The Week in Breach: 03/05/20 - 03/11/20

Ransomware

DTS InfoTech is a hard-working Trusted Advisor for any business that has questions about computers, computer networks, and technology. One way to earn the title of Trusted Advisor is to provide FREE practical education in the technology field for visitors to our website.

Cybersecurity has become a matter of business life and death for computer and technology users of all types. With your security in mind, we are sharing Data Breach Examples in weekly posts entitled “This Week In Breach” from our friends at ID Agent.

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions to private and public sector organizations and millions of individuals impacted by cyber incidents.

Read this short article and learn about cybersecurity and Data Breach examples from the experts in the field. The life of your business may depend upon it.

March 12th, 2020 by Kevin Lancaster

This week, ransomware puts contracts at risk, startups struggle to secure customer data, big security errors lead to big fines, and the rise of Coronavirus-related phishing scams.

Dark Web ID Trends:

  • Top Source Hits: ID Theft Forums
  • Top Compromise Type: Domain
  • Top Industry: Media & Entertainment
  • Top Employee Count: 251 – 500

United States – Visser Precision

https://techcrunch.com/2020/03/01/visser-breach/

Exploit: Ransomware.

Visser Precision: Parts manufacturer for space and defense contractors.

Severe Risk

Risk to Small Business: 2.111 = Severe:
Visser Precision was infected with data exfiltrating ransomware that stole  proprietary information before encrypting IT systems. Based on documents published online, it appears that hackers obtained company data, including a list of clients, nondisclosure agreements, and some development plans. This incident reflects a growing trend in ransomware attacks – cybercriminals are increasingly stealing company data before encrypting critical IT systems, and organizations don’t detect it until it’s too late.

Individual Risk: No personal information was compromised in this breach.

Customers Impacted: Unknown.

How it Could Affect Your Customers’ Business: Ransomware attacks not only negatively impact productivity and manufacturing, they also negatively impact growth. Companies like Visser Precision have many high-profile and mission-critical clients. Cybersecurity incidents can put those organizations at risk, making them less likely to do business with companies that have data security issues.

ID Agent to the Rescue: Helping you understand the importance of security is no easy task. Learn more here: https://www.idagent.com/goal-assist.

United States – Riverview Health

https://www.beckershospitalreview.com/cybersecurity/indiana-hospital-alerts-2-600-patients-of-human-error-data-breach.html

Exploit: Accidental data sharing.

Riverview Health: Healthcare provider.

Severe Risk

Risk to Small Business: 2.333 = Severe:
On January 14, 2020, an employee inadvertently sent notification letters that intermixed patients’ names and addresses. The messages were delivered to the appropriate addresses, but they included the incorrect patient name. In today’s digital landscape, even small clerical errors can have significant consequences as both customers and regulators look to punish companies that fail to secure personal information.

Severity Meter

Individual Risk: 2.714 = Moderate:
Patients’ names and addresses were compromised in the breach. Riverview Health maintains that the risk of data misuse is very low, but victims should still be aware that this information can be used for nefarious purposes and take precautions to ensure that their information is secure.

Customers Impacted: 2,610

How it Could Affect Your Customers’ Business: The biggest threat to your data isn’t cybercriminals, its human error. With customer blowback and regulatory penalties increasing, every organization needs to take steps to mitigate the risk posed by staff mistakes. Implementing protocols and increasing training about the pitfalls presented by phishing attacks and data sharing errors can significantly reduce your organization’s exposure to a data breach.

ID Agent to the Rescue: With BullPhish IDTM, we can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of your organization into your strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.

United States – J Crew

https://www.retaildive.com/news/j-crew-reports-data-breach-of-customer-accounts/573543/

Exploit: Unauthorized database access.

J Crew: Clothing retailer.

Severity Meter

Risk to Small Business: 2.111 = Severe:
J Crew identified a data breach that took place in April 2019. In response, the company has disabled all impacted accounts, and advised all customers to reset their account credentials. The incident follows cybersecurity lapses at other prominent retailers at a time in which many consumers are shunning companies that don’t secure their information. The lengthy identification and reporting time will likely open the organization up to additional regulatory scrutiny that could further erode its brand reputation and bottom line.

Severe Risk

Individual Risk: 2.428 = Severe:
Hackers accessed customers’ account login credentials, email addresses, and passwords. Partial payment card data and order information was also compromised. The company has closed the impacted accounts, but all J Crew customers should take steps to protect their personal information.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: With threats coming from multiple directions, every organization must enact strong cybersecurity defenses to ensure that they are ready to address potential threats and keep their clients’ data safe – and avoid the brand-eroding fallout that comes from a cybersecurity disaster. In doing so, they can minimize the consequences of a breach, keep customer data off the Dark Web, and promote a rapid recovery.

ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web IDTM is the leading Dark Web monitoring platform in available. Our award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact.

