Breach News

This week, a Tampa Bay Credit Union gets spoofed, Canada sees an uptick in data breaches, and HR/Finance employees get caught in the cross-hairs of cybercrime.

Dark Web ID Trends:
Top Source Hits: Domains (99%) 
Top Compromise Type: ID Theft Forums (99%)
Top Industry: High-Tech / IT
Top Employee Count: 11 – 50 Employees


United States – Tampa Bay Federal Credit Union 

correct severe gauge Exploit: Debit card spoofing.
Tampa Bay Federal Credit Union: Financial services provider.
Risk to Small Business: 1.777 = Severe
Customers Impacted: Approximately 3,000, or 10% of all union members.
>> Read full details on our blog.


United States – Black Rock

extreme gauge Exploit: Database leak.
BlackRock: World’s largest asset manager and issuer of exchange-traded funds (ETFs).
Risk to Small Business: 1.777 = Severe
Customers Impacted: Over 12,000 advisers and sales representatives.
>> Read full details on our blog. 


United States- Hanover County 

correct severe gauge Exploit: Click2Gov breach of online payment portal.
Hanover County: Small county in the Commonwealth of Virginia.
Risk to Small Business: 2 = Severe
Customers Impacted: To be determined.
>> Read full details on our blog. 


Canada – Health Sciences North

correct severe gauge Exploit: System infection via zero-day virus.
Health Sciences North (HSN): Academic health science center and hospital.
Risk to Small Business: 2.111 = Severe
Customers Impacted: 
To be determined. 
>> Read full details on our blog. 

Canada – Coast Capital Savings 

extreme gauge Exploit: Phishing, “brute force,” and social engineering fraud.
Coast Capital Savings: Federal credit union headquartered in Surrey.
Risk to Small Business:  2.111 = Severe
Customers Impacted: 140 members. 
>> Read full details on our blog. 


United Kingdom – Newcastle’s Royal Grammar School 

correct severe gauge Exploit: Email spam.
Royal Grammar School (RGS): British independent school located in Newcastle.
Risk to Small Business: 2.111 = Severe
Customers Impacted: To be determined 
>> Read full details on our blog. 


France – Adverline

correct severe gauge Exploit: Magecart attack, also known as web card skimming.
Adverline: Paris-based online advertising company.
Risk to Small Business: 1.888 = Severe
Customers Impacted: To be determined. 
>> Read full details on our blog. 


New Zealand – 9 Websites

correct moderate gauge Exploit: Massive online data breach originating from Collection One.
9 Websites: A consortium of nine company websites that have asked to remain anonymous.
Risk to Small Business: 2 = Severe
Customers Impacted: Unknown.
>> Read full details on our blog. 


In Other News:

An Emerging Target for Data Breaches: HR and Finance Employees
As phishing attacks evolve in sophistication, human resource and finance teams are becoming caught in the crosshairs. Historically, such departments have been able to fend off poorly executed phishing campaigns. However, as hackers get smarter, so do their tactics. By adopting the writing styles of executives on social media, they can produce “look-alike” language that is capable of fooling even the most careful employees.

Many times, employee data can command a higher price tag on the Dark Web than customer data, since it is more likely to include social security numbers, dates of birth, names of dependents, and other lucrative data that can be used in perpetuity, instead of a one-time payment card fraud. When it comes to phishing attacks, it’s important to remember that human users are the weakest link the security chain.
https://searchhrsoftware.techtarget.com/feature/Phishing-attacks-are-top-employee-data-breach-threat-for-HR

What We’re Listening To
Know Tech Talks
The Continuum Podcast
Security Now
Defensive Security Podcast 
Small Business, Big Marketing – Australia’s #1 Marketing Show!
TubbTalk – The Podcast for IT Consultants
Risky Business
Frankly MSP
CHANNELe2e


A Note

Does anyone actually know how consumers are affected by a data breach?
If you take a peek into a recent newspaper, you’re likely to see the words ‘data breach’ flash across headlines. The conversation surrounding data privacy is becoming increasingly commonplace, yet surprisingly scarce in acknowledging the actual consequences or outcomes for affected consumers. Although we are able to speculate as to what might happen to consumers, we are usually left wondering what actually does.

This void in information results in our entire industry viewing only part of the problem, as we cannot understand the link between the efficacy of security measures and the level of harm caused to end-users. As a sector, we know very little regarding how hackers transform data breaches into financial gain for themselves. What can we do to solve this?

Tapping into the vast resources of law enforcement agencies, large banks, and major card providers. Through collaboration, they can offer financial forensics, fraud detection, and task forces that can help attribute breaches to thefts and fraud. Some would argue that investments and partnerships must be made to acquire such information, but enhancing awareness could be the match that lights the fire, illuminating the path towards global data accountability by consumers and businesses alike.
https://www.americanbanker.com/opinion/consumer-harm-from-data-breaches-is-a-black-box

 

Want to see how exposed you are? We can check your corporate domain for Dark Web breaches!

Advertisements

The Week In Breach

 

United States – Titan Manufacturing and Distribution

correct severe gauge Exploit: System breach through malware attack.
Titan: Retailer for tools, housewares, and household appliances.
Risk to Small Business: 1.555 = Severe
Customers Impacted: Total number to be determined, but 1,838 Washington residents were affected.
>> Read full details on our blog.

 


United States – Managed Health Services of Indiana 

extreme gauge Exploit: Third-party breach via employee email phishing attack.
Managed Health Services (MHS) of Indiana: Healthcare group that manages Indiana’s Hoosier Healthwise and Hoosier Care Connect Medicaid programs.
Risk to Small Business: 1.333 = Extreme
Customers Impacted: Up to 31,000 patients.
>> Read full details on our blog. 


United States- DiscountMugs.com

correct severe gauge Exploit: Injection of card skimming code into website.
DiscountMugs.com: E-commerce website for custom mugs and apparel.
Risk to Small Business: 1.666 = Severe
Customers Impacted: To be determined.
>> Read full details on our blog. 


India – Amazon

correct severe gauge Exploit: Internal technical glitch.
Amazon India: Online shopping site in India.
Risk to Small Business: 2.111 = Severe
Customers Impacted: 
400,000 sellers.
>> Read full details on our blog.


