The Week In Breach News 04/21/2021 to 04/27/2021

by Wally Moore

on April 28, 2021

in Data Breach

The Week In Breach

by ID Agent


Ransomware is a rising tide, setting new records in the UK, hitting Apple supplier Quanta, raining on airlines’ parades by taking down Radixx, and flooding businesses with risk worldwide.  

The Global Year In Breach

See our analysis of what 2020’s challenges mean for the risk landscape in 2021 – and our predictions for what’s next. GET THIS EBOOK>>


United States

United States – Manhunt

https://www.infosecurity-magazine.com/news/dating-service-suffers-data-breach/

Exploit: Hacking

Manhunt: Dating App

severity meter

Risk to Business: 1.667= Severe

Social network and dating site Manhunt has suffered a data breach. The company filed a declaration with Washington state regulators disclosing that the 20-year-old site was compromised in a cyberattack that took place in February 2021. An unauthorized third party downloaded personal information belonging to some Manhunt users after gaining access to the company’s account credential database. In the notice of data breach, Manhunt revealed that the personal information of an estimated 7,714 Washington residents had been affected, but did not say how many of the site’s approximately 6 million users outside of Washington state were affected.

severity meter

Risk to Business: 1.667= Severe

The compromised database contained customers’ usernames, email addresses, and passwords. After discovering that a breach had occurred, Manhunt performed a forced reset of all users’ passwords. The stolen information could be used to mount phishing, blackmail, and identity fraud attacks.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: Hacking into databases is a profitable enterprise for cybercriminals, especially when juicy personal details are acquired. If you’re storing that kind of information, ensuring that you’re using strong security for information storage is essential.

ID Agent to the Rescue: Make sure that everyone on the IT team is up to date on today’s threats and ready for tomorrow’s with the tips and tricks in “The Security Awareness Champion’s Guide." GET THIS FREE BOOK>>


United States – Eversource Energy

https://www.bleepingcomputer.com/news/security/eversource-energy-data-breach-caused-by-unsecured-cloud-storage/

Exploit: Unsecured Database

Eversource Energy: Power Company 

severity meter

Risk to Business: 1.807= Severe

Eversource Energy, the largest energy supplier in New England, has suffered a data breach after customers’ personal information was exposed on an unsecured cloud server. The company serves 4.3 million electric and natural gas customers throughout Connecticut, Massachusetts, and New Hampshire. The unsecured database allegedly contained unencrypted files created in August 2019 that included the personal information of 11,000 Eversource eastern Massachusetts customers.

severity meter

Risk to Business: 2.177= Severe

Eversource Energy disclosed to customers that the unsecured cloud storage server exposed their name, address, phone number, social security number, service address, and account number. The utility is offering a free 1-year identity monitoring service for impacted customers through Cyberscout.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Unsecured data is a rookie move. Make sure that everyone is following cybersecurity best practices to avoid costly mistakes.

ID Agent to the Rescue: Make sure that you’re covering all of the bases to avoid breaches and nasty regulatory action with our Cybersecurity Risk Protection Checklist. GET THE CHECKLIST>>


United States – Radixx

https://www.bleepingcomputer.com/news/security/eversource-energy-data-breach-caused-by-unsecured-cloud-storage/

Exploit: Malware

Radixx: Software Company 

severity meter

Risk to Business: 2.207 = Severe

Travel software company Radixx has disclosed a data breach caused by a malware attack that has triggered a dayslong outage, snarling reservations systems at about 20 low-cost airlines around the world. The company said it noticed “unusual activity” around its reservations program on Tuesday. It did not describe the malware or say how it got into the program. Radixx’s parent company is travel software giant Texas-based Sabre Corp.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Hacking that disrupts operations has become an increasingly serious problem for businesses that provide services like software and data storage.

ID Agent to the Rescue: Keep your data in and the bad guys out with Passly. By including multiple security essentials into one tool, Passly does the job of multiple solutions at a price everyone will love. WATCH A VIDEO DEMO>>


United States – Gyrodata 

https://portswigger.net/daily-swig/mining-technology-company-gyrodata-hit-by-ransomware-attack-employee-data-leaked

Exploit: Ransomware

Gyrodata: Mining Technology

severity meter

Risk to Business: 2.463 = Severe

A ransomware attack against mining technology organization Gyrodata has potentially leaked the sensitive information of current and former employees. Gyrodata said it has been the victim of a ransomware attack that led to a possible data breach. So far, the number of potential victims has not been confirmed, though Gyrodata, which is headquartered in Houston, Texas, has multiple offices worldwide in countries including Saudi Arabia, UAE, Ecuador, Malaysia, and Scotland.

