The Week in Breach: 12/25/19 - 12/31/19

by Wally Moore

on January 6, 2020

in Data Breach

DTS InfoTech is a hard-working Trusted Advisor for any business that has questions about computers, computer networks, and technology. One way to earn the title of Trusted Advisor is to provide FREE practical education in the technology field for visitors to our website.

Data Breach

Cybersecurity has become a matter of business life and death for computer and technology users of all types. With your security in mind, we are sharing Data Breach Examples in weekly posts entitled “This Week In Breach” from our friends at ID Agent.

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions to private and public sector organizations and millions of individuals impacted by cyber incidents.

Read this short article and learn about cybersecurity and Data Breach examples from the experts in the field. The life of your business may depend upon it.

By Kevin Lancaster

Jan 2, 2020 4:19:34 PM
This week, ransomware brings bad news for employees, dating app users endure a serious privacy breach, and too many companies are giving in to criminals’ demands.

Dark Web ID Trends:
Top Source Hits: ID Theft Forums
Top Compromise Type: Domain
Top Industry: High-Tech & IT
Top Employee Count: 11 - 50 Employees

United States - The Heritage Company 
https://www.scmagazine.com/home/security-news/ransomware/ransomware-shuts-down-the-heritage-company/

Exploit: Ransomware
The Heritage Company: Telemarketing firm

Severity Meter

Risk to Small Business: 2.333 = Severe: A ransomware attack forced The Heritage Company to temporarily shutter its operations, even after making a ransom payment to release their critical IT infrastructure. IT admins were unable to use the decryption key to access company data, resulting in the company’s CEO notifying employees that they would not be able to return to work until at least January 2nd. The attack has already cost the company hundreds of thousands of dollars. If they can’t recoup their valuable information, it’s possible that this ransomware attack could permanently cripple their business.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware can feel like an inevitability in today’s digital landscape, but SMBs have many tools at their disposal to protect their critical information. Notably, ransomware always requires a foothold to infiltrate a company, and this avenue is often achieved through known exploits in legacy systems or phishing scams that induce employees to grant network access to cybercriminals. By addressing these known flaws, companies can improve their defenses against this costly risk.

ID Agent to the Rescue: BullPhish ID™ simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.

United States - Ring
https://au.news.yahoo.com/over-1-500-ring-passwords-193629561.html

Exploit: Accidental data sharing
Ring: Video doorbell and security camera maker

Severity Meter

Risk to Small Business: 2 = Severe: Security researchers discovered Ring users’ account credentials posted on the Dark Web. The information could provide hackers with front door access to customer accounts. Given the sensitive nature of their business, this type of access could be especially problematic for users. Moreover, the episode is the company’s second cybersecurity incident this year, which raises questions about their efficacy in an industry that demands excellence when it comes to data security and privacy.

Severity Meter

Individual Risk: 2.285 = Severe: Usernames and passwords are often used to directly access user accounts where criminals can steal additional information or otherwise wreak havoc. While Ring told customers that they are actively monitoring for unusual account activity, users should update their passwords and enable two-factor authentication to ensure that hackers can’t deploy this readily available information to access their accounts.

Customers Impacted: 1,562

How it Could Affect Your Customers’ Business: Ring is emblematic of the consequences of failing to embrace data security as a top priority. As a result of multiple data security instances and allegations of weak data privacy standards, Ring has endured significant brand erosion, and these episodes continue to degrade their competitive advantage. In an industry where customers have many options to choose from, this could be a serious factor in the company’s future financial success.

ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID™ is the leading Dark Web monitoring platform available. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact.

United States - Center for Healthcare Services 
https://www.expressnews.com/business/health-care/article/Cyber-attack-shuts-down-computers-at-San-Antonio-14930383.php

Exploit: Ransomware
Center for Healthcare Services: Mental health and substance abuse services provider

Severity Meter

Risk to Small Business: 2.111 = Severe: A ransomware attack disabled a server for the Center for Healthcare Services, and IT administrators brought the entire network offline to prevent information from spreading. The company was forced to put paper signs on the doors reminding employees not to turn on their computers, and services were mostly unavailable over the Christmas holiday. The healthcare services provider is soliciting support from the FBI and other agencies to help identify the attacker and restore their services.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Unfortunately, once ransomware takes root, companies are guaranteed to pay a hefty sum to restore their services and operations. Whether paying hackers to decrypt information or hiring cybersecurity specialists to restore from backups, the price tag can be enormous. When coupled with the opportunity costs that accompany system outages, the ROI on preventative measures becomes obvious in the face of ransomware and other attack vectors.

ID Agent to the Rescue: Helping your business understand the importance of security is no easy task. With Goal Assist™, we offer hands-on assistance. Learn more here: https://www.idagent.com/goal-assist.

United States - PayPal
https://www.bleepingcomputer.com/news/security/paypal-phishing-attack-promises-to-secure-accounts-steals-everything/

Exploit: Phishing attack
PayPal: Online payment platform

Severity Meter

Risk to Small Business: 2.333 = Severe: Some PayPal users are receiving phishing emails purportedly notifying of unusual account activity and requiring users to verify their personal information to restore full account access. The hackers fabricate a sense of urgency by noting that user accounts will be disabled until they confirm their identity. Although the messages contain many tell-tale signs of a phishing scam, they pose a serious risk to PayPal customers and the company’s reputation.

Severity Meter

Individual Risk: 2.428 = Severe: Although recipients have to provide their personal information to be at risk, anyone who responds to this email has compromised nearly all of their personally identifiable information. If that’s the case, they should immediately report the activity to PayPal, as well as to their other financial institutions. Unfortunately, this information can be used to perpetuate more than just financial crimes, and those who were compromised should also enroll in an identity monitoring services to ensure that their information isn’t being misused in other ways.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: As we’ve reported on our blog, the latest phishing attack trends have adopted many of the hallmarks of internet security, including HTTPs encryption, to dupe unsuspecting recipients into compromising critical data. Although such attacks are difficult to spot, SMBs can ensure that their employees serve as the first-line of defense by implementing consistent awareness training that keeps employees abreast of the latest trends.

ID Agent to the Rescue: Designed to protect against human error, BullPhish ID simulates phishing attacks and manages security awareness training campaigns to educate employees, making them the best defense against cybercrime. Learn more here: https://www.idagent.com/bullphish-id.

Canada - Shaw 
https://www.cbc.ca/news/canada/calgary/shaw-data-breach-1.5398324

Exploit: Stolen device
Shaw: Telecommunications provider

Severity Meter

Risk to Small Business: 2.333 = Severe: This month, Shaw customers were notified of a data breach stemming from a stolen device that was taken on June 22. The company computer included customer data. Although the episode was reported to the police when it occurred, it’s unclear why the company waited so long to notify customers of the incident. The breach is unlikely to significantly impact customer security, but their poor response will heighten the reputational damage and customer blow-back that always follows a data breach.

Moderate severity meter

Individual Risk: 2.571 = Moderate: Some customers’ personally identifiable information was available on the employee’s laptop, including names, account numbers, and a list of subscription services. In response, the company is encouraging those impacted by the breach to change their account passwords and to enable two-factor authentication to secure their data.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: There are many ways that company and customer data can make its way into the wrong hands. However, there are steps that every organization can take to ensure that customer and employee accounts remain secure. For instance, by requiring strong, unique passwords and by enabling multi-factor authentication, SMBs can ensure that hackers don’t have easy access to critical information.

ID Agent to the Rescue: With AuthAnvil™, you can protect your employees’ password integrity. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your credentials and your data. Find out more at: https://www.idagent.com/authanvil-multi-factor-authentication.

Canada - Plenty of Fish 
https://www.techradar.com/uk/news/plenty-of-fish-leaks-private-user-information

Exploit: Accidental data sharing
Plenty of Fish: Dating website

Severity Meter

Risk to Small Business: 1.888 = Severe: Plenty of Fish users experienced a stunning data privacy breach when the platform’s mobile app was discovered to be displaying information that users set to private. The breach not only includes digital details about their dating lives but also real-world information that could place their safety at risk. Although developers quickly repaired the flaw after being notified by security researchers, their efforts cannot recoup any information already exposed, and the oversight will inflict serious damage on the platform’s reputation.

Severity Meter

Individual Risk: 2.285 = Severe: Personal details, including first names and postal codes, were openly available to anyone who knew where to look. Those impacted by the breach should be especially critical of communication on the platform, and they should always place their safety first when engaging with other users.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Lax data security standards can undo the benefits of even the most prolific technological features. In this case, Plenty of Fish is operating in a competitive online space, and incidents like this will make it more difficult to attract users and preserve customer loyalty. With many options to choose from, customers are unlikely to work with platforms that can’t protect their data.

ID Agent to the Rescue: It’s critical that businesses understand the importance of cybersecurity. Learn more here: https://www.idagent.com/goal-assist.

Germany - Frankfurt
https://www.zdnet.com/article/frankfurt-shuts-down-it-network-following-emotet-infection/

Exploit: Malware
Frankfurt: Local municipality

Severity Meter

Risk to Small Business: 1.666 = Severe: A deep-seated ransomware attack has forced authorities to shut down the city’s entire IT network. The city was infected with Emotet ransomware, which generates revenue by overtaking networks and renting access to other malware groups, including ransomware distributors. Although the malware was ultimately contained, it cost companies in time and money since they were unable to access critical web services during the outage.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Cyber attacks can cost companies in a myriad of ways. Not only is it expensive to repair damaged IT infrastructure, but the opportunity cost can be cascading, inflicting ever-growing costs on companies unlucky enough to fall victim to an attack. This reality should increase the impetus to review your organization’s defensive posture, as a failure in this regard can be incredibly expensive.

ID Agent to the Rescue: With BullPhish ID, businesses can receive a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.

Australia - Primus Realty 
https://www.watoday.com.au/national/western-australia/credit-card-and-other-details-of-perth-rental-applicants-may-have-been-public-for-21-months-20191224-p53mqi.html

Exploit: Accidental data sharing
Primus Realty: Real estate service provider

severe meter

Risk to Small Business: 2 = Severe: A broad technological oversight allowed customer data acquired from tenancy applications to be published to the company’s website. This information was publicly available for more than a year, and, upon learning of the incident, customers took to the media to express their displeasure at the incident. In an era where data security is much more than just a footnote, this episode could cost Primus Realty, as it will certainly lead to brand erosion and customer defections.

Individual Risk: No personal information was compromised in the breach.

severe meter

Individual Risk: 2 = Severe: The data breach included customers personal information, including their names, dates of birth, addresses, telephone numbers, driver license numbers, passport details, birth certificates, and Medicare numbers. In addition, various financial documents were made available online. Primus Realty is encouraging anyone impacted by the breach to notify their financial institutions of the episode and to enroll in identity monitoring services to ensure that their information isn’t being misused by hackers.

Customers Impacted: 750

How it Could Affect Your Customers’ Business: Data breaches bring a flurry of negative consequences, so an unforced error is an especially egregious way to damage their bottom line and jeopardize long-term opportunities. Already, Primus Realty is experiencing the negative press coverage and customer complaints that often accompany a breach. Unfortunately, the negative consequences for the company are likely just beginning.

ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with businesses to strengthen their security suite by offering industry-leading detection. Discover more at: https://www.idagent.com/dark-web.

Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

DTS InfoTech can help

DTS is very good at data breach solutions for small businesses. Seriously, we are, and we can prove it. We like being heroes!

We also know how intimidating technology can be, we make a living helping business owners and managers just like you who have questions about all things technology, and that includes data breach.

Most small businesses do not have the technical resources or time to understand all this geek stuff. If this describes you, let us help you.

If you would like more information about data breach as a service give us a call, we’re always happy to chat, and the call is FREE, every time you call!

Return to the Learning Center

Dedicated to your success,

Wally Moore

Business Development Manager

dts|infotech . . . secure computer networks that work

503.359.1275

GET HELP NOW