Canada – Charlottetown, P.E.I.

https://www.thetelegram.com/news/canada/data-breach-follows-pei-ransomware-attack-418350/

Exploit: Ransomeware.

Charlottetown, P.E.I: Provincial government.

Severe Risk

Risk to Small Business: 1.666 = Severe:
One week after this provincial government experienced a ransomware attack, internal government documents began appearing online. Specifically, financial reports, bank statements, and payment details related to its Agriculture Stability Program. Unfortunately, hackers noted that the released information represents just a portion of a 200 GB cache stolen from the government. This tactic is increasingly common with a ransomware attack and multiplies the damage done by the incident.

Severe Risk

Individual Risk: 2.285 = Severe:
Hackers released program documents that included sensitive data like names, SIN numbers, contact information, and business details. This information can be used to execute spear phishing scams, sold on the Dark Web or tapped to perpetuate other malicious activities. Those impacted should carefully scrutinize digital communications and monitor accounts for unusual or suspicious activity.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business:  Ransomware attacks were already one of the most costly and devastating cyberattacks. Hackers are upping the stakes by stealing data before encrypting critical digital infrastructure. Now the cost and impact of lost data is part of the equation when considering the recovery expenses, productivity decline, and reputational damage that already accompanies a ransomware attack. 

ID Agent to the Rescue: All of that stolen data can end up on the Dark Web, leading to even more serious consequences. Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with you to strengthen your security suite by offering industry-leading detection. Discover more at https://www.idagent.com/dark-web/.

Canada – Simon Fraser University

http://globalnews.ca/news/6620351/sfu-data-breach/

Exploit: Ransomware.

Simon Fraser University: Public academic institution.

Severe Risk

Risk to Small Business: 1.555 = Severe:
A ransomware attack provided hackers access to personal data that they then exfiltrated from the university’s network before encrypting certain IT elements. The breach effects some faculty, staff, students, alumni, and retirees who had a relationship with Simon Fraser University before June 20, 2019. Although the breach was limited in scope, the school recommends that users reset their account passwords. The incident was discovered on February 27, 2020 and contained within 24 hours, but the university will still face regulatory scrutiny and possible public backlash due to the sensitive nature of the event.

Severe Risk

Individual Risk: 2.142 = Severe:
Before encrypting the school’s network, hackers accessed student and employee names, numbers, birth dates, email addresses, mail list memberships, course enrollments, and encrypted passwords. This information can be used to craft convincing phishing scams that, if acted upon, can compromise even more personal data. Those impacted should carefully evaluate incoming messages requesting confirmation of personal data and take steps to ensure that their information isn’t being misused.

Customers Impacted: Unknown.

How it Could Affect Your Customers’ Business: Already a major menace, hackers have upped their game when executing ransomware attacks, making incidents even more costly, invasive, and destructive. Every company needs to review its defensive posture to ensure that it is taking the basic steps necessary to mitigate the risk of ransomware. Since this malware always requires a foothold, every company can actively take steps to prevent it from being the next victim.

ID Agent to the Rescue: It’s critical that you understand the importance of dynamic cybersecurity in response to today’s evolving threats. Learn more here: https://www.idagent.com/goal-assist.

United Kingdom – Loqbox

https://www.infosecurity-magazine.com/news/hackers-steal-customer-data-uk/

Exploit: Data compromise.

Loqbox: Credit score builder.

Severe Risk

Risk to Small Business: 1.777 = Severe:
A cyberattack on February 20, 2020 compromised customers’ personal data and payment information but didn’t impact customer funds. The company admitted that the breach occurred because of a known vulnerability, raising questions about the priority of data security at the fintech startup. Now Loqbox is poised to experience significant customer blowback and regulatory scrutiny as it falls under the purview of Europe’s GDPR.

Severe Risk

Individual Risk: 2 = Severe:
The breach included personal information that could be used to target customers with highly convincing spear phishing emails. In addition to customer names, hackers acquired their dates of birth, addresses and phone numbers, plus financial data like partial credit card numbers, expiration dates, and bank account numbers. Those impacted by the breach should immediately notify their financial institutions and strongly consider enrolling in credit and identity monitoring services.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Over the past several years, data breaches have compromised billions of login credentials, giving hackers front-door access to your data and systems. Every company should add improved security to its login process by enabling simple, efficacious measures like two-factor authentication to keep accounts secure.

ID Agent to the Rescue: With AuthAnvilTM, integrated multi-factor authentication, single sign-on, and identity management solutions protect your users’ login credentials and your data. Find out more at https://www.idagent.com/authanvil-multi-factor-authentication

United Kingdom – Cathay Pacific

https://www.darkreading.com/attacks-breaches/cathay-pacific-hit-with-fine-for-long-lasting-breach/d/d-id/1337232

Exploit: Unauthorized database access.

Cathay Pacific: International airline.