Individual Impact: No sensitive personal or financial information was confirmed as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware has been an increasingly popular tool for cybercriminals to use against targets in the education sector. Preventing it from hitting systems is just as important as protecting data.

ID Agent to the Rescue: Stopping ransomware starts with stopping phishing. In “The Phish Files", you’ll learn strategies to spot and stop phishing attacks fast. READ THIS BOOK>>


Password

Is your password a zero or a hero? Find out now! GET THIS BOOK>>


United Kingdom

United Kingdom – University of Portsmouth

https://www.infosecurity-magazine.com/news/campus-closed-portsmouth/

Exploit: Ransomware

University of Portsmouth: Institution of Higher Learning 

severity meter

Risk to Business: 1.672 = Severe

IT systems at the University of Portsmouth were knocked offline this week after a supposed ransomware attack, delaying the start of the new term. Although it was due to open on Monday for the start of the summer term, the university campus will continue to remain closed to students until at least 04/30/21 due to an inability to access online learning or data tools.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware, especially targeted ransomware, is the weapon of choice for cybercrime, and ransoms have been skyrocketing as criminals grow more brazen about disrupting business operations and holding them hostage until they’re paid.

ID Agent to the Rescue: Don’t let cybercriminals slow your business down – learn to mitigate the risk of trouble in Ransomware 101. DOWNLOAD FREE EBOOK>>


France – Laurent Perrier

https://securitynewswire.com/latestsecuritynews/mobile_article.php?title=Fr_Champagne_group_Laurent_Perrier_has_been_victim_of_cyber_attack

Exploit: Ransomware

Laurent Perrier: Champagne Maker 

severity meter

Risk to Business: 2.217 = Severe

French Champagne giant Laurent Perrier has fallen victim to ransomware. The company is beginning investigation and recovery, but some IT systems are still offline, impacting production and delivery. The French champagne house is the main company of the Laurent-Perrier Group, whose other flagship brands include the houses of Salon, De Castellane, and D.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Cybercriminals love ransomware because it is easy and profitable. Companies need to pay close attention to ransomware trends to stay out of their clutches.

ID Agent to the Rescue: Learn more about the impact of ransomware in 2020 and see how we expect it will impact businesses in 2021 in The Global Year in Breach 2021. GET THIS BOOK>>


 

Australia

Australia – ClickStudios

https://www.scmagazine.com/home/security-news/data-breach/researchers-say-password-manager-hit-in-supply-chain-attack/

Exploit: Hacking

ClickStudios: Password Security Software Company 

severity meter

Risk to Business: 2.112 = Severe

Researchers report that password manager maker ClickStudios suffered a breach, sometime between April 20 and April 22, which resulted in the attacker dropping a corrupted update to its password manager Passwordstate. A zip file contained a dynamic link library with the malicious code, according to the blog. The associated malware dubbed Moserpass – which was in the file name of a malicious dll found by researchers – called out to a command and control server to execute the next stage of the attack. However, that server went down before CSIS Security Group could grab and examine any second-stage malware that might have been used in follow-up operations. The compromise is under investigation.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is the weapon of choice for cybercrime, and ransoms have been skyrocketing as criminals grow more brazen.

ID Agent to the Rescue: Get the tools that you need to conduct security awareness training that includes phishing resistance painlessly in the new BullPhish ID. SEE THE UPDATE WEBINAR>>


Asia

Taiwan- Quanta

https://www.reuters.com/technology/apple-supplier-quanta-says-no-business-impact-ransomware-attack-2021-04-21/

Exploit: Ransomware

Qanta: Technology Manufacturing 

severity meter

Risk to Business: 1.661 = Severe

Apple supplier Qanta is dealing with a suspected ransomware incident. Quanta Computer is a manufacturer of many flagship Apple products, including its MacBook line. Russian hacker group REvil is the culprit. The gang says that it has had accessed confidential data from the Taiwan-based contract manufacturer’s servers. The data includes stolen blueprints for unreleased products, and the hackers are threatening to release more data after posting samples on their hack site. The ransom demand is rumored to be in the tens of millions of dollars and the cybercriminals are demanding payment by May 1.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Cybercrime is around every corner, especially ransomware. Protecting sensitive data like schematics and blueprints is vital for components and technology manufacturers, especially for new products.

ID Agent to the Rescue: Is your organization ready to repel cyberattacks and keep on going? You are if you’re cyber resilient. Learn how to transform your business in “The Road to Cyber Resilience” today. GET THIS BOOK>>


 

A guide to risk scores

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.


Added intelligence

Go Inside the Ink to Get the Inside Scoop on Cybercrime


Are you up to date on the latest news that can impact your business? Here’s a recap:


The Cybersecurity Risk Protection Checklist

Don’t become a cybercrime statistic. The Cybersecurity Risk Protection Checklist will help you find and fix security gaps. GET IT>>


Resource spotlight

 

New Case Studies

The ID Agent Digital Risk Protection Platform gives you incredible security and incredible value. But don’t just take our word for it – check out two new case studies to see how our solutions are working for these organizations!

Featured briefing

Record-Setting Ransomware Risk Can’t Be Ignored


Ransomware risk is skyrocketing around the world. Although other cyberattacks like nation-state hacking and supply chain data breaches may be occupying the tech headlines, no one can afford to turn their backs on the nasty hydra that ransomware has become in 2021. A wide variety of players jockeyed for position including Emotet, REvil, Clop, and nation-state threat actors. From stopping production lines to stealing data, ransomware gangs are growing bolder by hitting precisely positioned targets and asking for bigger ransoms – and that commitment to strategy is why every business should take this threat seriously.


Cyber-resilient business

Don’t survive a cyberattack – thrive with a cyber-resilient business that works in any conditions. GET THE BOOK>>


An unusual cocktail of factors created a fertile ground for ransomware. Experts point to factors like the sudden shift to remote workforce security combined with operational neglect due to the pandemic and the stumbling economy as components of an environment that enabled cybercriminals to hit businesses with near impunity – especially in the beleaguered healthcare sector. A surge in email usage also boosted the opportunity for email-based cybercrime. An estimated 8 of 10 organizations increased their email traffic in 2020, leading to a 64% increase in email threat volume.  

In a recent survey, researchers determined that approximately 61% of organizations worldwide experienced a damaging ransomware incident in 2020. Drilling down deeper, those unfortunate organizations lost an average of six working days to system downtime, with 37% saying downtime lasted one week or more after that incident. In an effort to recover much-needed data, an estimated 52% of companies held to ransom by cybercriminals paid them off, but only 66% of the payers were able to recover their data. Another 34% of payers never saw their data again. 

The increase in the number of ransomware attacks logged in Q4 2020 over the same period in 2019 is astonishing. Cybercriminals had favorable conditions for conducting ransomware attacks and juicy targets abounded, like hospitals and shipping companies directly needed to fight the global pandemic. They didn’t waste their chance to make a big score, either. Ransomware attacks recorded by researchers climbed by 80% in the UK, but that wasn’t even close to the top of the chart. Other notable increases in ransomware attack frequency were the US (98.1%), Germany (145%), Spain (160%), and Sri Lanka (436%). This huge surge in cybercrime has helped produce a thriving dark web economy for stolen data.


Phish Files

Learn the Secret of How Cybercriminals Trick You Into Falling for Phishing Messages!

Read Phish Files Now>>


That trend is set to continue or worsen in 2021 as cybercriminal organizations refine their post-pandemic attacks to do more damage and earn more money. Targeted ransomware is the new trend, and it is exploding. Researchers determined that targeted ransomware has grown by an eye-popping 767%, easily dwarfing all other types. This increase has been especially felt in the APAC region. Recent numbers logged by UK researchers tell a chilling tale as well, with a record-breaking 11% year-on-year increase in attacks against UK targets in Q1 2021. UK businesses encountered 172,079 cyberattacks each, on average, between January and March 2021, the equivalent of 1,912 per day.

Cybersecurity experts are pointing to a wide variety of potential trouble spots as factors that may help cybercriminals increase their targeted ransomware attacks even more. Budget cuts can lead to organizations failing to update technology. A huge backlog of basic maintenance and patching can leave businesses exposed to flaws. Plus a vast quantity of information snatched from key service providers like BlackBaud and Accellion have opened organizations to risk that they don’t even know about yet. In a 2021 survey, 70% of survey respondents said that they believe that their business will be harmed by email attacks in the next year, up from 59% in 2020. That means that now is the time to take precautions against email-based cybercrime like targeted ransomware. So how can you secure your clients against this risk? Here are our best tips.


Security awareness champions guide

Get the tips, tricks, and cheat codes that you need to beat cybercriminals at their own game! DOWNLOAD THIS BOOK>>


Give Phishing the 1 -2 Punch

Just under 70% of ransomware is delivered via phishing. Stopping phishing from causing a cybersecurity incident will greatly reduce an organization’s chance of falling victim to ransomware. Strengthen phishing defenses by adding automated antiphishing security with Graphus that stops 40% more dangerous messages from reaching employee inboxes than competing solutions. Then follow that up with customized phishing resistance and security awareness training delivered through a user-friendly portal with BullPhish ID. Choose plug-and-play modules or personalized campaigns that mimic the real industry threats that your clients’ employees will face, reducing their chance of falling victim to a ransomware attack by up to 70%.

Guard Against Surprise Dark Web Threats

How much data about your client’s business is floating around on the dark web? On average, 65% of the information on the dark web at the start of 2020 could damage businesses, and more than 22 million more records were added in the last 12 months including huge lists of passwords. That’s why it’s a smart move for companies to use Dark Web ID to keep an eye out for trouble – 91% of employees in a 2020 survey understood the risk of password reuse, but 59% admitted to doing it anyway, opening their companies up to danger. No one has the time or money to deal with the impact of that unpleasant surprise.

Keep Data Locked Down

Placing strong protections between cybercriminals and data starts with secure identity and access management. Passly gives clients the maximum bang for their buck, featuring multifactor authentication (perfect for defending against a phished password and 99% of password-based cybercrime in general). They also get the value of 2 – 3 more solutions with the other security essentials like single sign-on, securely shared password vaults, and fast automated password resets all tied up in one affordable package – plus with easy remote management and deployment, making it perfect for supporting today’s hybrid workforce. It pairs well with Spanning’s easy-to-use SaaS backup data protection for Microsoft 365, G Suite, and Salesforce that empowers administrators and users to restore data and get back to work in just a few clicks, another important part of IT Complete.


Passwords

Is your data really password-protected? Learn the truth in Building Better Passwords. GET THIS BOOK>>


Events and Webinars

Security webinar

May 5: Deploy Your Secret Weapon: Security-Savvy Employees w/ Lisa Forte Webinar REGISTER NOW>>

 

Graphus

See how automated, affordable phishing defense with Graphus can save your business a fortune! GET THE EBOOK>>


A note for our customers

Ransomware Risk is a Rising Tide That Can Swamp Your Business


Cybercriminals are refining their approach to ransomware, and risk has risen worldwide. Targeted ransomware is today’s rising trend. Researchers determined that targeted ransomware has grown by an eye-popping 767%, easily dwarfing all other types. Recent numbers logged by UK researchers show a record-breaking 11% year-on-year increase in attacks against UK targets in Q1 2021.

Every business is at risk of falling victim to ransomware – after all, more than 60% of organizations worldwide experienced a damaging ransomware incident in 2020. Ransomware has especially battered healthcare targets, but that’s not the only industry that’s experiencing increased risk. No matter the size, your business is at an increased risk of experiencing a ransomware incident in today’s volatile threat landscape, and that danger is growing.

How can you guard against becoming a victim of targeted ransomware? By taking sensible precautions that keep your systems and data safe, like phishing resistance training using BullPhish ID. Your employees can learn to spot and stop real risks that are prevalent in your industry in customized phishing simulations. If you’re not already using multifactor authentication with Passly, this is a great time to add it. It stops 99% of password-based cybercrime, including cybercriminals with a password that they just phished off an unwary employee.

In a 2021 survey, 70% of survey respondents said that they believe that their business will be harmed by email-based attacks like targeted ransomware attacks in the next year, up from 59% in 2020. But you don’t have to join that number. Put strong protections in place now and you can have peace of mind that you’ve chosen a powerful defense for your essential systems and data.

 

DTS is very good at cybersecurity solutions for small businesses.

Seriously, we are, and we can prove it. We like being heroes!

We also know how intimidating technology can be, we make a living helping business owners and managers just like you who have questions about all things technology, and that includes cybersecurity.

Most small businesses do not have the technical resources or time to understand all this geek stuff. If this describes you, let us help you.

If you would like more information about cybersecurity as a service give us a call, we’re always happy to chat, and the call is free, every time you call!

Return to the Learning Center

Dedicated to your success,

Wally Moore

Business Development Manager

dts|infotech . . . secure computer networks that work

503.359.1275

www.dtsinfotech.com

GET HELP NOW