The Week In Breach 4/1/2020 to 4/7/2020

The Week In Breach

The Week In Breach

DTS InfoTech is a hard-working Trusted Advisor for any business that has questions about computers, computer networks, and technology. One way to earn the title of Trusted Advisor is to provide FREE practical education in the technology field for visitors to our website.

Cybersecurity has become a matter of business life and death for computer and technology users of all types. With your security in mind, we are sharing Data Breach Examples in weekly posts entitled “This Week In Breach” from our friends at ID Agent.

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions to private and public sector organizations and millions of individuals impacted by cyber incidents.

Read this short article and learn about cybersecurity and Data Breach examples from the experts in the field. The life of your business may depend upon it.

This week, we’re proud to introduce you to Passly, our new, state-of-the-art Secure Identity and Access Management solution!

Plus: ransomware slows COVID-19 treatment development, malware targets online shoppers, and phishing scams jump by 667% in a month.

Dark Web ID Trends:

  • Top Source Hits: ID Theft Forums
  • Top Compromise Type: Domain
  • Top Industry: Medical & Healthcare
  • Top Employee Count: 11-50

United States – Social Bluebook

https://techcrunch.com/2020/03/27/social-bluebook-hacked/

Exploit: Unauthorized database access 

Social Bluebook: Social media platform  

Severity Meter

Risk to Small Business: 2.117 = Severe
Cybercriminals exfiltrated a company database containing personal information from thousands of internet influencers. Embarrassingly, the breach, which occurred in October 2019, was identified by TechCrunch reporters who were sent a copy of the stolen database. In a statement, the company claimed to be ignorant of the breach, raising serious questions about the efficacy of its cybersecurity strategy. This incident is likely to have significant blowback from well-connected influencers on social media and invite regulatory scrutiny on many fronts.

Severity Meter

Individual Risk: 2.122 = Severe
The stolen database contains account information for 217,000 users. This includes names, email addresses, and hashed and scrambled passwords. Those impacted by the breach should immediately update their login credentials for this website and any other service using the same information, plus closely monitor their accounts for unusual or suspicious activity.  

Customers Impacted: 217,000

How it Could Affect Your Customers’ Business: Hackers frequently target social media influencers because of their large public following. Therefore, companies catering to this clientele need to be prepared to protect their users’ valuable personal data. If they can’t, these influencers will almost certainly tell their followers all about it, a principle that applies to a growing number of consumers in every sector.

ID Agent to the Rescue: Helping you understand the importance of security is no easy task. Learn more here: https://www.idagent.com/goal-assist

United States – Ozark Orthopaedics 

https://ryortho.com/breaking/ozark-orthopaedics-data-breach-exposes-over-15000-patients/

Exploit: Phishing scam

Ozark Orthopaedics: Orthopedic healthcare practice

Severity Meter

Risk to Small Business: 2.113 = Severe
Four employees fell for a phishing scam and gave hackers access to email accounts containing patient data. The scope of the data breach that occurred in late 2019 was just released by the healthcare provider, creating questions about the practice’s cybersecurity practices. As a result, patients were unable to quickly take steps to protect their identities and Ozark Orthopaedics has opened itself up to regulatory scrutiny that could result in substantial financial penalties.

Severity Meter

Individual Risk: 1.775 = Severe
Patients’ personally identifiable information was exposed in the breach, including their names, treatment information, Medicare or Medicaid identification numbers, Social Security numbers, and financial account information. In the wrong hands, this information can be used in a litany of financial or identity-related crimes. Those impacted by the breach should immediately enroll in credit and identity monitoring services to secure their personal information.

Customers Impacted: 15,240

How it Could Affect Your Customers’ Business: More than a trillion phishing emails are sent each year, some of which will inevitably make their way into your employees’ inboxes. Training employees to spot these scams is especially important to protect your company from a devastating data breach.

ID Agent to the Rescue: BullPhish IDTM simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id

United States – 10x Genomics Inc.

https://www.cyberscoop.com/covid-19-ransomware-10x-genomics-data-breach/

Exploit: Ransomware

10x Genomics Inc.: Biotechnology company

Severity Meter

Risk to Small Business: 2.206 = Severe
A ransomware attack disrupted operations at the biotechnology company, which is currently acting as part of a consortium working to quickly develop a treatment for COVID-19. Before encrypting IT, hackers exfiltrated company data. Although the company reports “no material day-to-day impact,” it’s unclear what the implications are for the stolen data or how this could impact its development of a COVID-19 treatment.  

Individual Risk: At this time, no personal information was compromised in the breach.  

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Companies in every sector have seen an uptick in cybersecurity threats as COVID-19 disrupts business-as-usual and puts many people on edge. This is especially true for the healthcare industry, which is experiencing a deluge of ransomware attacks, phishing scams, and other threats at a critical time.