Singapore – SingHealth

extreme gauge Exploit: Initial malware infection coupled with a multi-pronged attack.
SingHealth: Singapore’s largest group of healthcare institutions.
Risk to Small Business: 1.444 = Extreme
Customers Impacted: 1.5M individuals.
>> Read full details on our blog. 


Italy- Maire Tecnimont SpA

correct severe gauge Exploit: Social engineering and business email compromise (BEC).
Maire Tecnimont SpA: Construction engineering company.
Risk to Small Business: 2.111 = Extreme
Customers Impacted: N/A
>> Read full details on our blog. 


Australia – Early Warning Network 

correct severe gauge Exploit: Compromise of login details.
Early Warning Network (EWN): Emergency weather alert system of Australia.
Risk to Small Business: 2.333 = Severe
Customers Impacted: N/A
>> Read full details on our blog. 


Australia – First National 

correct moderate gauge Exploit: Leak by “third-party” recruitment agency, Sales Inventory Profile.
First National: Real estate network.
Risk to Small Business: 2.555 = Moderate
Customers Impacted: 2,000 job applications.
>> Read full details on our blog. 

 


In Other News:

Hyatt will pay hackers to find security vulnerabilities
Hyatt Hotels recently launched a bug bounty program dubbed HackerOne, enabling ethical hackers to report security flaws for rewards up to $4,000. Considering recent card-skimming attacks against the hospitality chain, the innovative platform is designed to “tap into the vast expertise of the security research community to accelerate identifying and fixing potential vulnerabilities”. Other organizations that are following suit and using the platform include Google, Twitter, the US Department of Defense, GitHub, and Qualcomm.

https://www.hotelmanagement.net/tech/hyatt-hotels-launches-bug-bounty-program

What We’re Listening To
Know Tech Talks
The Continuum Podcast
Security Now
Defensive Security Podcast 
Small Business, Big Marketing – Australia’s #1 Marketing Show!
TubbTalk – The Podcast for IT Consultants
Risky Business
Frankly MSP
CHANNELe2e


A Note for You:

Video: Consumers are catching on to the data value exchange game.

Following the Cambridge Analytica scandal, Australia media company, Pureprofile, surveyed consumers to measure perceptions surrounding data use by organizations. Almost half (48%) were concerned about how their data was being used and intended to make changes to their privacy and sharing settings. Surprisingly, 26% of the Australian users surveyed decided to change or close their Facebook account.

When combined with other research on attitudes towards data use, it becomes clear that consumers are growing increasingly aware of the value exchange that occurs with online services, social media, and companies. However, they are not satisfied with how their data is being used and who exactly is using it, signaling a future paradigm shift in the way customers respond to data breaches.

Fostering trust with cyber vigilant customers begins by explaining how you are protecting their data. Consider highlighting your security solutions and outline how customer data is only being used when necessary, and with the intention of improving customer experiences to make their lives easier.

https://which-50.com/video-the-consumer-data-game-is-changing/

Hello 2019, Hello Breaches

This week, it was all fun and games until the Town of Salem game maker got breached, an Irish tram service dealt with ransom, and German politicians were besieged by cyber criminals.

Dark Web ID Trends:
Top Source Hits: ID Theft Forums (98%)
Top Compromise Type: Domains
Top Industry: Manufacturing 
Top Employee Count: 11-50 employees (36%)


United States – BlackMediaGames (Town of Salem)

https://www.scmagazine.com/home/security-news/town-of-salem-breach-affects-7-million-accounts/
Exploit: LFI/RFI attack that injected malicious code into database.
BlankMediaGames: Game maker of ‘Town of Salem’.

correct severe gauge Risk to Small Business: 2 = Severe: With a number as high as 7.6M users exposed, this cyberattack has the potential to be game-changing. News broke that DeHashed, a commercial breach indexing service, discovered the successful attack before Christmas and tried alerting the company, but no actions were made to secure the hacked servers and notify users until later on. Cybersecurity experts are claiming that the company’s hashing technique (PHPBB) for securing passwords was relatively weak, meaning that it is only a matter of time until hackers were able to crack them.
correct moderate gauge Individual Risk: 2.428 = Severe: Stolen user data included usernames, email addresses, hashed passwords, IP addresses, and game/forum activities. Payment information or credit card details were not exposed, but compromised information can still be leveraged to gain access to payment details on other similar accounts.

Customers Impacted: 7.6M users of ‘Town of Salem’.
How it Could Affect Your Business: Although BlankMediaGames clarified that it does not handle payment information, users may not fully grasp what this means. When they hear breach, they feel exposed. To further compound the issue, the company admitted that its hashing platform for passwords was not as secure as it could be. Overall, video game services are becoming “low hanging fruits” for cybercriminals due to the emphasis of user experience over security and increasingly growing value of digital “in-game” goods or purchases.
ID Agent to the Rescue: SpotLight ID™ is backed by our $1M identity theft restoration policy, and can help MSPs’ clients proactively protect customers while enhancing overall cyber security awareness. Learn more at:https://www.idagent.com/identity-monitoring-programs.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

France and Spain – Orange

https://www.zdnet.com/article/over-19000-orange-modems-are-leaking-wifi-credentials/

Exploit: Device vulnerability in modems that reveals Wi-Fi credentials.
Orange: Telecommunications operator that offers a router product.

correct severe gauge Risk to Small Business: 2.333= Severe: Although such an attack can be contained by finding all the hardware products with vulnerabilities, the breach can negatively impact customers and result in the erosion of brand loyalty.
correct moderate gauge Individual Risk: 2.571= Moderate: Such a compromise can be dangerous because it enables hackers to execute on-location proximity attacks, which means they can travel to a company headquarters or home to access a network and then hack into connected devices nearby. Also, Wi-FI passwords might be reused elsewhere, such as the backend administration panel, allowing hackers to control the system infrastructure and create online botnets.

