The Week In Breach News 10/28/2020 to 11/03/2020

by Wally Moore

on November 4, 2020

in Data Breach

TWIB1103

DTS InfoTech is a hard-working Trusted Advisor for any business that has questions about computers, computer networks, and technology.

One way to earn the title of Trusted Advisor is to provide FREE practical education in the technology field for visitors to our website.

Cybersecurity has become a matter of business life and death for computer and technology users of all types. With your security in mind, we are sharing Data Breach Examples in weekly posts entitled “The Week In Breach” from our friends at ID Agent.

ID Agent provides a comprehensive set of threat intelligence and identity monitoring solutions to private and public sector organizations and millions of individuals impacted by cyber incidents.

Read this short article and learn about cybersecurity and Data Breach examples from the experts in the field.

The life of your business may depend upon it.

November 4th, 2020 by Kevin Lancaster

This Week in Breach News: Phishing nets cybercriminals more than $2 million from the Republican Party, Google employee information is exposed in a third-party breach, healthcare targets get walloped again, data breach fines pack a punch, and should you just pay the ransom for stolen data? 

The Week in Breach News: Dark Web ID’s Top Threats This Week

  • Top Source Hits: ID Theft Forum
  • Top Compromise Type: Domain
  • Top Industry: Education & Research
  • Top Employee Count: 1 – 10

November 4th, 2020 by Kevin Lancaster

This Week in Breach News: Phishing nets cybercriminals more than $2 million from the Republican Party, Google employee information is exposed in a third-party breach, healthcare targets get walloped again, data breach fines pack a punch, and should you just pay the ransom for stolen data? 

The Week in Breach News: Dark Web ID’s Top Threats This Week

  • Top Source Hits: ID Theft Forum
  • Top Compromise Type: Domain
  • Top Industry: Education & Research
  • Top Employee Count: 1 – 10

The Week in Breach News – United States 

United States –  Steelcase

https://www.fox17online.com/news/steelcase-experiences-cyberattack

Exploit: Ransomware

Steelcase: Furniture Manufacturer 

Severity Meter

Risk to Business: 2.311 = Severe
Furniture manufacturing giant Steelcase was hit with a nasty ransomware attack that forced a brief shutdown of all systems. The company was able to quickly contain the suspected Ryuk ransomware incident and says that no data was stolen. Recovery operations were fast and everything is back online.

Customers Impacted: Unknown

Individual Risk: No personal or consumer information was reported as impacted in this incident.

How it Could Affect Your Customers’ Business: These days, ransomware attacks aren’t just a threat to data – they’re being used to shut down production lines, impact infrastructure, and cause havoc.

ID Agent to the Rescue: Ransomware is generally the poisoned fruit of a phishing email. Protect your business from ransomware with BullPhish ID, phishing resistance training that’s both effective and cost-effective. LEARN MORE>>

United States – Wisconsin Republican Party

https://apnews.com/article/wisconsin-republican-party-hackers-stole-641a8174e51077703888e2fa89070e12

Exploit: Phishing

Wisconsin Republican Party: Political Organization 

Severity Meter

Risk to Business: 1.337 = Extreme
The Wisconsin Republican Party had a suspected phishing incident that couldn’t have come at a worse time. An estimated $2.3 million was stolen by cybercriminals from the party’s reelection fund after at least one staffer interacted with a phishing email, impacting operations just as the races were coming down to the wire. The FBI and local officials are investigating the incident.

Individual Risk: No personal or consumer information was reported as impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Phishing is about more than just credential compromise. Today’s most dangerous attack is used to do everything from steal money to deploy malware.

ID Agent to the Rescue: BullPhish ID has simple remote management tools and preloaded plug-and-play phishing simulation kits that make conducting phishing resistance training a snap anytime, anywhere. LEARN MORE>>

United States – Ledger

https://cryptobriefing.com/bitcoin-wallet-provider-ledger-compromised-again-malicious-phishing-attack/

Exploit: Unsecured Database

Ledger: Cryptocurrency Storage Platform

Severity Meter

Risk to Business: 1.667 = Severe
Once again, Ledger is hot water for a cyberattack. This time, Ledger users received a phishing email that directed them to log in at a new address, allowing cybercriminals to steal both the victim’s login credentials and cryptocurrency. This is the company’s second incident this year, and information from that July 2020 incident is suspected to have played a part in this attack.

Customers Impacted: Unknown

Individual Risk: No personal or consumer information was reported as impacted in this incident.

