The Week in Breach: 10/16/19 – 10/22/19 | CloudSmart IT

The Week in Breach: 10/16/19 – 10/22/19

This week, ransomware will cost companies critical revenue, repeat offenders put customer loyalty at risk, and businesses fail to account for the risks of compromised employee credentials.

Dark Web ID Trends:

Top Source Hits: ID Theft Forums
Top Compromise Type: 
Domain
Top Industry: 
Finance & Insurance
Top Employee Count: 
1 – 10 Employees 


United States – Alphabroder 

https://www.asicentral.com/news/newsletters/promogram/october-2019/alphabroder-suffers-ransomware-attack/

Exploit: Ransomware attack
Alphabroder: Promotional product supplier

twib-severeRisk to Small Business: 1.555 = Severe: A ransomware attack temporarily halted Alphabroder’s processing and shipping platform. Since the ransomware prevented the company from executing orders, Alphabroder was forced to make a statement on social media and interrupt most business processes. Alphabroder did subscribe to cybersecurity insurance to help offset the costs, but the reputational damage and long-term infrastructure costs can be difficult to quantify and are capable of significantly dampening the company’s financial prospects in the near term.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Cybercriminals are always looking for new ways to profit from businesses’ IT vulnerabilities. Unfortunately, these bad actors only have to execute their strategy once to inflict incredible long-term damage on a company. This complicated threat landscape makes it especially important that businesses regularly assess their cybersecurity stance to ensure that they are ready to defend whatever comes their way. 


United States – Stripe

https://www.bleepingcomputer.com/news/security/stripe-users-targeted-in-phishing-attack-that-steals-banking-info/

Exploit: Phishing attack
Stripe: Online payment processing company

twib-severeRisk to Small Business: 1.888 = Severe: Hackers are deploying fake and invalid Stripe support alerts to engage customers and procure user credentials. After clicking on the fictitious support alert, users are prompted to enter their bank account information and user credentials on a fake customer login page. This isn’t the first time that Stripe customers have been targeted in phishing attacks, and such attacks are becoming increasingly sophisticated and prevalent.
twib-severe Individual Risk: 2.428 = Severe: Given that Stripe is an online financial platform, users can easily be tricked into providing their most sensitive personal data to cybercriminals. It’s unclear if any Stripe customers have fallen for this phishing scam, but any users who responded to one of these malicious messages had their personal data compromised. They should immediately report this to Stripe and their other financial institutions, and they should take steps to ensure their data’s long-term integrity.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Cybersecurity has taken center stage among customers and employees, and both are demonstrating an unwillingness to work with companies that can’t protect their information. Especially for companies operating in a crowded and competitive market, top-shelf cybersecurity standards are a prerequisite to a thriving business model. 


United States – Pitney Bowes Inc. 

https://www.zdnet.com/article/pitney-bowes-claims-customer-data-safe-following-malware-attack/

Exploit: Malware attack
Pitney Bowes Inc.: Mail management company

twib-severeRisk to Small Business: 2.111 = Severe: A malware attack prevented Pitney Bowes’ employees and customers from accessing critical services. The company, which specializes in mail management, lost business directly as a result of the attack. Customers were unable to refill postage or upload transactions on their mailing machines. In addition, news of the announcement sent the company’s shares down 4%, which underscores the many ways that a cybersecurity incident can negatively impact a company’s bottom line.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Regardless of the attack methodology, cybersecurity events are incredibly costly for companies. In this case, Pitney Bowes was punished by investors, lost revenue opportunities, and endured reputational damage that will have long-term implications for the company. Given the high cost of recovery, pursuing robust cybersecurity services is a bargain. 


Canada – The Canada Post

https://www.ctvnews.ca/canada/canada-post-investigating-whether-some-customer-data-was-compromised-in-2017-1.4642932

Exploit: Credential stuffing attack
The Canada Post: Primary postal operator in Canada

twib-severe Risk to Small Business: 2.444 = Severe The Canada Post recently acknowledged that it discovered a data breach from 2017. The credential stuffing attack relied on redundant username and password credentials obtained from previous hacks to access user accounts. The postal provider was unable to identify the scope of the attack, so Canada Post is resetting all user account passwords.
correct severe gauge

 

Individual Risk: 2.571 = Moderate: The postal operator did not provide specific insights into compromised data, but the lengthy gap between intrusion and identification increases the likelihood that compromised accounts ended up on the Dark Web or leveraged for fraud. All users should review account credentials to ensure that they are not using similar passwords across accounts, or double-dipping, which would make them vulnerable to future threats.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Credential stuffing attacks are a natural consequence of years of data breaches that have compromised billions of records. Since many customers reuse the same username and password combinations across multiple accounts, it can be an easy way for hackers to infiltrate other accounts and access even more user data. In response, businesses should do a better job of encouraging strong, two-factor passwords, while also identifying compromised credentials before they are reused in a credential stuffing attack. 