Customers Impacted: 19,500 customers using Orange Livebox modems.
How it Could Affect Your Business: Security vulnerabilities in hardware can be financially catastrophic, as they usually result in expensive patches, product recalls, reinvention, and customer churn.
ID Agent to the Rescue: Dark Web ID™ monitors the Dark Web and can help discover this form of breach before it hits the news cycle. We work with MSP and MSSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

Ireland – Luas

https://www.independent.co.uk/travel/news-and-advice/luas-website-down-dublin-tram-hacked-not-working-data-leak-bitcoin-a8709446.html

Exploit: Website compromise via newsletter hack.
Luas: Light rail system in Dublin.

correct severe gauge Risk to Small Business: 2.111 = Severe: Since the investigation is ongoing, the extent of damage is not determined. However, the hacker responsible for the attack threatened to publish all compromised data if the demanded ransom of 1 bitcoin was not met within 5 days. Currently, no financial information has been exposed, but complete access to a company’s website can result in theft of IP, IT system interference, and entry into sensitive data.
correct moderate gauge Individual Risk: 3 = Moderate: Given that the attack was limited to the 3,226 that signed up for the Luas newsletter and did not include payment details, the threat to individual compromises is relatively low. Nevertheless, it remains to be seen if there will be other repercussions.

Customers Impacted: 3,226 people who signed up for the Luas newsletter.
How it Could Affect Your Business: Situations where ransom is involved can be sticky, since there is no assurance that the hacker will not leak the data even if the ransom is paid. On the other hand, the group or person responsible has threatened to publish all data and send emails to the users, which could cause customers to avoid visiting the website or trusting their payment information with the tram service. Also, the hacker could virtually destroy the website, resulting in the company having to rebuild their entire platform.
ID Agent to the Rescue: Dark Web ID can help you proactively monitor if customer data is being leaked on the Dark Web, helping reduce the impact of such a breach. See how you can benefit here: https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

Australia – Victorian Government

https://www.abc.net.au/news/2019-01-01/victorian-government-employee-directory-data-breach/10676932

Exploit: Phishing attack on government employee directory.
Victorian Government: State government of Victoria.

correct severe gauge Risk to Small Business: 2.333 = Severe: Even though the stolen directory included work details for 30,000 government employees, the list only contained work emails, job titles, work phone numbers, and in some cases, mobile phone numbers. However, there is the possibility that public servants who were compromised may feel exposed and choose to leave, causing employee turnover.

 

correct moderate gauge Individual Risk: 2.714 = Moderate: Payment and banking information was not compromised, but the compromised information can still be manipulated by hackers to orchestrate future phishing, spam, and social engineering attacks. Those who were affected should remain vigilant in order to protect themselves.

Customers Impacted: 30,000 government employees.
How it Could Affect Your Business: Following last week’s coverage of the Nova Entertainment compromise, it is clear that data breach notifications are piling up in Australia after the introduction of the Notifiable Data Breaches (NDB) scheme. Businesses and consumers alike are beginning to realize the magnitude of breaches that are seemingly benign but can be leveraged to execute complex cybercrime.
ID Agent to the Rescue: Dark Web ID by ID Agent can help proactively monitor stolen employee and customer data, mitigating losses from this breach type. Learn more at: https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.


In Other News:

German Politicians and Celebrities are Under Attack
Hundreds of German parliament members, most notably Chancellor Angela Merkel, and celebrities are having their personal details leaked in what seems to be a politically motivated cyber-attack. Information including financial details, contact information, private conversations, and more was originally leaked in December on a Twitter account, which was only recently discovered and suspended.

Although six of seven main political parties were among those affected, no members from the far-right Alternative party (AfD) seem to be impacted. Officials are saying that the data could have been obtained by hackers using stolen passwords to log into email accounts, social networks, and cloud-based services.
https://www.bankinfosecurity.com/hackers-leak-hundreds-german-politicians-personal-data-a-11915

What We’re Listening To
Know Tech Talks
The Continuum Podcast
Security Now
Defensive Security Podcast 
Small Business, Big Marketing – Australia’s #1 Marketing Show!
TubbTalk – The Podcast for IT Consultants
Risky Business
Frankly MSP
CHANNELe2e


How Work-From-Home Can Open Your Business Up to Breach

As the historical debate surrounding work-from-home (WFH) policies continues to reach news headlines, an additional consideration has surfaced: IT security. Home networks in WFH environments can expose your company to security risks, as devices are connected to the internet and can serve as an entry point for hacks.

With the advent of remote working arrangements and rising adoption of smart devices, employees are accessing enterprise software such as cloud-based apps, video conferencing software, and file sharing regularly, resulting in vulnerabilities that black hats can tap into with little to no difficulty.

Of course, this doesn’t necessarily mean you should discontinue your WFH policy. Instead, consider how you can arm your employees with best practices for securing their devices and networks to avoid breach possibilities.
https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/2019

Week in Breach- last post of 2018

Databreach

This week, Caribou Coffee gets roasted, and memes are being used as code.

Dark Web ID Trends:
Top Source Hits: ID Theft Forums (100%)
Top Compromise Type: Domains
Top Industry: Legal
Top Employee Count: 251 – 500 employees (50%)


United States – Caribou Coffee

https://www.zdnet.com/article/caribou-coffee-chain-announces-card-breach-impacting-239-stores/

Below is a link to the notification published by Caribou regarding the affected locations: https://assets.coffeeandbagels-static.com/cariboucoffee/Data-Security-Notice.pdf

Exploit: Compromise of POS systems.
Caribou Coffee: A large coffee chain in the United States.

correct severe gauge Risk to Small Business: 1.777 = Severe: A breach of this magnitude would have a negative impact on any organization for a long time. Around 40% of the company’s locations were affected by the breach, with all cards used during the breach being considered accessed.
correct moderate gauge Individual Risk: 2.428 = Severe: Those affected by this breach are at an increased risk of identity theft. Those who used a credit or debit card at the organization between August 28, 2018, and December 3, 2018.

Customers Impacted: 239 of the organization’s stores were affected by the breach.

How it Could Affect Your Business: Credit card information being accessed is never good for business. Customers tend not to forget the company whose breach resulted in them losing money.

