There were some big breaches this week, including the IRS! Read more about that, and some of the other big breaches that took place and why being secure matter more now than ever.
U.S. Internal Revenue Service (IRS)
https://news.yahoo.com/irs-inadvertently-publishes-120-000-234841222.html
Exploit: Human Error
U.S. Internal Revenue Service: Federal Government Agency
Risk to Business: 2.026 = Severe
The U.S. Internal Revenue Service on Friday acknowledged that thanks to an employee error, the agency accidentally published confidential information about 120,000 taxpayers on its website. The compromised data came from Form 990-T filings. This form is required for people with individual retirement accounts who earn certain types of business income within retirement plans. While the forms for individuals are supposed to be confidential, charities that generate certain types of income are also required to file Form 990-T, and those are intended to be public. An employee mistakenly uploaded private taxpayers’ data to the agency’s website along with the public charity data.
Risk to Individual: 2.406 = Severe
Exposed taxpayer data includes names, contact information, and financial information about IRA income The exposed data did not include Social Security numbers, full individual income information, detailed financial account data, or other information that could impact a taxpayer’s credit.
How It Could Affect Your Customers’ Business: Human error is the top cause of cybersecurity trouble, but training helps reduce the risk of a data disaster related to employee mistakes.
U-Haul International
Exploit: Credential Compromise
U-Haul International: Moving & Storage Company
Risk to Business: 2.779 = Moderate
U-Haul International disclosed a data breach related to its customer contract search tool. U-Haul says that attackers accessed some customers’ rental contracts between November 5, 2021, and April 5, 2022, after compromising two passwords. U-Haul’s email and customer-facing websites were not impacted.
Risk to Individual: 2.626 = Moderate
Hackers gained access to customers’ names and driver’s license information, but U-Haul says that no credit card information was accessed or acquired during the incident.
How It Could Affect Your Customers’ Business: Cybercriminals have been concentrating their fire on suppliers and service providers, elevating risk for them.
The North Face
https://www.bleepingcomputer.com/news/security/200-000-north-face-accounts-hacked-in-credential-stuffing-attack/
Exploit: Credential Stuffing
The North Face: Clothing Brand
Risk to Business: 1.677 = Severe
California-based outdoor clothing company The North Face disclosed that it has had a data breach after a successful credential stuffing attack exposed the information of an estimated 200,00 customers. The company said that the attack on its website began in late July 2022 and was finally stopped in August 2022. Investigators determined that bad actors had accessed shoppers’ information shortly thereafter.
Risk to Individual: 1.636 = Severe
Exposed data includes a customer’s full name, purchase history, billing address, shipping address, telephone number, account creation date, gender and XPLR Pass reward records.
How It Could Affect Your Customers’ Business: Educational institutions have been high on cybercriminal priority lists, and the time pressure here made this attack an attractive prospect for the bad guys.
Bell Technical Solutions (BTS)
Exploit: Ransomware
Bell Technical Solutions: Telecommunications Services
Risk to Business: 2.712 = Moderate
The Hive ransomware group has claimed responsibility for a ransomware strike on Bell Technical Solutions (BTS), a subsidiary of Bell Canada. BTS provides installation services for the telecom. Hive just published a claim on its dark web leak site saying that it encrypted BTS systems almost a month ago. BTS’ website is currently inaccessible. Parent company Bell Canada published a cybersecurity alert following the incident on its own website
Risk to Individual: 2.834 = Moderate
The Hive ransomware group has claimed responsibility for a ransomware strike on Bell Technical Solutions (BTS), a subsidiary of Bell Canada. BTS provides installation services for the telecom. Hive just published a claim on its dark web leak site saying that it encrypted BTS systems almost a month ago. BTS’ website is currently inaccessible. Parent company Bell Canada published a cybersecurity alert following the incident on its own website
How it Could Affect Your Customers’ Business: Critical infrastructure targets like utilities have been squarely in cybercriminal sights as ransomware targets.
Argentina – Buenos Aires Legislature
https://therecord.media/buenos-aires-legislature-announces-ransomware-attack/
Exploit: Ransomware
Buenos Aires Legislature: Municipal Government Body
Risk to Business: 1.219 = Extreme
Legislators in Argentina’s capital Buenos Aires were left unable to access information systems or wifi in the legislature’s facility after a successful ransomware attack last week. The incident was discovered on September 11, 2022, and persisted into the week. Officials say they took measures to contain the attack immediately and they’re working quickly to restore all operations. No ransomware group has claimed responsibility for this attack.
How it Could Affect Your Customers’ Business: Government agencies have been popular ransomware targets over the last few years.
France – Damart
Exploit: Ransomware
Damart: Clothing Retailer
Risk to Business: 1.863 = Severe
Clothing store Damart has been taken down by ransomware in an attack by the Hive cybercrime gang. The company, with more than 130 stores worldwide, has had a variety of systems encrypted and operations, including sales and customer service, have been disrupted since August 15. The threat actors haven’t posted the victim on their extortion site, but reports say that they’re demanding a $2 million ransom. Damart (through parent company Damartex) says that it has not negotiated with the cybercriminals and it has informed the French national police of the incident.
How it Could Affect Your Customers’ Business: This breach is bound to have expensive consequences for Damart once regulators get through with them
United Kingdom – Eurocell
https://securityaffairs.co/wordpress/135480/data-breach/nato-docs-stolen-from-portugal.html
Exploit: Hacking
Eurocell: PVC Manufacturing
Risk to Business: 2.122 = Severe
Derbyshire-based PVC manufacturer and building products distributor Eurocell has begun informing former employees that their information may have been stolen in a data breach after bad actors obtained access to the company’s systems. An estimated 2000 current employees and an unknown number of former employees may have been affected.
Risk to Business: 2.236 = Severe
Among the data compromised are employment terms and conditions, PII like names, dates of birth and next of kin, financial information including bank account, NI and tax reference numbers, right to work documents, health and wellbeing documents, learning and development records and disciplinary and grievance forms.
Risk to Business: 2.017 = Severe
The BlackCat/ AlphV ransomware group is allegedly responsible for a ransomware attack that landed on two subsidiaries of the Encevo Group, a Luxembourg-based energy supplier. The company disclosed that energy network operator Creos and supplier Enovos had been affected. The attack took down customer portals for both companies but did not affect the supply of electricity and gas. The Encevo Group is partially owned by the government of Luxembourg. The attackers claim to have stolen 150 GB of data that they said includes contracts, passports, bills and emails although that has not been confirmed by Creos, Enovos or the Encevo Group.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Customers’ Business The energy sector has been a popular target for the bad guys who are continuing to pound critical infrastructure with ransomware attacks.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
Three Factors that Make a Data Breach More or Less Expensive- Are you ready for the consequences of a data breach?
A data breach is an expensive disaster for any organization. As the IBM Cost of a Data Breach 2022 report revealed, the cost of a data breach has gone up, reaching $4.35 million this year, a new record. That’s an increase of 2.6% from the 2021 data breach cost of $4.2 million per incident, and a substantial increase in the cost of a breach in a two-year span, up 12.7% from 2020’s $3.86 million. Many factors can impact the cost of a data breach. Here’s a look at three cost factors that can increase or decrease the cost of a data breach for most organizations.
These 4 Variables Impact the Cost of a Data Breach
When looking at the overall picture of contributing factors to increased and decreased cost for organizations that experience a data breach, it’s easy to see that some circumstances, technologies and investments can greatly increase or decrease the cost of a data security event. Unfortunately, most IT professionals know that in today’s volatile cybercrime landscape, it’s no longer a question of “if” when it comes to a company experiencing a data breach, it’s a “when”. Especially when factoring in risks that are beyond your client’s control like supply chain trouble. Taking a look at this chart of factors that impact the cost of a data breach can help you guide your clients into making security investments and process improvements that will help them avoid additional expense in the event of a data breach.
Reduces cost: AI & security automation
First, the good news: AI and security automation are great ways to reduce the cost of a data breach. This is the fifth year that researchers have examined the impact of those technologies on the cost of a data breach. Companies that have taken the plunge and transformed their security with automation and AI-powered tools save a substantial sum in the event that they have a data breach. Researchers determined that a data breach in an organization that has fully deployed security AI and automation costs $3.05 million less than breaches at organizations with AI and automation deployed. That’s a huge 65.2% difference in average breach. The higher the level of AI and automation, the more a company saves in breach costs. AI and security automation came out on top as the number one factor that can reduce the cost of a data breach for a company.
Source: IBM
Drives cost up: remote workers
Now for some bad news: remote work is a factor that can drive the cost of a data breach up. Companies that support almost total or a totally remote workforce (81 – 100% of their workers) are in the best position here, but their breach costs will still be higher than the baseline average ($4.35 million) at $5.10 million. That’s slightly lower than the increase in data breach cost experienced by companies in this cohort in 2021, but still a major increase from the average. In all other cases, the cost of a data breach when supporting a remote workforce in 2022 is significantly higher than it was in 2021.
Remote workforce support has been a challenge for businesses force to pivot quickly at the start of the global pandemic. IBM has been tracking the impact of remote workers on the cost of a data breach for three years in response to that development. A major complication that businesses that support a remote workforce face in the event of a data breach is whether or not that breach was directly caused by a remote worker. There’s a considerable effect on the cost of a breach when a remote worker was the root cause of the breach, like when a remote worker falls for a phishing attack that leads to credential compromise. On average, a data breach caused by a remote worker adds about $1 million to the bill or 21.5% more than the general average.
Source: IBM
Drives cost up: compliance failures
It’s no surprise that regulatory penalties and compliance failures drive the cost of a data breach up. This factor is one of the most worrisome aspects of a breach for companies in highly regulated industries and may result in fines and penalties that tack on big bills years after the data breach takes place. In fact, a data breach that features any level of compliance failures adds about $258k to the total bill. The higher the level of compliance failures, the bigger the price tag, with a difference of $2.26 million, or 50.9%, between high levels and low levels of compliance failure in the event of a breach. Compliance failures are the third biggest factor in increasing the cost of a data breach behind cloud migration in second place and security system complexity in first place.
Source: IBM
Compliance failures pack a big punch. Organizations lose an average of $4 million in revenue due to a single non-compliance event. The penalties for compliance violations vary wildly by statute, severity, industry and geography, but here are a few averages to keep in mind:
- For a HIPAA violation, a company could be looking at penalties ranging from $100 to $50,000 per violation (or per record).
- A GDPR penalty could set a company back up to 4% of its annual global revenue or 20 million euros ($22.8 million).
- A company in breach of PIPEDA requirements can be fined up to $100,000 for each violation.
Choose Security Solutions That Can Get the Job Done
You and your employees can feel confident that you’ve made a smart move when you choose our cybersecurity solutions that include automated components and a robust menu of features.
- Security awareness and compliance training plus phishing simulation
- Dark web monitoring
- Email security
- Plus More!
Our Approach to Cybersecurity
Business Runs on IT
We provide a comprehensive cybersecurity service so that you can spend more time doing what you do best- running your business. From installation to long-term management and support, we’ll always be there!