United Kingdom – Sonic Jobs 

https://www.cisomag.com/recruitment-sites-exposes-250000-resumes-online/

Exploit: Exposed database
Sonic Jobs: Job recruitment website

twib-severeRisk to Small Business: 2.111= Severe: An exposed database revealed the personal information of thousands of job seekers. Sonic Jobs, which partnered with Amazon Web Services for its database, failed to change the database configuration to private, meaning that all users could view the details of job applicants and anyone who knew the locations of the servers could have downloaded the information.
extreme gauge Individual Risk: 2= Severe: The exposed data was provided by job seekers, and it includes their names, addresses, contact information, and work experience. This information can quickly be sold on the Dark Web, where it can be used to facilitate other cyber crimes including phishing and identity scams. To protect themselves, anyone impacted by the breach should enroll in identity monitoring services while also being especially critical of unusual or unexpected communications.

Customers Impacted: 29,202
How it Could Affect Your Customers’ Business: In its response, Sonic Jobs cited its limited resources as one reason that the database’s configuration went undetected. Unfortunately for the company, consumers and global regulators don’t look at this metric when deciding how to respond to a data breach. Given the enormous financial and reputational costs of a data breach, acquiring the services to assess and secure your cybersecurity landscape is a no brainer. 


France – M6 Group 

https://www.zdnet.com/article/m6-one-of-frances-biggest-tv-channels-hit-by-ransomware/

Exploit: Ransomware attack
M6 Group: Privately owned multimedia group

twib-severeRisk to Small Business: 1.777 = Severe: Cybercriminals attempted to bring M6’s TV and radio channels offline using a ransomware attack. However, employees’ rapid identification and response time prevented the malware from disrupting programming. The company’s email and phone services did not escape the attack, remaining offline for several days after the attack. Several media outlets have been targeted with costly ransomware attacks this year, but M6 was able to sidestep more sinister consequences.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: When it comes to cybersecurity, a company’s employees can either be a vulnerability or an asset. In almost every case, this distinction is forged through training and preparedness. In this case, employees’ quick detection and response prevented an even more catastrophic ransomware attack. Rather than leaving cybersecurity up to chance, provide your employees with comprehensive cybersecurity training so that they can serve as an extra layer of protection against a litany of threats. 


Australia – CSL

https://www.smh.com.au/business/companies/doctor-patient-details-allegedly-stolen-in-csl-espionage-scandal-20191017-p531k5.html

Exploit: Insider data theft
CSL: Biotherapy provider

twib-extreme Risk to Small Business: 1.333 = Extreme Risk: A former high-level company executive stole a treasure trove of company details that he used to procure a job with a competitor. In addition to millions of pages of trade secrets, sales information, research, and testing information, the former executive procured the information on 800 doctors working with the company. These people are contracted by the company to influence other doctors and industry members and losing these contacts could prevent CSL from capitalizing on the exclusive thought leadership of these members.
twib-severe Individual Risk: 1.857 = Severe: Although the doctors’ data was stolen for business purposes, those impacted by the breach should be aware that their information was used in an unethical and illegal manner by CSL’s former employee.

Customers Impacted: 800
How it Could Affect Your Customers’ Business: CSL’s data breach is a reminder that customer data isn’t the only thing at risk in today’s digital environment. Trade secrets, intellectual property, and valuable industry contracts are all up for grabs, and this information can quickly be deployed by your competitors to undercut your advantage or to short-circuit your strategies. Therefore, when considering your cybersecurity strategy, devise a holistic plan to protect all of your valuable company data. 


New Zealand – NZ First 

https://www.stuff.co.nz/national/politics/116409225/major-leak-of-nz-first-membership-database-exposes-personal-details

Exploit: Database exposure
NZ First: Political party in New Zealand

twib-severe Risk to Small Business: 1.555 = Severe: A bad actor shared confidential information on a political party’s members with reporters. The incident is being described as “deliberate and malicious.” The data breach follows recent complaints about the party’s internal candidate selection process. Members whose data was distributed were furious, speaking with the media about their frustration over the party’s data management.
twib-severe Individual Risk: 1.857 = Severe: The compromised data reveals personally identifiable information, including names, addresses, email addresses, phone numbers, and party member due status. This information can quickly spread on hacker forums or the Dark Web where it is often used to execute additional cybercrimes. Therefore, those impacted by the breach should be especially vigilant about monitoring their accounts, and they should consider enrolling in identity monitoring services to ensure that their information isn’t being misused.

Customers Impacted: 800
How it Could Affect Your Customers’ Business: Beyond the obvious political ramifications, the incident underscores the importance of holistic data security at a time when personal data can be either an asset or a liability. This breach could discourage people from formally affiliating themselves with the party through membership. Similarly, businesses that fail to protect user data in one instance almost always endure long-term consequences that are even more significant than the initial breach.

Risk Levels:

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.