ID Agent to the Rescue: Spotlight ID™ by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach of this type.
Learn more:Learn more: https://www.idagent.com/identity-monitoring-programs

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

United Kingdom – Steelite

https://cyware.com/news/pottery-giant-steelite-international-hit-by-a-massive-cyber-attack-0b640be8

Exploit: Ransomware.
Steelite: A Middleport-based company that manufactures tableware for the hospitality industry.

correct severe gauge Risk to Small Business: 1.888= Severe: The risk to small business in this scenario is very high. Ransomware is becoming more and more prevalent in the cyber-crime scene as it is a low-risk/ high reward attack vector.
correct moderate gauge Individual Risk: 2.571= ModerateIt is unclear if payroll information was accessed, but due to the sensitive nature of the encrypted files, it would be best to be cautious.

Customers Impacted: The employees who work at the organization are the ones at risk.

How it Could Affect Your Business: Payroll information is vital for operating a business, which makes this attack particularly damaging. Many organizations would not have the resources available to rebuild their payroll servers so quickly, which would leave them in a precarious situation.

ID Agent to the Rescue: ID Agent offers Dark Web ID™ which discovers compromised credentials that could be used to implement a crypto jacking script. Make sure your credentials are safe; for more information go to https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.


In Other News:
Facebook, What Are You Doing?
Facebook continues to let down its users this week… this time by providing user data to a wide variety of large companies for commercial purposes. Some of the companies that took advantage of Facebook’s fast and loose outlook on its customers’ data include Apple, Amazon, Microsoft, Spotify, and Netflix. The information even included private messages between users. When Amazon was asked about how it used the user data Facebook provided them, their official statement stated they used the data “appropriately,” which is not very comforting.

https://www.theverge.com/2018/12/18/18147616/facebook-user-data-giveaway-nyt-apple-amazon-spotify-netflix

What We’re Listening To
Know Tech Talks
The Continuum Podcast
Security Now
Defensive Security Podcast 
Small Business, Big Marketing – Australia’s #1 Marketing Show!
TubbTalk – The Podcast for IT Consultants
Risky Business
Frankly MSP
CHANNELe2e



Twitter Memes
Researchers have discovered a malware that is being distributed by hackers, which receives instructions from… memes.

That’s right, this form of malware that targets Windows systems can “capture local screenshots, enumerating applications on the system, checking for vulnerabilities in them, capturing clipboard content, and sending files back to the attacker.” It also can receive instructions from Twitter memes. This type of communication is known as stenography and hypothetically could be used to instruct many people at once with memes, while surpassing most detection systems.

So, stay frosty this holiday while perusing the interwebs for memes! Make sure all your systems are up to date and your credentials aren’t compromised… better to enjoy this season!
https://www.darkreading.com/threat-intelligence/memes-on-twitter-used-to-communicate-with-malware/d/d-id/1333518

The Week in Breach December 13, 2018

 

This week, Quora was breached, and common breach mistakes are discussed.

Dark Web ID Trends:
Top Source Hits: ID Theft Forums (55%)
Top Compromise Type: Domains
Top Industry: High- Tech & IT
Top Employee Count: 11-50 employees (32%)


United States – Quora 

https://www.nytimes.com/2018/12/04/technology/quora-hack-data-breach.html
https://blog.quora.com/Quora-Security-Update

Exploit: Unclear at this time.
Quora: A popular question and answer site that boasts 300 million monthly active users.

correct severe gauge Risk to Small Business: 2.333 = Severe: People are not soon to forget that the question and answer site was unable to keep their data safe. This could cause a migration from any site to another similar one, something that is common among social media sites in particular.
correct moderate gauge Individual Risk: 2.857 = Moderate: Those affected by this breach are at an increased risk of phishing attacks

Customers Impacted: Unclear at this time.
How it Could Affect Your Business: Quora handled the breach very well, with the CEO releasing a blog post detailing what they know and apologizing to their users. The amount of time it will take for the organization to regain their users’ trust is unclear. The transparency by the organization’s leadership will greatly help it bounce back sooner than if they hadn’t responded as such.

ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach of this type. Learn more: https://www.idagent.com/identity-monitoring-programs

Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

United States – Humble Bundle
https://www.scmagazine.com/home/security-news/humble-bundle-breach-could-be-first-step-in-wider-attack/

Exploit: Credential Stuffing.
Humble Bundle: Humble Bundle, Inc. is a digital storefront for video games, which grew out of its original offering of Humble Bundles, collections of games sold at a price determined by the purchaser and with a portion of the price going towards charity and the rest split between the game developers.

correct severe gauge Risk to Small Business: 2.333 = Severe: The breach only contained user’s subscription status, but it is believed that this could be the first part of a more extreme breach. Because the bad actor knows if user’s subscriptions are active, inactive, or paused, they could send out spear-phishing emails about the subscriptions that would trick users into clicking.
correct moderate gauge Individual Risk: 3 = Moderate: No information directly related to the individual has been compromised other than the subscription status of users.

Customers Impacted: A “very limited” number of people.
How it Could Affect Your Business: This breach is a good lesson in how it is important to report any breach, as this seemingly minor breach is most likely the first step in a spear phishing campaign.
ID Agent to the Rescue: ID Agent offers Dark Web ID™ which discovers compromised credentials that could be used to implement a crypto jacking script. Make sure your credentials are safe; for more information go to https://www.idagent.com/dark-web/

Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.


In Other News:

DNA For Pay
The Leaders of Genomics England has revealed that foreign hackers have attempted to access the DNA data the organization is collecting. The reality that hackers could steal DNA data if they successfully access a network is a scary thought. As the general population becomes more aware that their data is valuable, it should also become apparent that handing over data and in this case, DNA, could result with it ending up on the Dark Web or in the hands of a nation state. While no breach occurred to this organization, the fact that they are regularly under attack should be a wake-up call.

https://www.telegraph.co.uk/news/2018/12/05/nhs-storing-patients-genetic-data-high-security-army-base-due/

What We’re Listening To

Know Tech Talks
The Continuum Podcast
Security Now
Defensive Security Podcast 
Small Business, Big Marketing – Australia’s #1 Marketing Show!
TubbTalk – The Podcast for IT Consultants
Risky Business
Frankly MSP
CHANNELe2e


A Note for You:

Be Ready for The Breach
Since Marriot International was breached, it has been hit with two lawsuits that claim the organization delayed the breach disclosure and weren’t transparent. How an organization handles a breach makes a significant impact on public opinion and customers trust. An organization that is seen to be forthcoming, transparent, and honest to their customers is much less likely to see a serious migration of customers.

Here are some common mistakes made when reporting breaches:

  • Not having a plan – Not being prepared for a breach can lead to a panicked, unorganized response that is half-baked. Just like every organization should have a fire response plan, every organization should have response procedures in place for a breach.
  • Downplaying the incident – Your customers deserve to know if they are at risk. Also downplaying the incident is likely illegal.
  • Delaying disclosure – Delaying disclosure can compromise the trust of your customers and may be illegal.
  • Oversharing / Under sharing – Sharing too much information can lead to bad actors taking note of the vulnerability and can put other organizations at risk. Sharing too little information can leave your customers at risk.
  • Not contacting the authorities – Involving law enforcement is free and can help significantly with the investigation.

https://www.darkreading.com/attacks-breaches/7-common-breach-disclosure-mistakes/d/d-id/1333401?image_number=1

https://www.proofpoint.com/us/resources/threat-reports/quarterly-threat-analysis

The Week in Breach December 6 2018

This week we report on Marriott’s massive breach, the indictment of those responsible for many SamSam attacks across the U.S., and hackers switching targets.

Dark Web ID Trends:
Top Source Hits: ID Theft Forums (98%)
Top Compromise Type: Domains
Top Industry: Finance and Insurance (13%)
Top Employee Count: 11-50 employees (45%)


Global Breach – Marriott
https://www.nbcnews.com/tech/security/marriott-says-data-breach-compromised-info-500-million-guests-n942041
https://www.cnbc.com/2016/09/23/marriott-buys-starwood-becoming-worlds-largest-hotel-chain.html
https://answers.kroll.com/us/index.html
https://www.msspalert.com/cybersecurity-breaches-and-attacks/marriott-starwood-data-breach-pressures-stock/
utm_medium=email&utm_source=sendpress&utm_campaign

Exploit: Supply chain breach.
Marriott: The largest hotel chain in the world, “30 hotel brands now fall under the Marriott umbrella to create the largest hotel chain in the world with more than 5,800 properties and 1.1 million rooms in more than 110 countries. That’s more than 1 out of every 15 hotel rooms around the globe.”

correct severe gauge Risk to Small Business: 1.444 = Extreme: Considering how damaging this breach will be to Marriott, the largest hotel chain in the world, it is safe to say that the ramifications of a breach as severe as this one has the potential to cripple a small business. One of the most damaging parts of this breach is that there has been unauthorized access to the Starwood network since 2014, meaning a bad actor, or group of bad actors, has been siphoning off data for years without being detected.
correct moderate gauge Individual Risk: 2.285 = Severe: Those affected by this breach are at an increased risk of phishing attacks. Identity theft is also a very real possibility due to the amount of information accessed, including passport numbers. The passport numbers alone could fetch a good price on the Dark Web.

Customers Impacted: Approximately 500 million.
How it Could Affect Your Business: The length of time information was being accessed is one of the most damaging parts of this breach, as well as the massive scope. The largest hotel chain in the world has been compromised since 2016 (although Starwood, the compromised subsidiary has been compromised since 2014, Marriott purchased the brand in 2016). Those who were affected by the breach are likely to avoid the chain in the future and those who are not will certainly be more hesitant.
ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach of this type.
Learn more: https://www.idagent.com/identity-monitoring-program

Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

United Kingdom – Just Urban

https://techcrunch.com/2018/11/27/urban-massage-data-exposed-customers-creepy-clients/

Exploit: Exposed database.
Just Urban: A London-based startup, used for booking massages.

correct severe gauge Risk to Small Business: 2 = Severe: The damage dealt by this breach to a small or new business could stunt the growth of the company and even cause a loss of clients. Some of the data exposed included complaints about clients. While it is important for the employees of a massage company, especially one that goes to a person’s home, to share if a certain client is inappropriate – most organizations could face severe backlash from their customer base if complaints about them surfaced.
correct moderate gauge Individual Risk: 2.714 = Moderate: In some cases, the individuals affected by this breach had complaints about them recorded by the massage therapist. These complaints can be embarrassing, but often times the complaints were in reference to the client’s actions towards the massage therapist. Some of the complaints included: requesting “sexual services from therapist”, with some clients even being marked as dangerous. These complaints were tied to the client’s full name, phone number, postcode and address.

Customers Impacted: 309,000.
How it Could Affect Your Business:  In any organization, the exposure of complaints against customers is highly embarrassing in addition to being bad for business. The reasons why the complaints exist make sense in the context of the organizations operations but is still a damaging blow to the standing of the company with its clients. Most organizations would not have the justification for keeping such complaints on file, and NO organization can justify leaving a database exposed with sensitive business and client information. It could take years for an organization that experiences a breach such as this to recover and regain trust.
ID Agent to the Rescue: ID Agent offers Dark Web ID™ which discovers compromised credentials that could be used to implement a crypto jacking script. Make sure your credentials are safe; for more information go tohttps://www.idagent.com/dark-web/

Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.


In Other News:

IranIran SamSam Goes ByeBye
Two Iranian men living in New Jersey were indicted for using the infamous SamSam ransomware to collect over $6million USD (7,981,320.00 CAD, 8,205,990.00 AUD, 5,278,320.00 EUR) and causing over $30 million USD ($39,906,600.00 CAD, $41,029,950.00 AUD, 26,391,600.00 EUR) in damages. SamSam is well known for its targeting of infrastructure, including hospitals. Here is a list of some of the targets during their spree:

City of Atlanta, Georgia; the City of Newark, New Jersey; the Port of San Diego, California; the Colorado Department of Transportation; the University of Calgary in Calgary, Alberta, Canada; and six health care-related entities: Hollywood Presbyterian Medical Center in Los Angeles, California; Kansas Heart Hospital in Wichita, Kansas; Laboratory Corporation of America Holdings, more commonly known as LabCorp, headquartered in Burlington, North Carolina; MedStar Health, headquartered in Columbia, Maryland; Nebraska Orthopedic Hospital now known as OrthoNebraska Hospital, in Omaha, Nebraska and Allscripts Healthcare Solutions Inc., headquartered in Chicago, Illinois.

https://www.justice.gov/opa/pr/two-iranian-men-indicted-deploying-ransomware-extort-hospitals-municipalities-and-public?fbclid=IwAR2B58dKjoDQT48LK7EEQwD_Y1TqbGQCqAC9K1YzzO7WYmmor7l8QPj5tZ8

What We’re Listening To

Know Tech Talks
The Continuum Podcast
Security Now
Defensive Security Podcast 
Small Business, Big Marketing – Australia’s #1 Marketing Show!
TubbTalk – The Podcast for IT Consultants
Risky Business
Frankly MSP
CHANNELe2e



The Evolution of a Phish
A new report has shed light on the fact that not only are email-based attacks on the rise, but they are spreading at an alarming rate. Cyber criminals have been shuffling their decks of targets, as 99% of the most heavily targeted email addresses this quarter are different than those targeted in Q3. The phishing emails now are more likely to show up in the inbox of your marketing, public relations, and human resources departments. The reasoning behind this shift is that these teams have access to information about earnings and employee records. It is important to stay agile in cybersecurity, as cyber criminals are always adapting to find new ways to compromise credentials and hack into organizations.

https://www.proofpoint.com/us/resources/threat-reports/quarterly-threat-analysis

This Last Week in Breach

 

This week, Amazon experienced technical issues, and cybersecurity culture isn’t where it needs to be in 95% of organizations.

Dark Web ID Trends:
Top Source Hits: ID Theft Forums (98%)
Top Compromise Type: Domains
Top Industry: Manufacturing
Top Employee Count: 11-50 employees (36%)


Global Breach – Amazon
https://www.theregister.co.uk/2018/11/21/amazon_data_breach/

Exploit: Technical error.
Amazon: Online shopping behemoth. Amazon is based out of Washington in the United States.

correct severe gauge Business Risk: 2.333 = Severe: Customers get concerned when they receive an email that informs them that their data has been disclosed, and despite the problem being a technical issue rather than an external actor hacking into the network, the image of the organization is still tarnished.
correct moderate gauge Individual Risk: 2.857 = Moderate: Those affected by this breach are at an increased risk of phishing attacks. When people are addressed by their name or if there is any personal info in a phishing email, it is more likely to opened.

Customers Impacted: Unclear at this time.
How it Could Affect Your Business: The severity of this breach is not the most damaging part, contrary to most breaches. In fact, the most damaging part of this breach has been Amazon’s poor transparency which causes speculation and paints the organization in a very negative light. The behavior of the company indicates that if a seriously damaging breach were ever to occur, they would not be transparent to their customers.

ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach of this type. Learn more: https://www.idagent.com/identity-monitoring-programs

Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

United States – Make-A-Wish Foundation

https://threatpost.com/cryptojacking-attack-targets-make-a-wish-foundation-website/139194/

Exploit: Crypto jacking.
Make-A-Wish Foundation: Non-profit that arranges for children with critical illnesses to have experiences they would not be able to otherwise.

correct severe gauge Business Risk: 2.333 = Severe: The negative public image associated with being breached does not give a break to even the most just of causes, non-profit or for profit. Those who have visited the Make-A-Wish foundation international site have been lending CPU power to mine for cryptocurrency which will deter visitors in the future.
correct moderate gauge Individual Risk: 3 = Moderate: No information related to the individual has been compromised.

Customers Impacted: Unclear at this time.
How it Could Affect Your Business: While the personal data of customers was not accessed or breached, the site itself has been stealing CPU power from those visiting the site in order to mine cryptocurrency. This would affect how many customers would use a site, and also is a prime example that non-profit organizations are not immune to being targeted by hackers.

ID Agent to the Rescue: ID Agent offers Dark Web ID™ which discovers compromised credentials that could be used to implement a crypto jacking script. Make sure your credentials are safe; for more information go to https://www.idagent.com/dark-web/

Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.


In Other News:

Dark Web Down 

One of the largest hosting services for Dark Web sites has been hacked, with devastating results to the sites that used the service. 100% of the accounts hosted by Daniel’s Hosting were deleted, including the root account. Over 6,500 Dark Web sites were hosted by the service and it is unlikely they will see their data again.
https://www.zdnet.com/article/popular-dark-web-hosting-provider-got-hacked-6500-sites-down/

What We’re Listening To

Know Tech Talks
The Continuum Podcast
Security Now
Defensive Security Podcast 
Small Business, Big Marketing – Australia’s #1 Marketing Show!
TubbTalk – The Podcast for IT Consultants
Risky Business
Frankly MSP
CHANNELe2e

National Computer Security Day is Upon Us 

Friday the 30th of November is National Computer Security Day, and the perfect chance for you to convey what it means for your clients to have good cyber hygiene! Offering tips makes both of your jobs easier. Starting this conversation not only shows your expertise as their MSP but it gives clients real examples of how your other security services will protect their network and pair well in their current security stack.



Do It for The Culture
According to a report by ISACA, 95% of organizations find there is a gap between their desired culture surrounding cybersecurity and what their culture actually looks like. This is concerning, especially because 87% of those surveyed said that their organization would be more profitable if their cybersecurity culture improved.

What is causing this gap? A variety of factors come into play, including a lack of understanding on the part of leadership, lack of funding, and a lack of employees respecting the cybersecurity procedures.

With the holidays approaching and employees shopping across the web, now is the perfect time to reinforce cybersecurity culture at your organization. A breach on a popular retail site could lead to a breach within your organization if employees use the same passwords at work and home.

http://www.isaca.org/SiteCollectionDocuments/Cybersecurity-Culture-INFOGRAPHIC.pdf

The Week in Breach: 10/20/18 – 10/26/18

Halloween Breaches

Germany and Hong Kong get highlighted in this edition of The Week in Breach.