How it Could Affect Your Customers’ Business: Cyberattacks can have cascading consequences, with information stolen in cyberattacks coming back to haunt businesses months or years later. Data like login credentials can live on in Dark Web data dumps to haunt you later.

ID Agent to the Rescue: Dark Web ID helps keep credentials safe with 24/7/365 human and machine monitoring using real-time data analysis to find compromised credentials and alert you fast.  LEARN MORE>>

United States – Fragomen, Del Rey, Bernsen & Loewy 

https://techcrunch.com/2020/10/26/fragomen-data-breach-google-employees/

Exploit: Unauthorized Database Access

Fragomen, Del Rey, Bernsen & Loewy: Law Firm

Severity Meter

Risk to Business: 2.801 = Moderate
Data theft at a top law firm that provides employment verification screening services for companies like Google exposed a small amount of sensitive data. An unauthorized intrusion into a database exposed the employment verification information for some current and past Google employees.

Severity Meter

Individual Risk 2.992 = Moderate
The firm has not disclosed exactly what data was stolen although an employment verification or I-9 file can contain very sensitive information. The firm has also not indicated how many employees were affected although they’ve stated that it is a “limited number.”

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: When you’re storing sensitive data, that information needs extra protection in order to really serve your clients.

ID Agent to the Rescue: Secure identity and access management with Passly helps prevent intrusions by requiring multifactor authentication to let anyone access information. LEARN MORE>>

United States – Nitro Software Inc.

https://securityaffairs.co/wordpress/110025/data-breach/nitro-pdf-data-breach.html

Exploit: Unauthorized Database Access

Nitro Software Inc.: Software Developer

Severity Meter

Risk to Business: 2.071 = Moderate
A massive data breach at Nitro, home of Nitro PDF, may have an impact on some major players. Nitro serves clients including Google, Apple, Microsoft, Chase, and Citibank. The software maker announced that an unauthorized third party gained limited access to a company database. The stolen information has already made its debut on the Dark Web, including about 1TB of documents.

Individual Risk: No personal or consumer information was reported as impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: A data breach at a third-party service provider for your business is just as dangerous as a data breach at your company and smart companies take precautions against supply chain risk.

ID Agent to the Rescue: Stolen data damage businesses by giving cybercriminals huge troves of passwords to mine. Keep your company’s credentials secure with Dark Web ID’s Channel-leading credential monitoring. LEARN MORE>>

United States – Gaming Partners International

https://www.forbes.com/sites/leemathews/2020/10/31/ransomware-gang-claims-international-casino-equipment–supplier-as-latest-victim/?sh=7529ed2c68b2

Exploit: Ransomware

Gaming Partners International: Casino Equipment Provider

Severity Meter

Risk to Business: 2.211 = Severe
REvil ransomware caused havoc at one of the world’s leading casino suppliers, shutting down systems for several days. The hackers also extracted more than 500 gigabytes of data during the breach. Among the files were casino contracts, banking information and technical documents. The company was quickly able to restore operations.

Individual Risk: No personal or consumer information was reported as impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Every time your employees interact with a phishing email, your business is at risk for ransomware. Security awareness training prevents up to 70% of cybersecurity incidents.

ID Agent to the Rescue: Phishing resistance training is one of the most important ways that businesses can protect their systems and data, as long as it’s refreshed at least every 4 months. You’ll never run short of fresh, updated training material with BullPhish ID. LEARN MORE>>

The Week in Breach News – Canada

Canada – Stelco

https://www.itworldcanada.com/article/canadian-steelmaker-stelco-hit-by-cyberattack/437503

Exploit: Hacking

Stelco: Steel Manufacturer 

Severity Meter

Risk to Business: 2.332 = Severe
Major Canadian steel manufacturer Stelco experienced a nasty ransomware attack that brought its operations to a halt. All manufacturing and business operations were briefly shut down, but the company was quickly able to restore its systems.

Individual Risk: No personal data has been reported as impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: A robust cybersecurity defensive strategy adds extra protections that prevent hackers from slipping through the cracks to devastate your business.

ID Agent to the Rescue: ID Agent’s digital risk protection platform provides multiple cost-effective solutions that add strong protection against cybercrime. SEE OUR SOLUTIONS AT WORK>>

The Week in Breach News – United Kingdom & European Union

Sweden- Gunnebo

https://portswigger.net/daily-swig/data-breach-at-swedish-security-company-leaks-38-000-sensitive-documents

Exploit: Unauthorized Database Access

Gunnebo: Security Consulting

Severity Meter

Risk to Business: 2.227 = Severe
Security system design consulting firm Gunnebo has had its own security incident, as cybercriminals were able to gain access to some of its stored data. Bad actors were able to pilfer the security system plans and blueprints for many important buildings including bank vaults and government buildings.

