The Week In Breach 5/27/2020 to 6/2/2020

by Wally Moore

on June 3, 2020

in Data Breach

The Week In Breach 5_27_20

DTS InfoTech is a hard-working Trusted Advisor for any business that has questions about computers, computer networks, and technology. One way to earn the title of Trusted Advisor is to provide FREE practical education in the technology field for visitors to our website.

Cybersecurity has become a matter of business life and death for computer and technology users of all types. With your security in mind, we are sharing Data Breach Examples in weekly posts entitled “This Week In Breach” from our friends at ID Agent.

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions to private and public sector organizations and millions of individuals impacted by cyber incidents.

Read this short article and learn about cybersecurity and Data Breach examples from the experts in the field. The life of your business may depend upon it.

June 3rd, 2020 by Kevin Lancaster

This week in The Week in Breach, slow breach responses put customers at risk, a malware attack undermines the benefits of shopping online, and a new study reveals that frequently resetting passwords is essential even if they haven’t been directly compromised.

Dark Web ID Trends:

  • Top Source Hits: ID Theft Forums
  • Top Compromise Type: Domain
  • Top Industry: Education & Research
  • Top Employee Count: 501+

United States – Quidd

https://www.itproportal.com/news/account-credentials-of-four-million-quidd-users-exposed-online/

Exploit: Unauthorized database access 

Quidd: Digital collectibles app  

Severity Meter

Risk to Small Business: 2.137 = Severe
Bad actors infiltrated a Quidd database and shared its contents online, exposing users’ account credentials. The database was circulating on private forums for months, but the platform didn’t identify the breach until it appeared on a public board this week. The passwords were encrypted, but hackers have already cracked more than 135,000 passwords. Quidd’s slow response was further exacerbated by delayed notification procedures, as victims still haven’t been notified of the incident.  

Severity Meter

Individual Risk: 2.795 = Moderate
The data breach compromised usernames and passwords. All platform members should immediately update their credentials while assessing the integrity of other online accounts. Quidd users should continue evaluating their accounts for unusual or suspicious activity. 

Customers Impacted: 4,000,000

How it Could Affect Your Customers’ Business: Rapidly identifying and responding to potential data breaches is a critical component of any defensive posture. In this case, the company could have acted much sooner if the Dark Web was being monitored for their information. Being able to identify the sale or transfer of company data enables businesses to respond before an incident escalates.

ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with you to strengthen your security suite by offering industry-leading detection. Discover more at https://www.idagent.com/dark-web/.  

United States – Arbonne International

https://www.bleepingcomputer.com/news/security/arbonne-mlm-data-breach-exposes-user-passwords-personal-info/

Exploit: Unauthorized database access

Arbonne International: Multi-level marketing (MLM) platform 

Severity Meter

Risk to Small Business: 1.692 = Severe
A data breach has exposed personal information for thousands of MLM participants. The data loss event began when the company detected unusual network activity on April 20th, but the incident was not revealed publicly until this week. The breach specifically applies to California employees, which means regulatory authorities will likely scrutinize the incident under the California Consumer Privacy Regulation

severity meter

Individual Risk: 2.591 = Severe
The breach compromised MLM members’ names, email addresses, mailing addresses, phone numbers, purchase histories, and account passwords. Those impacted need to reset their Arbonne account password, and they should update other credentials using the same details. At the same time, victims should carefully monitor their accounts and communications for suspicious activity, since personal data is often used in subsequent phishing scams and other fraud attempts.   

