The Week in Breach December 13, 2018

 

This week, Quora was breached, and common breach mistakes are discussed.

Dark Web ID Trends:
Top Source Hits: ID Theft Forums (55%)
Top Compromise Type: Domains
Top Industry: High- Tech & IT
Top Employee Count: 11-50 employees (32%)


United States – Quora 

https://www.nytimes.com/2018/12/04/technology/quora-hack-data-breach.html
https://blog.quora.com/Quora-Security-Update

Exploit: Unclear at this time.
Quora: A popular question and answer site that boasts 300 million monthly active users.

correct severe gauge Risk to Small Business: 2.333 = Severe: People are not soon to forget that the question and answer site was unable to keep their data safe. This could cause a migration from any site to another similar one, something that is common among social media sites in particular.
correct moderate gauge Individual Risk: 2.857 = Moderate: Those affected by this breach are at an increased risk of phishing attacks

Customers Impacted: Unclear at this time.
How it Could Affect Your Business: Quora handled the breach very well, with the CEO releasing a blog post detailing what they know and apologizing to their users. The amount of time it will take for the organization to regain their users’ trust is unclear. The transparency by the organization’s leadership will greatly help it bounce back sooner than if they hadn’t responded as such.

ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach of this type. Learn more: https://www.idagent.com/identity-monitoring-programs

Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

United States – Humble Bundle
https://www.scmagazine.com/home/security-news/humble-bundle-breach-could-be-first-step-in-wider-attack/

Exploit: Credential Stuffing.
Humble Bundle: Humble Bundle, Inc. is a digital storefront for video games, which grew out of its original offering of Humble Bundles, collections of games sold at a price determined by the purchaser and with a portion of the price going towards charity and the rest split between the game developers.

correct severe gauge Risk to Small Business: 2.333 = Severe: The breach only contained user’s subscription status, but it is believed that this could be the first part of a more extreme breach. Because the bad actor knows if user’s subscriptions are active, inactive, or paused, they could send out spear-phishing emails about the subscriptions that would trick users into clicking.
correct moderate gauge Individual Risk: 3 = Moderate: No information directly related to the individual has been compromised other than the subscription status of users.

Customers Impacted: A “very limited” number of people.
How it Could Affect Your Business: This breach is a good lesson in how it is important to report any breach, as this seemingly minor breach is most likely the first step in a spear phishing campaign.
ID Agent to the Rescue: ID Agent offers Dark Web ID™ which discovers compromised credentials that could be used to implement a crypto jacking script. Make sure your credentials are safe; for more information go to https://www.idagent.com/dark-web/

Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.


In Other News:

DNA For Pay
The Leaders of Genomics England has revealed that foreign hackers have attempted to access the DNA data the organization is collecting. The reality that hackers could steal DNA data if they successfully access a network is a scary thought. As the general population becomes more aware that their data is valuable, it should also become apparent that handing over data and in this case, DNA, could result with it ending up on the Dark Web or in the hands of a nation state. While no breach occurred to this organization, the fact that they are regularly under attack should be a wake-up call.

https://www.telegraph.co.uk/news/2018/12/05/nhs-storing-patients-genetic-data-high-security-army-base-due/

What We’re Listening To

Know Tech Talks
The Continuum Podcast
Security Now
Defensive Security Podcast 
Small Business, Big Marketing – Australia’s #1 Marketing Show!
TubbTalk – The Podcast for IT Consultants
Risky Business
Frankly MSP
CHANNELe2e


A Note for You:

Be Ready for The Breach
Since Marriot International was breached, it has been hit with two lawsuits that claim the organization delayed the breach disclosure and weren’t transparent. How an organization handles a breach makes a significant impact on public opinion and customers trust. An organization that is seen to be forthcoming, transparent, and honest to their customers is much less likely to see a serious migration of customers.

Here are some common mistakes made when reporting breaches:

  • Not having a plan – Not being prepared for a breach can lead to a panicked, unorganized response that is half-baked. Just like every organization should have a fire response plan, every organization should have response procedures in place for a breach.
  • Downplaying the incident – Your customers deserve to know if they are at risk. Also downplaying the incident is likely illegal.
  • Delaying disclosure – Delaying disclosure can compromise the trust of your customers and may be illegal.
  • Oversharing / Under sharing – Sharing too much information can lead to bad actors taking note of the vulnerability and can put other organizations at risk. Sharing too little information can leave your customers at risk.
  • Not contacting the authorities – Involving law enforcement is free and can help significantly with the investigation.

https://www.darkreading.com/attacks-breaches/7-common-breach-disclosure-mistakes/d/d-id/1333401?image_number=1

https://www.proofpoint.com/us/resources/threat-reports/quarterly-threat-analysis

Advertisements

About Vic Levinson
Telecommunications and IT professional with over 25 years experience in Business Technology Solutions. Specializing in managed technologies solutions : hosted VoIP, cyber security, help desk, remote monitoring and maintenance, cloud work space and - the works. Founded Prime Telecommunications in 1993 and providing business communications solutions. Cloud Applications- everything from hosted network security, hosted Disaster Recovery, hosted printer management, data centers and colocation solutions for businesses.

Comments are closed.

%d bloggers like this: