The Week in Breach: 09/04/19 – 09/10/19 | CloudSmart IT

The Week in Breach: 09/04/19 – 09/10/19

This week, a company loses competitive edge due to breach, healthcare providers struggle to protect PII, and compromised email accounts top the list of cyber insurance claims.

Dark Web ID Trends:

Top Source Hits: ID Theft Forums 
Top Compromise Type: 
Domain
Top Industry: 
High-Tech & IT
Top Employee Count: 
1 – 10 Employees 


United States – Fraser
https://finance.yahoo.com/news/fraser-email-compromised-phishing-scheme-145900144.html

Exploit: Phishing scam
Fraser: Provider of education, housing, and healthcare services for children and adults with special needs

twib-severeRisk to Small Business: 1.555 = Severe: A phishing scam successfully compromised an employee email account, giving hackers access to a spreadsheet containing information from the Fraser waitlist. In response, Fraser contacted a third-party IT vendor within hours of discovering the breach and was able to secure its network. Needless to say, a reactive response will not mitigate the damage inflicted on those impacted by the breach. Fraser will likely face intense regulatory scrutiny in the near future, as the information accessed is considered protected health information.
twib-severe

Individual Risk: 1.555 = Severe: The data breach did not reveal customers Social Security numbers or credit card information, but plenty of personally identifiable information was made available to hackers. This includes customers’ names, Fraser ID numbers, zip codes, and treatment notes. Affected individuals should carefully monitor their accounts for suspicious activity and consider contacting the hotline that Fraser recently opened up.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Despite a company’s best efforts, some phishing scams inevitably make their way to employees’ inboxes. Since a single click can compromise incredible amounts of sensitive data, businesses of all sizes must prioritize the awareness training that can render such attacks useless. With the cost of a data breach continually increasing, addressing this vulnerability can be one of your company’s best investments.

ID Agent to the Rescue: BullPhish ID™ simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.

 

United States – CircleCI 
https://securityboulevard.com/2019/09/circleci-reports-of-a-security-breach-and-malicious-database-in-a-third-party-vendor-account/

Exploit: Unauthorized database access
CircleCI: Continuous integration and delivery platform

twib-severeRisk to Small Business: 2 = Severe: Cybercriminals gained access to a third-party database for CircleCI, which compromised customer information and company data. The breach was uncovered when an employee noticed unusual account activity and notified the CirlceCI security team. Nevertheless, the breach went undetected for nearly a month, impacting customers who accessed the platform from June 30th through August 31st. CircleCI worked with a security provider to repair the vulnerability, but their failure to adequately protect user data will remain a stain on their reputation, a less-quantifiable but uniquely important facet of doing business in 2019.
correct severe gaugeIndividual Risk: 2.571 = Moderate: Customer data that was compromised included usernames, email addresses, and organization names. This data can quickly make its way to the Dark Web where it can be used to facilitate additional cybercrimes. Fortunately, authentication tokens, passwords, and payment information were not involved in the incident. Those impacted should be mindful of suspicious communications, and they should monitor their accounts for any unusual activity.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Working with third-party vendors is an inevitability for most companies, but such partnerships can manufacture additional cybersecurity vulnerabilities that need to be addressed. For businesses looking to avoid a data debacle, evaluating security standards should be a prerequisite to any professional partnership involving the exchange of sensitive data.

ID Agent to the Rescue: Dark Web ID™ alerts MSPs when their customers’ employee emails and passwords have been compromised and are for sale to the highest bidder, before a breach occurs. Learn how you can partner up with us here: https://www.idagent.com/dark-web.

 

United States – Artesia General Hospital 
https://www.beckershospitalreview.com/cybersecurity/new-mexico-hospital-alerts-14-000-patients-of-data-breach.html

Exploit: Phishing scam
Artesia General Hospital: Healthcare provider offering primary and specialty health services

twib-severe

Risk to Small Business: 1.666 = Severe: An unauthorized third party compromised an employee’s email account, which included patient information. Hackers had access to the account between June 11th and June 18th, but it’s unclear if the patient data was viewed. Artesia General Hospital is prioritizing staffing training about suspicious emails, but a reactive response will not restore the exposed patient data or lessen impending fines that almost always follow a healthcare-related breach.

twib-severeIndividual Risk: 2.285 = Severe: Patient data was exposed in the breach, including names, dates of birth, medical record or account numbers, health insurance information, and treatment information. In addition, some patients had their Social Security numbers compromised. Personally identifiable information has an established market online, and it can be difficult to prevent its distribution once accessed. Those impacted by the breach should be especially mindful of unusual communications or account activity, as those can be indications of data misuse.