Customers Impacted: 3,527

How it Could Affect Your Customers’ Business: Consumer sentiment has quickly shifted toward a privacy-first approach to personal information, and regulatory efforts are enforcing that priority. Data privacy laws already apply in many places, and companies should expect more regulatory scrutiny in the years ahead

ID Agent to the Rescue: Compliance becomes much more important for companies every day. Data protection requires a stack of solutions that work together to mitigate the maximum amount of risk.  Is your digital risk protection platform is up to the challenge? https://www.idagent.com/passly-digital-risk-protection

United States – Minted

https://www.bleepingcomputer.com/news/security/minted-discloses-data-breach-after-5m-user-records-sold-online/

Exploit: Unauthorized database access

Minted: Online marketplace for independent artists 

severity meter

Risk to Small Business: 1.980 = Severe
After a database was made available on the Dark Web, Minted acknowledged a data breach that compromised customer information. The breach happened when hackers accessed a company database on May 6th, and it’s unclear why it took the company more than three weeks to identify and respond. Customers are increasingly willing to walk away from platforms that can’t protect their data, and the company’s slow response could make it more challenging to regain users’ trust. 

Severity Meter

Individual Risk: 2.602 = Moderate
The incident compromised users’ data, including their names, addresses, phone numbers. Less than 1% of victims also had their dates of birth exposed. In addition, users’ login credentials were impacted. In response, those affected by the breach need to update their Minted passwords and any other platform passwords that use similar information.  

Customers Impacted: 5,000,000

How it Could Affect Your Customers’ Business: Data beaches are a public relations nightmare, and a fast, effective response can be the difference between restoring trust and watching customers walk away. At the same time, equipping employees and customers with tools to secure their accounts demonstrates a tangible commitment to data security.

ID Agent to the Rescue:

Don’t wait until after you have a data breach or other devastating attack to put a digital risk platform in place for your organization that not only mitigates the threats of today, it’s ready for the threats of tomorrow. Watch 10-minute demos of our award-winning solutions now to see what you could be doing to protect your company. 

https://www.idagent.com/recorded-demos

Canada – Northwest Atlantic Fisheries Organization (NAFO)

https://www.cbc.ca/news/canada/nova-scotia/ransomware-attack-at-fisheries-organization-in-halifax-1.5585701?&web_view=true

Exploit: Ransomware 

NAFO: International fisheries organization 

Severity Meter

Risk to Small Business: 1.542 = Extreme
A ransomware attack has compromised the organization’s servers, making them unusable. Consequently, NAFO’s website has been inaccessible for more than a week, and a critical database for an upcoming scientific council is inoperable. NAFO had previously been warned of cybersecurity vulnerabilities, but they failed to take action, which may have contributed to this effective ransomware attack. Now the organization must decide if they will pay the undisclosed ransomware or attempt to restore systems in other ways. Regardless, it will be an expensive recovery process for the organization and its employees.   

Individual Risk: At this time, no personal information was compromised in the breach.  

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware attacks are devastating for small businesses, which often lack the robust resources of larger corporations to restore operations. In an already-challenging business environment, ensuring that your digital environment is prepared to defend against these attacks should be a top priority. As NAFO learned the hard way, failing to repair small vulnerabilities can have outsized consequences.

ID Agent to the Rescue: Ransomware attacks are typically fueled by the Dark Web. Get the facts about what really happens in Dark Web markets plus a deck of Dark Web screenshots to help you learn more about how Dark Web threats endanger your business. https://www.idagent.com/resources/unveiling-cybercrime-markets-on-the-dark-web/

Ireland – Savia 

http://www.irishnews.com/news/northernirelandnews/2020/05/26/news/abuse-group-says-it-s-too-late-for-apologies-over-major-data-breach-1951504/

Exploit: Accidental data sharing  

Savia: Victims’ rights group 

Severity Meter

Risk to Small Business: 1.427 = Extreme
An employee included hundreds of abuse victims’ personal identities in an external email, creating a data privacy incident with vast implications. Advocates, incensed by the oversight, called for the organization’s leader to resign, and others have publicly threatened to sue Savia. Making matters worse, the organization was slow to address the error, promising to manage the situation after a long holiday weekend concluded. For an organization predicated on trust, this incident has significantly undermined its mission, making it more difficult to successfully advocate for victims’ rights. At the same time, regulatory scrutiny will certainly accompany the incident, potentially bringing financial consequences to an already-arduous situation.

