The Week in Breach: 01/15/20 - 01/21/20

by Wally Moore

on January 23, 2020

in Hackers, Cybersecurity, Data Breach

The Week In Breach

DTS InfoTech is a hard-working Trusted Advisor for any business that has questions about computers, computer networks, and technology. One way to earn the title of Trusted Advisor is to provide FREE practical education in the technology field for visitors to our website.

Cybersecurity has become a matter of business life and death for computer and technology users of all types. With your security in mind, we are sharing Data Breach Examples in weekly posts entitled “This Week In Breach” from our friends at ID Agent.

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions to private and public sector organizations and millions of individuals impacted by cyber incidents.

Read this short article and learn about cybersecurity and Data Breach examples from the experts in the field. The life of your business may depend upon it.

By Kevin Lancaster

null

on Jan 22, 2020 5:07:22 PM

This week, phishing scams cost millions, oversights compromise customer data, and Magecart targets Australian brushfire donors.

Dark Web ID Trends:

Top Source Hits: ID Theft Forums
Top Compromise Type: Domain
Top Industry: High-Tech & IT
Top Employee Count: 1 - 10 Employees

United States - LimeLeads 

https://www.zdnet.com/article/49-million-user-records-from-us-data-broker-limeleads-put-up-for-sale-online/

Exploit:Unsecured database

LimeLeads:B2B lead generation service

extreme gauge

Risk to Small Business: 2 = Severe: LimeLeads failed to secure an internal server, allowing a prominent threat actor to acquire and subsequently sell the company’s data on the Dark Web. The data breach could have significant implications for the company, whose business model centers around brokering company data for marketing initiatives. Security researchers found that the database was publicly exposed since at least July 27, 2019, meaning that the company had ample time to secure the database before bad actors became involved. Now they must grapple with crippling losses, including the less quantifiable brand erosion that accompanies a data breach.

twib-severe

Individual Risk: 2.428 = Severe: Company data has been for sale since October 2019, spanning across personally identifiable information such as their names, titles, email addresses, employer/company names, addresses, phone numbers, and even total revenue numbers. This information can be strategically deployed in spear phishing attacks, so those impacted by the breach should be especially critical of online communications while also closely monitoring their accounts for suspicious or unusual information.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Customers and companies are increasingly unwilling to partner with organizations that can’t secure their data. Consequently, avoidable data breaches are an especially egregious way to compromise a company’s long-term viability. Inevitably, mistakes will be made, but identifying those errors and making corrections before hackers can capitalize on the information is critical to any defensive posture.

ID Agent to the Rescue: Compliance Manager™ automates data privacy standards, eliminating guesswork and ensuring efficiency at every stage. Learn more at: https://www.idagent.com/compliance-manager.

United States - New Albany Airport

https://www.cityandstateny.com/articles/policy/technology/albany-airport-authority-suffers-ransomware-attack.html

Exploit:Ransomware attack

New Albany Airport:New York-based airport authority

twib-severe

Risk to Small Business: 2.111 = Severe: A ransomware attack on one of the airport’s MSPs spread to its servers, encrypting backup files, administrative information, and other resources. Fortunately, the malware did not extend to the Albany International Airport or airline computers. However, the company was forced to pay a five-figure ransom to recover their information. The attack’s effectiveness was predicated on the organization’s outdated hardware and lax cybersecurity standards. In response, the New Albany Airport Authority terminated its contract with the MSP and is taking steps to upgrade its defensive posture.

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This incident underscores the cascading consequences of a data breach. For the New Albany Airport Authority, they will bear the financial cost of recovery while their MSP will lose an important contract since they failed to protect their customers’ IT. From both directions, it’s clear that data security failure is a deal breaker in today’s digital environment.

ID Agent to the Rescue: Helping you understand the importance of security is no easy task. Learn more here: https://www.idagent.com/goal-assist.