ID Agent to the Rescue: With BullPhish ID, we can provide a more complete picture of your company security posture and potential risk, transforming the weakest links of an organization into your strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id

United States – GoDaddy

https://krebsonsecurity.com/2020/03/phish-of-godaddy-employee-jeopardized-escrow-com-among-others/?web_view=true

Exploit: Phishing scam  

GoDaddy: Internet domain registrar

Severity Meter

Risk to Small Business: 2.313 = Severe
A spear phishing attack tricked a customer service employee into providing information that ultimately allowed hackers to view and modify customer records. As a result, several GoDaddy clients, including Escrow.com, which provides escrow services for several prominent websites, were impacted. The breach will have costly implications for both GoDaddy and its customers, who will have to decide if they want to continue partnering with a company that puts their sensitive data at risk.  

Individual Risk: At this time, no personal information was compromised in the breach. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business:  Today’s online ecosystem is vast and interconnected. This incident is a reminder that failures at other companies can have significant implications for your own, which increases the importance of securing accounts to buttress your IT infrastructure against potential failure at third-party contractors. With simple cybersecurity features, like two-factor authentication, company accounts remain secure even when credentials or login information is exposed.

ID Agent to the Rescue: With Passly, get the secure identity and access management solutions that you need to protect your systems and data in today’s remote work landscape at a price that you can afford, including multi-factor authentication, single sign-on, and secure password storage. Find out more at https://www.idagent.com/passly

Canada – The Beer Store

https://www.itworldcanada.com/article/some-ontario-beer-chain-outlets-forced-to-use-cash-only-after-cyber-attack/429003

Exploit: Malware attack

Data Deposit Box: Retail outlet

Severity Meter

Risk to Small Business: 2.187 = Severe
Cybercriminals infiltrated The Beer Store’s website and injected payment skimming malware into its online store. The online store allowed customers to place orders for pickup or delivery, two critical features as social distancing measures keep shoppers at home. This breach removed The Beer Store’s ability to accept payments via credit card, which could significantly impact its bottom line during this already challenging time.

Severity Meter

Individual Risk: 2.311 = Severe
Although the company quickly detected the intrusion and closed its online store, anyone who made an online purchase before the threat was identified likely had their payment credential compromised – including all sensitive identification and financial information entered during the checkout process. Those impacted should notify their financial institutions of the breach while also taking steps to secure their accounts and personal details from misuse.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Customers are increasingly unwilling to do business with companies that can’t protect their personal information. At the same time, privacy regulators are backing them up, collectively ensuring that companies have millions of reasons to execute on this mission critical priority.

ID Agent to the Rescue: Compliance Manager automates data privacy standards, eliminating guesswork and ensuring efficiency at every stage. Learn more at https://www.idagent.com/compliance-manager

United Kingdom – SOS Online Backup

https://www.securitymagazine.com/articles/92042-data-breach-report-cloud-backup-provider-exposes-more-than-135-million-customer-records

Exploit: Unprotected database

SOS Online Backup: Cloud storage provider   

Severity Meter

Risk to Small Business: 2.472 = Severe
Cybersecurity researchers identified an exposed database containing nearly 70 GB of sensitive data. The database was discovered in November 2019, but it wasn’t examined until December 9, 2019. Although SOS Online Backup was notified of the breach the next day, it took ten days to have the vulnerability secured – and the company waited several months before informing customers of the event. The company has databases around the world, including in the United States and the United Kingdom, and will undoubtedly face intense regulatory scrutiny for the incident.

Severity Meter

Individual Risk: 2.630 = Moderate
The exposed database includes users’ personally identifiable information, including names, email addresses, phone numbers, internal company details, and account usernames. This information is often redeployed in spear phishing campaigns that trick unsuspecting recipients into disclosing even more sensitive data. Therefore, victims should carefully monitor their accounts and digital communications for suspicious or unusual messages.

Customers Impacted: 135,000,000

How it Could Affect Your Customers’ Business: Data privacy regulation is the new norm, as countries around the world enact regulations to support the public’s growing desire for online privacy. Consequently, companies that endure a data breach can expect that increased regulatory scrutiny of the way that information is stored will incur substantial financial penalties as well as other negative legal consequences.

ID Agent to the Rescue: With Compliance ManagerTM, any company can automate data privacy standards and documentation responsibilities, making compliance a simple, intuitive process for everyone. Click the link to get started today: https://www.idagent.com/compliance-manager

Australia – iStaySafe Pty

https://www.bankinfosecurity.com/australian-kids-smartwatch-maker-hit-by-same-bug-again-a-14046

Exploit: Unauthorized database access

iStaySafe Pty: GPS smartwatch for children

Severity Meter

Risk to Small Business: 2.434 = Severe
This product lets parents track their child’s location and alerts them if the child leaves their designated safe location – but a coding error allowed hackers to download users’ personal data and mimic their location on the service. This dangerous vulnerability not only disrupted that functionality, it also gave hackers access to minors’ location and personally identifiable information. To make matters worse, this is the second time that the watchmaker has experienced this flaw. The same problem was discovered and repaired in 2019, raising serious questions about the platform’s commitment to cybersecurity.    