Customers Impacted: 13,905
How it Could Affect Your Customers’ Business: Comprehensive awareness training about the prevalence and best practices regarding phishing campaigns is a necessary step, but those initiatives have to be in place before a data breach in order to truly be effective. Phishing scams will inevitably land in your employees’ inboxes and developing a readiness posture can prevent them from exploiting additional vulnerabilities or instigating a data breach.

ID Agent to the Rescue: Monitoring the Dark Web for stolen credentials is critical for MSPs who want to provide comprehensive security to their customers. BullPhish ID compliments that data with simulated phishing attacks and security awareness training campaigns to educate employees, making them the best defense against cybercrime: https://www.idagent.com/bullphish-id.

 

United States – Foxit Software
https://www.oodaloop.com/briefs/2019/09/02/foxit-software-discloses-data-breach-exposing-user-passwords/

Exploit: Unauthorized database access
Foxit Software: Developer of portable document format software

twib-severeRisk to Small Business: 2.111 = Severe: Bad actors hacked into Foxit Software’s database, which contained the personal details of customers using the platform with a free account. In response, the company is encouraging all users to reset their passwords. In a competitive software environment, Foxit Software will have to grapple with the financial and reputational implications of a data breach, both of which can significantly impact the company’s bottom line.
twib-severeIndividual Risk: 2.428 = Severe: The accessed database included “My Account” data that contained personal information such as names, email addresses, passwords, phone numbers, company names, and IP addresses. It’s unclear if passwords were encrypted, and Foxit is warning customers to be wary of phishing scams that could leverage compromised data to promulgate damaging campaigns.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Customers and employees are increasingly unwilling to remain with platforms that can’t protect customer data, making data breaches a logistical and PR nightmare for any company. Therefore, when information is compromised, companies need to be swift and robust in their response. Providing supportive services that can identify how data is used after it is stolen can hasten a holistic recovery effort.

ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID is the leading Dark Web monitoring platform in the Channel. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo todayhttps://www.idagent.com/dark-web/#contact.

 

United States – UC Health 
https://www.bizjournals.com/cincinnati/news/2019/09/05/uc-health-phishing-attack-may-have-compromised.html

Exploit: Phishing scam
UC Health: Healthcare network based in Cincinnati, Ohio

twib-severeRisk to Small Business: 1.888 = Severe: A phishing attack successfully duped hospital employees into compromising patients’ medical records. The breach, which was disclosed on September 4th and discovered on July 6th, impacted email accounts until July 12th. In response, UC Health is updating its email security policies and providing an employee education program to prevent a similar breach in the future. Unfortunately, future-focused initiatives won’t help those whose information is already compromised. To compound the issue, the healthcare provider will now face regulatory scrutiny, bad press, and additional costs of recovery that could have been entirely prevented.
twib-severeIndividual Risk: 2.142 = Severe: The compromised employee accounts contained limited amounts of patient data, including names, dates of birth, medical record numbers, and clinical information. Patients are encouraged to review their accounts for suspicious activity, and UC Health has established an incident hotline where anyone can report possible malfeasance.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: The ROI on proactive security measures continues to rise in the face of crippling breaches which come with costly implications. This incident serves as a cautionary tale for all SMBs and highlights the importance of securing customer and employee data before it is compromised.

ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal AssistTM we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for dark web monitoring. Learn more here: https://www.idagent.com/goal-assist.