United States - Manor Independent School District 

https://www.usatoday.com/story/money/2020/01/17/email-phishing-scam-texas-school-district-manor/4498270002/

Exploit:Phishing scam

Manor Independent School District:Public school district

extreme gauge

Risk to Small Business: 1.777 = Severe: Hackers successfully executed a phishing scam against employees, and they used the stolen credentials to siphon $2.3 million from the district. It took three separate transactions to acquire a significant sum, but their efforts were ultimately successful. The lost funds are just the start of an expensive process that will undoubtedly involve updating cybersecurity protocols, implementing employee awareness training, and upgrading IT infrastructure.

twib-severe

Individual Risk: 2.428 = Severe: While the phishing scam didn’t compromise the district’s data, those implicated in the scheme submitted their account credentials to cybercriminals. They will need to update their account information to ensure its long-term security. At the same time, they should closely monitor their other accounts for unusual or suspicious activity.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: While some companies might be reticent to invest in employee awareness training, this incident demonstrates that the cost of a successful phishing scam far exceeds the expense of preventative measures. The district is working to recoup lost funds but is not likely to emerge unscathed. This news offers a cautionary tale for organizations of all shapes and sizes; preventative measures are only effective if they are implemented before a breach occurs.

ID Agent to the Rescue: BullPhish IDTM simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.

Canada - PlanetDrugsDirect

https://www.bleepingcomputer.com/news/security/online-pharmacy-planetdrugsdirect-discloses-security-breach/

Exploit:Exposed client data

PlanetDrugsDirect:Online pharmacy

twib-severe

Risk to Small Business: 1.666 = Severe: PlanetDrugsDirect sent emails and direct mail to its customers, notifying them of a data breach that compromised customers’ personal health information (PHI). In addition to customer blowback, PlanetDrugsDirect will face intense regulatory scrutiny because of the sensitive nature of the data compromised. Additionally, their response was ambiguous at best, minimizing the company’s ability to begin restoring customer confidence in the wake of the data breach.

Individual Risk: At this time, no personal information was compromised in the breach.

twib-severe

Individual Risk: 2 = Severe: According to the company, hackers accessed customers’ names, addresses, email addresses, phone numbers, medical information, and payment information. Those impacted by the breach should notify their financial institutions of the event. PlanetDrugsDirect is asking all customers to closely monitor their bank account and credit account activity. Increased vigilance surrounding online communications is key, as this information is often used to execute phishing scams and other cybercrimes.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: PlanetDrugsDirect sent emails and direct mail to its customers, notifying them of a data breach that compromised customers’ personal health information (PHI). In addition to customer blowback, PlanetDrugsDirect will face intense regulatory scrutiny because of the sensitive nature of the data compromised. Additionally, their response was ambiguous at best, minimizing the company’s ability to begin restoring customer confidence in the wake of the data breach.

ID Agent to the Rescue: With BullPhish ID, DTS InfoTech can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.

Canada - City of Corner Brook 

https://www.cbc.ca/news/canada/newfoundland-labrador/corner-brook-privacy-1.5429593

Exploit:Unauthorized database access

City of Corner Brook:Local municipality

twib-severe

Risk to Small Business: 2 = Severe: On four occasions, hackers accessed private information on the city’s website that included peoples’ personally identifiable information. Specifically, the data related to a previous voters’ directory. After identifying the breach, the city brought the entire system offline to prevent further access while officials investigate the nature and scope of the attack.

twib-severe

Individual Risk: 2.428 = Severe: The data breach included a voters’ list comprised of residents’ names and dates of birth. While the city is designating the information “low risk,” those impacted by the breach should carefully monitor their accounts. Login information that is reused across accounts can be leveraged in phishing scams that can compromise even more critical personal data.

Customers Impacted: 10,000
How it Could Affect Your Customers’ Business: Cybercriminals often pursue soft targets, organizations or institutions with weak cybersecurity standards. Budgetary restrictions are a real hurdle to cyber defense, but any organization can improve its defensive posture by implementing simple best practices, like two-factor authentication, to secure accounts and IT infrastructure.

ID Agent to the Rescue: With AuthAnvilTM, you can protect valuable IT by securing employee accounts. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your credentials and your data. Find out more at: https://www.idagent.com/authanvil-multi-factor-authentication.

Germany - Bithouse Inc. 

https://www.infosecurity-magazine.com/news/peekaboo-moments-data-breach/

Exploit:Unsecured database

Bithouse Inc.:App developer

twib-severe

Risk to Small Business: 2.111 = Severe: Security researchers discovered an exposed database for Bithouse Inc.’s Peekaboo Moments app. The software is used by parents to collect photos and videos of their children’s memorable moments, making the exposure of this information to the open internet a serious privacy violation that is certain to have significant consequences for developers. The exposed database included files dating back to March 2019, and security researchers described their IT infrastructure as “bizarrely done and grossly insecure.” Customer blowback and the subsequent financial repercussions will be considerable.

twib-severe

Individual Risk: 2.428 = Severe: In addition to user email addresses, photos and videos collected by app users were available on the exposed database. This information could be deployed in additional cyberattacks, including phishing campaigns, but the most significant violation is a profound privacy intrusion due to company negligence.