Severe Risk

Risk to Small Business: 2 = Severe:
Cathay Pacific was recently hammered with a fine totaling £500,000 as a result of its failure to identify and address a data breach that lasted for more than four years. While the ruling offers a 20% discount if Cathay Pacific pays the penalty by March 12, the penalty is still a significant financial hit to the international airline. The company was cited for multiple “security inadequacies” including failing to encrypt databases containing customers’ personal data, a slow response to a known security vulnerability, and lengthy communication delays that further jeopardized customer information. 

Severe Risk

Risk to Small Business: 2.428 = Severe:
The data breach included a treasure trove of Cathay Pacific customers’ personal data, including names, nationalities, birthdates, phone numbers, email addresses, mailing addresses, passport information, and other company-specific information. Those impacted by the breach should be sure to reset their airline account credentials and any other accounts using similar information. In addition, they should be aware that this kind of data is often used to develop sophisticated, personalized spear phishing attacks that further compromise personal information.

Customers Impacted: 9,400,000

How it Could Affect Your Customers’ Business: Regulatory penalties are on the rise as regulators and legislators seek to punish companies that incur a data breach without having adequate data security protocols or incident response plans in place. In this case GDPR’s governing body issued the fine, but governments around the world are imposing substantial fines on companies that fail to protect their customer data – and those fines are climbing every day.

ID Agent to the Rescue: With Compliance ManagerTM, any company can automate data privacy standards and documentation responsibilities, making compliance a simple, intuitive process for everyone. Click the link to get started today: https://www.idagent.com/compliance-manager

Australia – Alinta Energy

https://www.abc.net.au/radionational/programs/breakfast/alinta-energy-accused-of-endangering-privacy/12015496

Exploit: Unauthorized data sharing.

Alinta Energy: Private energy and gas company.

Severe Risk

Risk to Small Business: 1.777 = Severe:
Alinta Energy is under intense scrutiny after a whistleblower exposed the company’s improper storage of customers’ personal information in overseas storage. This possible violation of Australia’s privacy laws could have a significant impact on its bottom line. At the same time, the brand erosion and degradation of customer trust engendered by this situation could magnify the consequences for Alinta Energy.

Severe Risk

Individual Risk: 2.428 = Severe:
According to the whistleblower, customer information including addresses, credit card information, and phone numbers are being stored overseas. Customers should be aware of this compliance oversight, taking special care to review their accounts and to advocate for their personal information to be adequately protected and managed.

Customers Impacted: 1,100,000

How it Could Affect Your Customers’ Business: Today’s global data privacy landscape is expansive and convoluted, making it challenging for any company to adhere to the many new laws hitting the books. But this challenging landscape isn’t an excuse for companies to fail at compliance. Instead, they need to attain the resources and support necessary to ensure that they have the infrastructure in place to adhere to the flurry of emerging data privacy regulations.

ID Agent to the Rescue: Compliance Manager automates data privacy standards, eliminating guesswork and ensuring efficiency at every stage. Learn more at https://www.idagent.com/compliance-manager

Risk Levels:

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

In Other News

60% of UK Consumers Impacted By a Data Breach in 2019

As expected, 2019 was a devastating year for data breach victims. As more year-end studies are completed and released, we’re learning more about who was effected the most. According to a recent report, nearly 60% of UK consumers were impacted by a data breach last year, a staggering total that underscores the personal implications of the more than 7,000 data breaches that affected UK companies in 2019.

The report noted the potential consequences of such an extensive breach environment, including cybercriminals using the sensitive personal and financial information that they collected from users as a gateway to deploy other cyberattack tactics like spear phishing that can compromise sensitive information, data, and systems even more severely.

Although the number of breaches hasn’t increased significantly, the amount of compromised records has escalated. The number of records that have been compromised has tripled since 2018, surpassing 15 billion this year. This 300% year-over-year increase should encourage companies to seek solutions that can monitor the Dark Web for their data to preempt further hacking attempts. At the same time, training employees to identify and neutralize increasingly sophisticated spear phishing campaigns is an absolute prerequisite for a capable defensive posture in 2020. https://securityboulevard.com/2020/02/almost-60-of-uk-consumers-affected-by-data-breaches-in-2019/

DTS is very good at cybersecurity solutions for small businesses. Seriously, we are, and we can prove it. We like being heroes!

We also know how intimidating technology can be, we make a living helping business owners and managers just like you who have questions about all things technology, and that includes cybersecurity.

Most small businesses do not have the technical resources or time to understand all this geek stuff. If this describes you, let us help you.

If you would like more information about cybersecurity as a service give us a call, we’re always happy to chat, and the call is FREE, every time you call!

Return to the Learning Center

Dedicated to your success,

Wally Moore

Business Development Manager

dts|infotech . . . secure computer networks that work

503.359.1275

www.dtsinfotech.com

GET HELP NOW