID Agent to the Rescue: Passly packs essential secure identity and access management tools like multifactor authentication, single sign-on, secure shared password vaults, and more in one cost-effective package, helping you blunt the impact of a third party data breach. LEARN MORE>> 


The Week in Breach News – United Kingdom & European Union


United Kingdom – Ardonagh Group 

https://www.theregister.com/2020/10/06/ardonagh_group_ransomware/

Exploit: Ransomware 

Ardonagh Group: Insurance Broker 

cybersecurity news represented by agauge showing severe risk New This Week in Cybersecurity News Breach News This Week

Risk to Business: 2.319 = Severe 

Top UK insurance broker Ardonaugh fell victim to a damaging ransomware attack that caused it to suspend 200 internal accounts, including accounts with admin privileges, as the infection progressed. Recovery operations are currently underway and a company spokeswoman noted that they’re working with third-party forensic and IT experts to manage the situation.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Phishing-based email threats are a danger for any company, and they’re only increasing as cybercriminals take advantage of a wealth of cheap data and software for conducting these attacks on the Dark Web. 

ID Agent to the Rescue: Preventing ransomware attacks starts with improving security awareness training, especially around phishing resistance. Regularly updated training can prevent up to 70% of cybersecurity incidents. SEE OUR SOLUTIONS>>


United Kingdom – Wisepay 

https://news.yahoo.com/wisepay-school-payments-hit-cyber-155028223.html

Exploit: Skimming 

Wisepay: Student Payment Account Provider 

cybersecurity news represented by agauge showing severe risk New This Week in Cybersecurity News Breach News This Week

Risk to Business: 2.022 = Severe 

Parents that use Wisepay to pay for their children’s ancillary school expenses experienced a shock this week when it was uncovered that the system had been breached by cybercriminal credit card skimming. The attacker was able to harvest payment details between October 2 and 5 via a spoof page. Attempted payments to about 300 schools have been affected by the scam. 

cybersecurity news represented by agauge showing severe risk New This Week in Cybersecurity News Breach News This Week

Individual Risk: 2.312 = Severe 

Any credit cards used to add money to student or school accounts during that window have likely been captured. Users should beware of fraudulent charges and identity theft attempts. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Payment skimmers are a fast and easy way for cybercriminals to make a quick profit, but disastrous for the merchants and services that are hit with skimming attacks, shaking customer confidence and exposing systems access weaknesses. 

ID Agent to the Rescue: Passly prevents unauthorized users from getting into your systems by requiring multifactor authentication for access, reducing the risk of a stolen or cracked password giving cybercriminals the keys to the kingdom. SEE PASSLY IN ACTION>>


Ireland – University Hospital Limerick 

https://www.informationsecuritybuzz.com/expert-comments/experts-on-gardai-investigate-major-data-breach-at-limerick-hospital/

Exploit: Information Theft/Malicious Insider

University Hospital Limerick: Medical Center

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.636 = Moderate 

In a strange event, University Hospital Limerick suffered a data breach caused by a malicious insider that exposed patient information on social media. The culprit, a rogue non-HSE employee, leaked records obtained from the hospital pharmacy containing the details of treatment and personal information for more than 600 patients, including 95 children. 

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.822 = Moderate 

The hospital has sent letters to notify those affected. The data exposed included the impacted patients’ names, dates of birth, and medicines dispensed from the hospital pharmacy between April 18 and April 22, 2020. No payment, insurance, or health record data was included. 

Customers Impacted: 630

How it Could Affect Your Customers’ Business: While most insider threats are accidental incidents caused by carelessness or employee error, more than 20% of cybersecurity incidents are caused by malicious insiders. 

ID Agent to the Rescue: Our digital risk protection platform offers businesses multiple tools for securing their systems and data, even from unexpected dangers like a malicious insider. LEARN MORE>>


Germany – Software AG

https://www.zdnet.com/article/german-tech-giant-software-ag-down-after-ransomware-attack/

Exploit: Ransomware

Software AG: Software Company 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.377 = Severe 

German tech giant Software AG ran afoul of a ransomware gang that’s demanding more than $20 million for the encryption key to some of their sensitive data. The gang, identified as Clop, posted samples of the data to the Dark Web after negotiations hit an impasse, including sensitive business data like employee passport and ID scans, employee emails, financial documents, and directories from the company’s internal network. 

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.417 = Severe 

The posted data shows that the gang obtained some employee personal data, and may have also obtained financial data. Employees should remain alert for potential identity theft, spear phishing, and fraud attempts 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Phishing is today’s biggest cybersecurity risk, and ransomware is one of the reasons why it’s an IT professional’s nightmare. 

ID Agent to the Rescue: Phishing brings ransomware in its wake. Reduce the chance of your business falling prey to a ransomware gang with phishing resistance training powered by BullPhish ID.  SEE A DEMO>>


The Week in Breach News – Australia & New Zealand


Australia – Snewpit

https://cybernews.com/security/australian-social-news-platform-leaks-80000-user-records/

Exploit: Unsecured Database

Snewpit: News Sharing Platform

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.411= Severe 

Cybersecurity researchers discovered an unsecured and exposed data bucket that belongs to Snewpit, an Australian news sharing platform. The unsecured bucket contains close to 80,000 user records, including usernames, full names, email addresses, and profile pictures. The bucket has since been secured.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.301 = Severe 

The exposed data included 256 video files filmed and uploaded by Snewpit users and developers, 23,586 image files of photos documenting local events that were uploaded by the users, and 4 CSV files, one of which contained 79,725 user records, including full names, email addresses, usernames, user descriptions, last login times, and total time spent in the Snewpit app, among other metrics.

Customers Impacted: 79,725

How it Could Affect Your Customers’ Business: Leaving user records and other proprietary data available in an unsecured database is a rookie move, and speaks to that company’s relationship with cybersecurity.


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

No comments:

Post a Comment

Newsletter April 2024