Customers Impacted: 800,000
How it Could Affect Your Customers’ Business: Bithouse Inc. is enduring serious media scrutiny because of the uniquely sensitive nature of the content. Ultimately, functionality, accessibility, or even novelty can’t supplant data security. The episode should serve as a lesson to every company collecting personal information and encourage developing digital platforms to rethink their data security postures.

ID Agent to the Rescue: It’s critical that you understand the importance of cybersecurity. Learn more here: https://www.idagent.com/goal-assist.

United Kingdom - Fresh Film Productions

https://www.verdict.co.uk/fresh-film-data-breach-dove/

Exploit:Unsecured database

Fresh Film Productions:Advert film production company

extreme gauge

Risk to Small Business: 2 = Severe: The production company failed to secure a company database, accidentally sharing their personally identifiable information (PII) online. After learning of the incident, the company immediately secured the database, but the server has been publicly available since 2018 and was accessed by cybercriminals. Most notably, the database contained the personal information of 40 men who participated in a Dove Men Plato ad campaign.

twib-severe

Individual Risk: 1.666 = Severe: The exposed database included personally identifiable information, including names, addresses, email addresses, telephone numbers, dates of birth, and bank details. Those affected need to notify their financial institutions of the breach and consider enrolling in identity and credit monitoring services to protect their information against additional cybercrimes or fraud attempts.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: For many consumers, trust in a brand’s data security standards is a prerequisite for doing business. Therefore, companies that fail to avoid even the most preventable data disasters are not well-positioned for success in today’s breach-averse culture. To be a successful, impactful organization, data security has to be a top priority.

ID Agent to the Rescue: With Compliance Manager, any company can automate data privacy standards and documentation responsibilities, making compliance a simple, intuitive process for everyone. Click the link to get started today: https://www.idagent.com/compliance-manager.

Australia - P&N Bank 

https://www.zdnet.com/article/p-n-bank-discloses-data-breach-customer-pii-account-information-stolen/

Exploit:Information breach

P&N Bank:Financial services provider

twib-severe

Risk to Small Business: 1.777 = Severe: A third-party partner with P&N Bank was accessed by hackers, compromising the bank’s customer data. The breach occurred during a December server upgrade. In response, P&N shut down the servers to prevent further access or infiltration. Unfortunately, they may not have acted quickly enough, and will now have to manage the trifecta of customer outrage, media scrutiny, and regulatory oversight that’s likely to accompany the event.

twib-severe

Individual Risk: 2.285 = Severe: Although the bank doesn’t believe that customer data was misused, hackers could have accessed customers’ names, addresses, email addresses, phone numbers, customer numbers, ages, account numbers, and account balances. Those impacted by the breach should carefully monitor their accounts for unusual activity and enrolling in credit or identity monitoring services can ensure that their personal information remains secure.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: In every sector, third-party partnerships are proving to be a vulnerability when it comes to data security. While these collaborations are often necessary to provide a compelling customer experience, data security should be a central element of the vetting process. Otherwise, what companies gain from increased functionality could be lost to the steep consequences of a data breach.

ID Agent to the Rescue: Dark Web ID can find out how payment data is being used on the Dark Web, even in the case of a malware attack. We work with you to strengthen your security by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web.

Risk Levels:

1 - 1.5 = Extreme Risk

1.51 - 2.49 = Severe Risk

2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

DTS is very good at cybersecurity solutions for small businesses.

Seriously, we are, and we can prove it. We like being heroes!

We also know how intimidating technology can be, we make a living helping business owners and managers just like you who have questions about all things technology, and that includes cybersecurity.

Most small businesses do not have the technical resources or time to understand all this geek stuff. If this describes you, let us help you.

If you would like more information about cybersecurity as a service give us a call, we’re always happy to chat, and the call is FREE, every time you call!

Return to the Learning Center

Dedicated to your success,

Wally Moore

Business Development Manager

dts|infotech . . . secure computer networks that work

503.359.1275

www.dtsinfotech.com

GET HELP NOW