Severity Meter

Individual Risk: 1.122 = Extreme
The data breach included the names and personal stories for hundreds of victims, many who never shared their stories publicly. This privacy violation could have profound personal implications for each person involved. 

Customers Impacted: 250

How it Could Affect Your Customers’ Business: The Information Commissioner has already promised an investigation into the data breach. The results of the investigation could have profound implications for the organization. When coupled with the reputational damage, Savia certainly has a long road ahead as it seeks to rebuild the public’s trust.

Belgium – European Parliament 

https://www.cpomagazine.com/cyber-security/sensitive-data-belonging-to-european-officials-leaked-in-a-major-eu-parliament-breach/

Exploit: Unauthorized database access 

EU Parliament: Legislative branch of the European Union  

Severity Meter

Risk to Small Business: 2.105 = Severe
A website managed by the European Parliament exposed sensitive personal details for current and former staff members. The breach was detected by a cybersecurity company conducting a random screening of exposed data, meaning EU officials were unaware of the vulnerability. This underscores the agency’s integrity, as it tries to curtail data privacy issues through its expansive General Data Protection regulation. In response, users will be required to reset passwords more frequently and adhere to more stringent defensive tactics.   

Severity Meter

Risk to Small Business: 2.430 = Severe
Officials have not released the specific information categories compromised in the breach, but they admitted that it includes both personal and professional data. Notably, the breach exposes people to the risk of phishing attacks, which could lead to even more harmful compromises. Those impacted need to carefully scrutinize incoming, ensuring that they are engaging with authentic communications.

Customers Impacted: 16,200

How it Could Affect Your Customers’ Business: Even after steps are taken to repair the damage of a data breach, the consequences can linger for years afterward. Bad actors can reuse stolen information to craft convincing phishing scams that threaten sensitive information. Therefore, in today’s digital environment, phishing scam awareness training is a must-have component of any data security initiative.

ID Agent to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, including video content available in 8 languages, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.

United Kingdom – Páramo

https://www.theregister.co.uk/2020/05/19/paramo_hack_magecart/?&web_view=true

Exploit: Malware attack

Páramo: Clothing retailer 

Severity Meter

Risk to Small Business: 1.755 = Severe
Card-skimming malware was active on Páramo’s online store for more than eight months before the retailer identified and eradicated the malicious code. Specifically, the malware redirected shoppers’ card information through a PayPal plugin. The information was forwarded to hackers who could use the data to commit financial fraud. This attack was especially difficult to detect, underscoring the importance of actively securing the online checkout process against bad actors.

Severity Meter

Individual Risk: 1.992 = Severe
The card-skimming malware collected shoppers’ names, addresses, card numbers, and CVV codes. This information can be used in a variety of financial crimes, and victims should immediately report the breach to their financial institutions. Also, they should enroll in a credit monitoring service that can help ensure the long-term integrity of their personal and financial data.  

Customers Impacted: 3,743

How it Could Affect Your Customers’ Business: Online shopping has surged since the COVID-19 pandemic, presenting an opportunity for retailers to recoup some of the losses from diminished foot traffic. However, while shoppers are spending more money online than ever before, they are also more willing to walk away from retail outlets that can’t protect their information. Card-skimming malware is a real threat to the checkout process, and it’s one of many cybersecurity concerns that businesses looking to capitalize on their online stores need to consider.

ID Agent to the Rescue: With Dark Web ID, we provide a more complete picture of a company’s potential Dark Web risks and how to strengthen security posture and make sure that you're using the right protection for your digital risk threats. Find out how you can get started with us here: https://www.idagent.com/dark-web-id-enterprise

Australia – Big Footy

https://www.smh.com.au/politics/federal/big-footy-data-breach-exposed-private-details-of-up-to-100-000-users-20200529-p54xnz.html

Exploit: Phishing scam

Big Footy: AFL fan website   

Severity Meter

Risk to Small Business: 2.226 = Severe
Cybersecurity researchers discovered more 132GB of accessible data originating from Big Footy’s online platform. The data includes personal and business data, as well as private conversions between users. The company has taken steps to secure its infrastructure and notify users, two tasks that will be costly to its reputation and bottom line. Big Footy hopes that bad actors haven’t accessed this information, but information that’s publicly exposed is often collected and sold on the Dark Web.