Individual Risk: No individual information has been reported as compromised in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Protect your essential blueprints, formulas, and plans as carefully as you would protect financial data because industrial espionage is a hot category on the Dark Web.

ID Agent to the Rescue: Passly adds extra protections between cybercriminals and your data with single sign-on launchpads for each employee, allowing security to quickly cut off access if an account is compromised. SEE PASSLY IN ACTION>>

Italy – The Enel Group

https://securityaffairs.co/wordpress/110067/malware/enel-group-netwalker-ransomware.html

Exploit: Ransomware

The Enel Group: Energy Manufacture & Distribution 

Severity Meter

Risk to Business: 1.909 = Severe
Multinational energy conglomerate Enel was the latest victim of Netwalker ransomware, as cybercriminals demand a $14 million ransom. The ransomware gang claims to have several terabytes of data. The company was also hit with Snake ransomware in July. Investigation and recovery are ongoing.

Individual Risk: No personal or financial data is reported as stolen or compromised in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Attacks on infrastructure targets have been escalating, including energy, logistics, and industrial transportation companies. While cybercriminals are still out for data, they’re also looking to disrupt essential services.

ID Agent to the Rescue: BullPhish ID enables you to transform your employees from your largest attack surface to your largest defensive asset with training delivered in bite-sized pieces that’s accessible for tech and non-tech employees alike. LEARN MORE>>

The Week in Breach News – Asia Pacific

India – Mithaas Sweets

https://ciso.economictimes.indiatimes.com/news/after-haldirams-now-mithaas-hit-by-ransomware/78883999

Exploit: Hacking

Mithaas Sweets: Snack Manufacturer 

Severity Meter

Risk to Business: 1.806 = Severe
On the heels of a cyberattack at another popular Indian snack company, Mithaas Sweets has been hit by a ransomware attack. The company reported that its file storage and many systems had been encrypted, seriously impacting business. Investigation and recovery is ongoing.

Individual Impact: No personal data was exposed in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ensnaring critical systems and data.

ID Agent to the Rescue: Our digital risk protection platform offers businesses multiple tools for securing their systems and data, even from unexpected dangers. LEARN MORE>>

Japan – Nuclear Regulatory Authority

https://securityaffairs.co/wordpress/110284/hacking/nuclear-regulation-authority-cyber-attack.html

Exploit: Unauthorized Systems Access

Nuclear Regulatory Authority: Government Agency

Severity Meter

Risk to Business: 2.771 = Moderate
In a small but troubling incident at NRA, an unauthorized intruder gained access to the email system and the agency was forced to shut it down. The incursion affected both internal and external communications, snarling applications for hearings and impacting other business. Communications are limited to phone calls and in-person meetings. No data was stolen and access to any operations or research systems is through a separate, more secure system.

Individual Risk: No individual information was reported as impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Adding extra protections for sensitive systems and data is a smart move, especially when those systems and data can impact public welfare.

ID Agent to the Rescue: Secure your ,most sensitive data with the award-winning secure identity and access management tools that you get when you choose Passly. SEE PASSLY AT WORK>>

The Week in Breach – Australia & New Zealand

Australia – Isentia

https://www.theguardian.com/technology/2020/oct/27/cyberattack-strikes-media-monitoring-company-used-by-australian-government

Exploit: Ransomware

Isentia – Media Monitoring Firm

Severity Meter

Risk to Business: 1.775 = Severe
Analytics and media monitoring firm Isentia, the company that provides media services for much of the Australian government, has been hit by a cyberattack, likely ransomware. Customers lost access to the company’s service portal that connects them with media reporting on them, issues of interest to them, and journalists. The incident is under investigation, with no clear diagnosis of what if any data was stolen. Isentia holds sensitive information for powerful public figures as part of its media services operations.

Individual Risk: Isentia has not released information about potentially stolen personal information or customer data exposure.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Stolen personal data including exposed credentials is readily available in Dark Web markets and data dumps, opening victims of data theft up to future cybercrime.

ID Agent to the Rescue: Dark Web ID is the perfect choice to ensure that your company’s credentials haven’t been exposed in a dark corner of the Dark Web SEE A DEMO>>

The Week in Breach News Guide to Our Risk Scores

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

The Week in Breach: Added Intelligence

Go Inside the Ink to Get the Inside Scoop on Cybercrime

Every weekday, our blog features timely cybersecurity and breach news, problem-solving advice, and expert analysis of today’s threats, plus insight that helps you plan for tomorrow. Don’t miss it!

The Week in Breach: Featured Briefing

Growing Breach Fines Create Growing Alarm

In an increasingly connected electronic world, customers have an expectation that companies will take appropriate action to secure any sensitive data that they provide when purchasing goods and services. However, as we grow more dependent on electronic transactions in every facet of life, cybercriminals have become very good at worming their way into company systems to steal that data.

That expectation of data privacy has led to a raft of legislation securing data privacy rights for consumers and punishing companies that fail to maintain adequate security, especially when handling medical information. Many of those statutes involve fines – and regulators haven’t been shy about imposing big fines on companies that fail to comply.

Failure to secure customer information is growing extremely costly. Even powerful companies are feeling the sting of regulatory ire as record-breaking fines have been levied against them for data breaches. Recently, several international giants have been hit with news-making fines after major cyberattacks that exposed customer data including:

  • Aetna settled multiple HIPPA violations dating back to 2017 for $1 million
  • British Airways was fined an eye-popping £20 million
  • Marriott International was also fined in excess of £20 million
  • Texas Department of Health and Human Services was fined more than $1.6 million
  • Of course, Google leads the pack with a mind-boggling €50 million fine

In many industries, multifactor authentication isn’t just smart cybersecurity, it’s a must-have that provides protection against compromised credentials and ransomware. With Passly, you not only get dynamic multifactor authentication with several options for token delivery, you also get secure shared password vaults that allow for extra safety precautions for essential server and system credentials and offer extra protection against cybercrime.

The biggest cybersecurity risk that you're facing today is phishing. Ransomware, spear phishing, business email compromise, and other pitfalls are all variants of phishing. So boosting phishing resistance with BullPhish ID is a key security enhancement that boosts a company’s overall security awareness. But only if companies engage in regular training – studies show that security awareness and phishing resistance training is extremely effective as long as it’s refreshed about every 4 months.

This is a great time to reach out to your clients to review their compliance posture – and do some outreach to prospects who may need a little help to improve their data compliance as well. The ID Agent digital risk protection platform has all the right tools to secure your business, and we're ready to help you make all the right choices.

The Week in Breach: A Note for Your Customers

Ransomware Recovery is Long and Expensive. Should You Just Pay the Ransom to Make it Easier?

Ransomware has been the story of the year in cybersecurity, as attacks have boomed by more than 40% since March 2020. This slippery, dangerous foe is a nightmare that can wreak havoc on your business and cost a fortune in restoration and recovery on top of the lost business and general damage.

No one wants to deal with ransomware. But since you’re already looking at an expensive proposition, can you save yourself the money, time, and headaches of undertaking a ransomware incident response by paying the ransom and getting the encryption key to unlock your systems and data – and will you get in legal trouble for doing it?

The answer is complicated. While paying the ransom may not be expressly prohibited by law, legal officials are not fans of the practice. The US Treasury issued new guidance this month urging people not to pay hackers, and noting that businesses could face civil penalties if they pay ransoms to hacker groups affiliated with sanctioned nation-states, a particular concern for the healthcare sector.

The better approach to protecting your business from phishing danger including ransomware is increased security awareness and phishing resistance training. Ransomware is most likely to arrive at your doorstep as the cargo of a phishing email, as well as other dangerous cyberattacks like business email compromise, spear phishing, and whaling.

Regular phishing resistance training and testing with a solution like BullPhish ID is extremely effective – security awareness training including phishing resistance can reduce your cybersecurity incident rate by up to 70%. No matter how you slice it, increased security awareness training is the best way to ensure that your employees are ready for the threats they face ahead to keep ransomware from taking your profits hostage.

DTS is very good at cybersecurity solutions for small businesses.

Seriously, we are, and we can prove it. We like being heroes!

We also know how intimidating technology can be, we make a living helping business owners and managers just like you who have questions about all things technology, and that includes cybersecurity.

Most small businesses do not have the technical resources or time to understand all this geek stuff. If this describes you, let us help you.

If you would like more information about cybersecurity as a service give us a call, we’re always happy to chat, and the call is free, every time you call!

Return to the Learning Center

Dedicated to your success,

Wally Moore

Business Development Manager

dts|infotech . . . secure computer networks that work

503.359.1275

www.dtsinfotech.com

 

GET HELP NOW