 

Canada – Yves Rocher 
https://www.infosecurity-magazine.com/news/data-leak-affects-25m-customers/

Exploit: Unprotected database
Yves Rocher: Cosmetics and beauty brand

twib-severeRisk to Small Business: 2 = Severe: An unprotected database exposed the personal information of millions of Yves Rocher’s Canadian customers and intimate details about the company’s inner workings. Not only is Yves Rocher tasked with supporting the millions of customers impacted by the breach, the company data could be incredibly valuable to competitors who can gain unparalleled insights into Yves Rocher’s strategies, performance, and future promotions. Companies can pair this data with the customer information available from the breach to create precisely targeted advertising campaigns that could lure customers away from Yves Rocher. To make matters worse, security researchers found that employee credentials from a previous data breach were still compromised, allowing anyone to access other databases where they could modify or delete information.
extreme gaugeIndividual Risk: 2.285 = Severe Risk: The exposed database included significant amounts of personal information, including names, phone numbers, email addresses, birth dates, zip codes, transaction history, and store location.

Customers Impacted: 2,500,000
How it Could Affect Your Customers’ Business: There is always a direct cost to a data breach, but the ancillary expenses can be even more catastrophic than the original charge. In this case, Yves Rocher could have their business practices significantly undermined as competitors use their lax data security to their competitive advantage. It’s a reminder that data security isn’t just an altruistic priority, it’s a bottom-line issue that every company needs to grapple with.

ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at: https://www.idagent.com/dark-web.

 

United Kingdom – Monster.com 
https://www.itpro.co.uk/data-breaches/34347/monstercom-job-seeker-data-exposed-in-third-party-leak

Exploit: Exposed database
Monster.com: Job recruitment website

twib-severeRisk to Small Business: 1.888 = Severe: A database belonging to a former Monster.com partner was discovered online. The file contained the personal information from thousands of US and UK users who uploaded their CVs to the job recruitment website. The breach applies to those who uploaded their CVs between 2014 and 2017, but the server wasn’t secured until last month. Since many of those impacted by the breach reside in the EU, the company will face serious GDPR fines along with less quantifiable consequences.
twib-severeIndividual Risk: 2.285 = Severe: The personal information of users, uploaded as part of their CVs, was readily available online. This includes names, addresses, phone numbers, email addresses, and work history. This data is often used to facilitate other cybercrimes including advanced phishing attacks and identity fraud. Therefore, those impacted by the breach should enroll in credit and identity monitoring services to ensure that their information isn’t being misused.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Today’s regulatory landscape makes data security a top priority at every level. For Monster.com, failing to account for the data security status of their vendors could cause them to incur fines that will negatively impact revenue, creating additional downstream repercussions. For companies that are fortunate enough not to have experienced a data breach, evaluation and fortification can help ensure that their information remains secure and their bottom line is protected.

ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at: https://www.idagent.com/dark-web/.

 

France – Option Way 
https://www.scmagazine.com/home/security-news/flight-booking-site-option-way-exposed-personal-info-on-customers/

Exploit: Unprotected database
Option Way: Flight booking website

twib-severeRisk to Small Business: 1.666 = Severe: Incorrect password reset links exposed the personal information of Option Way customers and it provided a leverage point for hackers to access the company’s broader IT infrastructure. Security researchers accessed more than 100GB of company data that included personally identifiable information, billing data, and employee credentials. Taken together, the exposed database raises serious concerns about the platform’s ability to secure company and customer data. In an industry that has historically been cutthroat in regard to acquiring customers and turning profits, such an incident can leave an irreparable blemish on the company’s brand and overall reputation.
twib-severeIndividual Risk: 2.428 = Severe: The exposed database included unencrypted personal information, such as names, birth dates, travel destinations, flight prices, and departure dates. In addition, credit card details were viewable by anyone with access to the database, making it a veritable treasure trove for bad actors perpetrating identity theft or financial fraud. Therefore, those impacted by the breach should enroll in credit and identity monitoring services to ensure that their data isn’t misused now or in the future.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Exposed databases are self-inflicted wounds that come with sizeable price tags. Not only do businesses have to carry the cost of recovery, but the reputational damage can have a meaningful impact on their bottom line. As a result, every business should prioritize regular assessments of their cybersecurity threat landscape, ensuring that their defenses are adequate and that their systems are secure.

ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.


Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.