Severity Meter

Individual Risk: 1.899 = Severe
The breach allowed hackers to access users’ names, email addresses, phone numbers, and profile photos. In addition, bad actors could modify minor children’s location data. This information could be used to craft spear phishing campaigns or for exploitative criminal purposes, so users should be especially vigilant to assess their use of the product.    

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Customers are increasingly unwilling to do business with companies that can’t protect their personal information. At the same time, privacy regulators are backing them up, collectively ensuring that companies have millions of reasons to execute on this mission critical priority. 

ID Agent to the Rescue: Compliance Manager automates data privacy standards, eliminating guesswork and ensuring efficiency at every stage. Learn more at:  https://www.idagent.com/compliance-manager

Australia – Commonwealth Federal Courts

https://www.abc.net.au/news/2020-03-31/federal-court-in-protection-visa-data-breach-published-names/12102536

Exploit: Accidental data exposure 

Commonwealth Federal Courts: Federal Circuit Court of Australia   

Severity Meter

Risk to Small Business: 2.805 = Moderate
The Commonwealth Federal Courts have acknowledged a “systemic failure” that resulted in the publication of the personal details of hundreds of asylum seekers. The court system removed the discovery feature that compromised peoples’ information. Still, the court has known about the vulnerability for years, leaving many to question its commitment to privacy, especially as it relates to a uniquely vulnerable group of people. In addition to public blow-back for the incident, the court system could face additional scrutiny from lawmakers.

Severity Meter

Individual Risk: 2.667 = Moderate
The exposed information included the names, nicknames, and birthdates of hundreds of asylum seekers. This information could put them or their families in danger, which is especially egregious given their already vulnerable position.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Public sentiment and new regulatory standards are working to hold organizations accountable when they fail to protect private data. Consequently, any organization that handles this kind of information needs to account for potential vulnerabilities and take every step possible to ensure that their defensive posture can meet the moment, keeping sensitive information off the Dark Web.

ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID is the leading Dark Web monitoring platform available. This award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact

Risk Levels:

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

In Other News

Introducing Next-level Secure Identity & Access Management With Passly

In today’s remote work world, every company needs a secure identity and access management solution to guard their systems and data against ever-increasing cyberattacks. We’re ready to meet that need with a dynamic solution that is quick to deploy and seamlessly scales to companies of any size. Introducing Passly, our new, comprehensive solution for secure identity and access management.

Ideally suited for a remote workforce, Passly enables techs to give the right people access to the right things in a flash, simply and securely. Passly features Secure Password Management, Single Sign-On, Multi-Factor Authentication, and Dark Web exposure alerting baked right in, making it the ideal secure identity and access management solution to solve the challenges that businesses face right now – at a fraction of the price of other solutions. 

Learn more about Passly and see how it can benefit you today: https://www.idagent.com/passly

Healthcare Data Breaches See Significant Increase

In late 2019, we wrote about the connection between healthcare data and the Dark Web, noting a troubling trend that saw bad actors increasingly targeting patient data. Unfortunately, that trend has only accelerated with the onset of the COVID-19 pandemic that is pushing healthcare providers to their limits.

A study of the Department of Health and Human Services’ HIPAA breach reporting tool found 105 breaches impacting 2.5 million patients. However, before February 19th, only 38 incidents and 1.1 million records were affected. Cybercriminals have upped their game to take advantage of the chaotic situation on the ground, and healthcare organizations need to be prepared.

Notably, the study found that hacking incidents are, by far, the leading cause of data breaches. Many included various forms of email account compromise. Moreover, the report predicts that, as more employees work from home, incidents of phishing attacks will increase because employees are more likely to fall for scams when they are isolated at home. Fortunately, a comprehensive employee awareness campaign can thwart these attacks, helping ensure that healthcare providers are focused on patient care rather than being inundated with cybersecurity threats.

https://www.bankinfosecurity.com/health-data-breach-tally-spikes-in-recent-weeks-a-14031

DTS is very good at cybersecurity solutions for small businesses.

Seriously, we are, and we can prove it. We like being heroes!

We also know how intimidating technology can be, we make a living helping business owners and managers just like you who have questions about all things technology, and that includes cybersecurity.

Most small businesses do not have the technical resources or time to understand all this geek stuff. If this describes you, let us help you.

If you would like more information about cybersecurity as a service give us a call, we’re always happy to chat, and the call is free, every time you call!

Return to the Learning Center

Dedicated to your success,

Wally Moore

Business Development Manager

dts|infotech . . . secure computer networks that work

503.359.1275

www.dtsinfotech.com

GET HELP NOW