Dark Web ID Trends:

  • Total Compromises: 37,290
  • Top Source Hits: Website (36,618)
    • Disqus.com (36,618)
  • Top PIIs compromised: Domains (37,253)
    • Hashed/Cleartext Passwords (36,617)
  • Top Company Size: 11-50
  • Top Industry: High-Tech & IT

Hong Kong – Cathay Pacific Airways
https://www.reuters.com/article/us-cathay-pacific-cyber/cathay-pacific-flags-data-breach-affecting-94-million-passengers-idUSKCN1MY26L
Exploit: Unclear at this time.
Cathay Pacific Airways: Hong Kong-based international airline.
Risk to Small Business: 1.666 = Severe: Customers are not soon to forget the company that failed to secure their data and waited several months to acknowledge their breach.
Individual Risk: 2.285 = Severe: Individuals affected by this breach are at a higher risk of credit card fraud and should contact their card issuer, cancel their cards immediately, and enroll in a credit monitoring service, if provided.
Customers Impacted: 9.4 million.

How it Could Affect Your Business
For any organization, a breach where the hacker obtained payment information is a customer relations disaster. A breach where almost 9.5 million customers were affected would scale this disaster up to match.

ID Agent to the Rescue:
  Spotlight ID by ID Agent offers comprehensive identity monitoring that is vital for those affected by a breach such as this. Learn more: https://www.idagent.com/identity-monitoring-programs
Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

Germany – Wolf Intelligence
https://motherboard.vice.com/en_us/article/vbka8b/wolf-intelligence-leak-customer-victim-data-online
Exploit: Exposed database.
Wolf Intelligence: German-based spyware startup.
Risk to Small Business: 1.666 = Severe: A breach caused by negligence is hard to explain to a customer, which would affect the amount of time it would take to regain trust.
Individual Risk: 2.142 = Severe: Because the data exposed was highly personal, including phone conversations and texts, those affected by this breach are at a higher risk of identity theft.
Customers Impacted: 20 gigabytes of data exposed, it is unclear how many customer’s data existed within that.

How it Could Affect Your Business: An organization in the spyware industry will obviously take a SEVERE hit to their reputation, but any company would suffer the embarrassment of the founder leaving scans of his credit cards exposed on the internet.

ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach such as this. Learn more: https://www.idagent.com/identity-monitoring-programs
Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.


In Other News:
Repair Your Phone Yourself:
It is now legal to break Digital Rights Management in order to repair your phone, following a ruling at the US Copyright Office. This is big news for third-party phone repair shops, as well as the repair businesses of many other products such as cars, tablets, refrigerators and even tractors. Go ahead and crack that old broken iPhone open to fix it yourself! Well… try to fix it at your own risk, but now you have the option.

https://www.zdnet.com/article/need-to-fix-an-iphone-or-android-device-you-can-now-break-drm-under-new-us-rules/

Podcasts:
Know Tech Talks – Hosted by Barb Paluszkiewicz
The Continuum Podcast
Security Now – Hosted by Steve Gibson, Leo Laporte
Defensive Security Podcast – Hosted by Jerry Bell (@maliciouslink) and Andrew Kalat (@lerg)
Small Business, Big Marketing – Australia’s #1 Marketing Show!



Ransomscare.
There was an article that came out this week written by the previous CIO of the New York City Law Department (which is also the world’s largest public sector law firm, fun fact), discussing the best ways to avoid ransomware. In the article he discussed 3 key points:

1.Cyber Hygiene: This is an obvious one but cannot be underrated! Passwords must be changed regularly, and everyone must remain diligent while browsing their inbox.

2. Best practices: Best practices in this context covers updating existing tech, using preventative technologies, and communication. To have the best practice for updating existing tech, put a priority on pushing out patches, use cloud web application firewalls and credential monitoring to stay a step ahead with preventative tech, and communicate with your security team and employees about what they should be doing as individuals and as a team.

3. Testing disaster recovery plans: This point is self-explanatory, you need a test to see if your backup plans work. You wouldn’t leave the fire alarms untested!

With ransomware being seen all over the world from Atlanta to Moscow to Sydney, it is something every business should take into account.
https://www.darkreading.com/cloud/3-keys-to-reducing-the-threat-of-ransomware/a/d-id/1333113

 

Would you like a free report on your corporate domain credentials exposed on the Dark Web?

The Week in Breach

Data Breach October 25

 

This week Tumblr was breached and we explore Dark Web job postings.

Dark Web ID Trends:

Total Compromises: 3,767
Top Source Hits: ID Theft Forum (1,429)
Top PIIs compromised: Domains (3,761)
Clear Text Passwords (876)
Top Company Size: 11-50
Top Industry: Business & Professional Services and Finance & Insurance

Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United States – Disqus
https://thehackernews.com/2017/10/disqus-comment-system-hacked.html
Exploit: Exposed Database
Disqus: A network community platform that allows users to blog or comment on other company’s websites. It can be installed as a plug-in or drop-in code. Disqus collects user data on the back end and allows companies to use this information for customer analytics, etc…
Risk to Small Business: 2.4444 = Severe: Although roughly 1/3 of the 17.5 million records compromised involved passwords, they happened to be salted/hashed. The company also discovered and announced the breach in a quick manner and notified the affected customers.
Individual Risk: 2.4286 = Severe: Those affected by this breach will be at a high risk of identity theft.
Customers Impacted: 5.8 million
How it Could Affect Your Customers’ Business: The breach involved a large number of customers; however, the database was from 2012 and most credentials could have already been changed. While this is damaging to Disqus’ reputation, they followed protocol and demonstrated how to do breach disclosure the proper way.
ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that is vital for those affected by a breach such as this. Learn more: https://www.idagent.com/identity-monitoring-programs

United States – Tumblr
https://www.bleepingcomputer.com/news/security/tumblr-fixes-security-bug-that-leaked-private-account-info/
Exploit: Bug.
Tumblr: A popular blogging website.
Risk to Small Business: 2 = Severe: While Tumblr deserves some credit for 1. Having a bug bounty program that resulted in catching this bug, and 2. Fixing the bug in less than 12 hours after it was discovered, many customers will not appreciate their personal information being leaked and will react accordingly. Tumblr’s timely response, disclosure of the breach, and its bug bounty program will likely reduce the impact on the business significantly.
Individual Risk: 2.714 = Moderate: Email addresses were leaked so those affected by the breach are at a higher risk of spam.
Customers Impacted: All of the ‘recommend blogs’ shown on Tumblr.
How it Could Affect Your Business: A breach that exposes user information is always going to have a negative effect on business, but every organization should take a page out of Tumblr’s book here regarding their response to the event and how they discovered it. Customers lose trust in businesses that mishandle their information, but they also respect when a company is making a serious effort to locate vulnerabilities and can handle a problem when it arises with swift action.