Severity Meter

Individual Risk: 2.761 = Moderate
The breach exposed users’ private messages, email addresses, phone numbers, passwords, and other sensitive personal details. The breach compromised many high-profile users, including police officers and government officials, giving the public unprecedented access to their private conversations. Big Footy is warning users to carefully monitor their accounts and communications for signs of misuse. Those impacted by the breach should update their Big Footy passwords and any other account credentials using a similar password combination.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Today’s organizations face threats on many fronts, making accidental, unforced errors especially problematic. In this case, the company failed to adequately assess its IT environment to ensure that all of the access points were secure. It’s a reminder that small details can have enormous consequences, and today’s organizations need to plan for a 360-degree approach to cybersecurity.  

Risk Levels:

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.

Small Businesses Suffer More Than A Quarter of all Breaches     

According to Verizon’s 2020 Data Breach Investigations Report, small businesses are increasingly the target of cybercriminals. The report, which analyzed more than 157,000 cybersecurity incidents, found that 28% were directed at small businesses. Previously, cybercriminals have targeted larger organizations as the rate of return was often higher. However, a transition to cloud computing and the use of social engineering attacks, like phishing scams, has increased the risk for small businesses.  

In response, it’s clear that small businesses need to prioritize cybersecurity as a data breach has an outsized effect on smaller organizations. Among other recommendations, the report encourages small businesses to invest in continuous vulnerability management, secure their email infrastructure to protect themselves from the growing threat of phishing attacks. It’s also essential that companies recognize and identify insider threat sources and eliminate them as quickly as possible.

Knowing that small businesses often lack the in-house cybersecurity resources to implement a 360-degree defensive strategy, MSPs have an opportunity to reach out to small business customers to build a partnership that fills that gap effectively and affordably to provide essential cybersecurity support in this tumultuous time.  .

Using tools and services that support good password hygiene, offering things like single sign-on, two-factor authentication, and other password-oriented enhancements, and enforcing stricter password reuse and sharing policies can help mitigate the risk of password compromise through password reuse and weakness.

https://smallbiztrends.com/2020/05/small-business-data-breaches-2020.html

A Note for Our Customers

New Trouble Comes From Users Who Rarely Update Their Passwords    

Despite years of advocacy and continual advice to update passwords frequently, the majority of victims fail to follow through on this priority. According to research by the Carnegie Mellon University’s CyLap, even after a data breach, users rarely voluntarily update their credentials, and only 13% even did so within three months of a known breach.

Updating passwords consistently is an essential security tool. Part of protecting a company’s data and systems from bad actors requires knowing when that company’s credentials have been compromised – and that compromise isn’t always on them. A third party breach could put corporate passwords at risk unexpectedly. 

Is your password a failure or a winner? See how yours measures up!

Given the high number of compromised credentials available on the Dark Web, updating passwords after a breach is a critical recovery act that can help limit the scope and impact of the breach. Dark Web ID is an essential tool for finding out if company credentials have been compromised in someone else’s breach.    

https://techxplore.com/news/2020-05-breach-users-rarely-passwords-theyre.amp

DTS is very good at cybersecurity solutions for small businesses. Seriously, we are, and we can prove it.

We like being heroes!

We also know how intimidating technology can be, we make a living helping business owners and managers just like you who have questions about all things technology, and that includes cybersecurity.

Most small businesses do not have the technical resources or time to understand all this geek stuff. If this describes you, let us help you.

If you would like more information about cybersecurity as a service give us a call, we’re always happy to chat, and the call is free, every time you call!

Return to the Learning Center

Dedicated to your success,

Wally Moore

Business Development Manager

dts|infotech . . . secure computer networks that work

503.359.1275

www.dtsinfotech.com

GET HELP NOW