In other news:
When the Dating App Stands You Up
A dating app called Donald Daters was discovered to be exposing all user information on the open internet… including personal messages. The app’s goal is to help single Donald Trump supporters connect with one another, but instead exposed all that used it. The hacker that accessed the database was able to “collect profile data, including names, photos, personal messages, and the digital access tokens to log into their accounts.” The hacker also can delete the app’s data. Watch out where you put your personal information, people!
https://in.pcmag.com/news/126298/trump-themed-dating-app-found-leaking-users-private-chats

The Dark Web Monster
When looking for a job, usually you would check one of the many job hunting sites you see in commercials or circle ads in newspapers (at least at one point you did). Some people do something very similar… but on the Dark Web searching for an illicit job. Many job postings on the Dark Web seem like normal job ads. But when you look closer you will notice that advert for a driver not only needs the person to drive but also transport drugs. The driver would make $1,000 for a week of work, not including the living expense compensation. One of the more lucrative opportunities on the Dark Web job market is the corporate insider. The most common target is financial employees who, in one example, are offered $3,150 to get a loan or increase cash withdrawal limits on a card. Postal workers are also targeted to steal packages.

The Dark Web is lucrative for those willing to risk their job and possibly their freedom for money. Be careful of both insiders and the wide array of illicit software sold there.
https://www.darkreading.com/threat-intelligence/inside-the-dark-webs-help-wanted-ads/d/d-id/1333066

The week in BREACH!!

Success Rate of Phishing by Day

 

This week you’ll hear how a supply chain attack could snatch your customers’ credit card information right from underneath you and why Google+ goes bye-bye.

Dark Web ID Trends:

  • Total Compromises: 974
  • Top Source Hits: ID Theft Forum (501)
  • Top PIIs compromised: Domains (973)
    • Clear Text Passwords (498)
  • Top Company Size: 11-50
  • Top Industry: High-Tech & IT

United States – Shopper Approved
https://www.zdnet.com/article/new-magecart-hack-detected-at-shopper-approved/
Exploit: Malicious code.
Shopper Approved: Utah-based company that provides a review widget for other companies’ websites, that allows customers to post reviews.
Risk to Small Business: 2.111 = Severe: This is another attack conducted by one (or more) of the several groups who operate under a similar style, given the term Magecart as a general identifier. Magecart is also responsible for the hacking of Ticketmaster and British Airways.

If your business uses Shopper Approved, you should remove the code from your website immediately.

Individual Risk: 2.428 = Severe: Those affected by this breach should cancel their credit cards and enroll in a credit monitoring service.
Customers Impacted: Unclear how many customers were affected by this breach, but only sites with the widget code on their checkout pages had credit card information compromised. The incident only lasted 2 days before being discovered, a much shorter span than many of the other Magecart breaches.
How it Could Affect Your  Business: A breach of this kind can often go unknown for a long period of time while the hackers collect valuable user data and credit card information. Even though it is a third party who was breached, it will be your business that takes the PR damage.
ID Agent to the Rescue: Spotlight ID™ by ID Agent offers comprehensive identity monitoring that also includes credit monitoring. Learn more: https://www.idagent.com/identity-monitoring-programs
Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United States – Rebound Orthopedics and Neurosurgery
https://cyware.com/news/hackers-hit-rebound-orthopedics-neurosurgery-2800-patient-records-compromised-026125d8
Exploit: Compromised employee credentials.
Rebound Orthopedics and Neurosurgery: Vancouver-based orthopedics and neurosurgery practice.
Risk to Small Business: 1.555 = Severe: This breach would have a long-lasting effect on customer trust for any business, and in many countries the government will fine an organization heavily for failing to secure health data.
Individual Risk: 2.142 = Severe: Health information is valuable data for hackers and useful for identity theft. Those affected by this breach are at a severe risk for insurance fraud and identity theft.
Customers Impacted: 2800.
How it Could Affect Your Business: Organizations that store health information are held to a higher standard for securing data due to the sensitive nature of the information and HIPAA laws. When an organization fails to keep the data secure, it reflects very poorly on the company and usually results in a fine from the government.
ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach such as this. Learn more: https://www.idagent.com/identity-monitoring-programs
Risk Levels:
1 – Extreme Risk
2 – Severe Risk
3 – Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:

Google –
Google+ will be shutting down, and yes Google+ is (or at least was) still around. After exposing more than 500,000 users’ data to external developers, the tech giant has decided the best course of action is to close down the failed social network. This move makes sense given the recent outrage against Facebook after the social media site exposed 50 million people’s data. An unfortunately fitting ending to the continuously failing website.
https://www.yahoo.com/news/google-exposed-user-data-feared-repercussions-disclosing-public-170304936–finance.html?soc_src=newsroom&soc_trk=com.apple.UIKit.activity.CopyToPasteboard&.tsrc=newsroom

Podcasts:
Know Tech Talks – Hosted by Barb Paluszkiewicz
The Continuum Podcast
Security Now – Hosted by Steve Gibson, Leo Laporte
Defensive Security Podcast – Hosted by Jerry Bell (@maliciouslink) and Andrew Kalat (@lerg)
Small Business, Big Marketing – Australia’s #1 Marketing Show!


A note for you:
e-mail….ware
New research has revealed that a whopping 90% of all malware is delivered via email. The team also discovered that the average employee will not go 48 hours without seeing a phishing message.  In addition, over half of the phishing messages examined used the word “invoice” in the subject line. A little under a quarter (21%) of the flagged emails also had malicious attachments sent with the phishing message.

Watch out for suspicious emails! All it takes is one employee to fall for a phishing email and an entire organization can be compromised.

https://www.darkreading.com/attacks-breaches/most-malware-arrives-via-email/d/d-id/1333023

 

Need to learn more about your Dark Web exposure? Click Here!

Want some free tools to combat phishing? Click Here