The Week in Breach: 10/30/19 – 11/05/19 | CloudSmart IT

The Week in Breach: 10/30/19 – 11/05/19

This week, negligence compromises user data, hackers attack digital points of sale, and SMBs struggle to hire top cybersecurity talent.

Dark Web ID Trends:

Top Source Hits: ID Theft Forums
Top Compromise Type: 
Domain
Top Industry: 
Education & Research
Top Employee Count: 
501+ Employees 


United States – Web.com

https://www.scmagazine.com/home/security-news/data-breach/web-com-discloses-breach-affecting-customer-account-info/

Exploit: Unauthorized database access
Web.com: Domain name registration and web services provider

twib-severeRisk to Small Business: 2.111 = Severe: An unauthorized third party accessed Web.com’s network, which compromised their customers’ personally identifiable information. The intrusion took place in August 2019, but IT personnel were not able to identify the breach until October 16th. Data breach notifications went out this week, but the significant detection delay will certainly compound the damage for both the company and its customers.
twib-severe Individual Risk: 2.285 = Severe: The breach compromised names, addresses, phone numbers, email addresses, and service information. Security experts believe that the breach extends beyond Web.com and includes users of Network Solutions and Register.com. This information often makes its way to the Dark Web where it can be repurposed for additional cyber-attacks or identity fraud. Anyone impacted by the breach should scrutinize their online communications, as hackers will use compromised data to orchestrate spear phishing attacks.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Survey after survey reveals that customers are increasingly wary of doing business with companies that can’t protect their personal information. This reality is only exacerbated when companies are slow to detect or respond to security incidents.
As a result, data security and response protocols are an integral part of doing business. In 2019, cybersecurity isn’t just for the IT department to consider. It needs to be a top-down priority that impacts every facet of the company. 


United States – sPower

https://www.zdnet.com/article/cyber-attack-hits-utah-wind-and-solar-energy-provider/

Exploit: Cyber-attack
sPower: Renewable energy provider

twib-extreme Risk to Small Business: 1.444 = Extreme: sPower was the victim of a cyber-attack that brought down its services and disconnected its hardware from the electrical grid. Although the attack occurred in April, the details are emerging as part of a Freedom of Information Act filing by reporters covering the energy sector. Hackers were able to leverage a vulnerability in the company’s firewall that allows outside entities to access their network. The event could significantly harm the company’s reputation within the energy industry, impacting its ability to land future contracts and compete with other companies.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Reputation management can mean the difference between earning the next contract and losing out to a competitor. In that regard, ensuring that your organization’s most prescient threats are accounted for can help avoid the bad press and brand erosion that follow in the wake of a cyberattack. While every industry’s threats are unique, every consumer or collaborator wants the same thing: sufficient cybersecurity to meet the moment. 


United States – City of San Marcos

https://www.sandiegouniontribune.com/communities/north-county/story/2019-10-31/san-marcos-city-computer-systems-hacked

Exploit: Cyber-attack
City of San Marcos: Local government municipality

twib-severeRisk to Small Business: 1.666 = Severe: Hackers accessed the city’s computer systems and restricted access to significant portions of their IT infrastructure. The attack, which began on October 24th, brought down email accounts and other communication services. As a result, messages sent to city employees were not delivered, though government facilities remain open. Recovering from the attack is proving especially difficult, as the services are still restricted for more than a week after the initial event. To prevent further attacks, employees are being asked to change their passwords and enable two-factor authentication on their accounts.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Many cybersecurity vulnerabilities can be mitigated by adopting adequate preventative measures. For instance, using strong, unique passwords and two-factor authentication can prevent hackers from using stolen credentials to access accounts and dig deeper into your company’s IT environment. As the costs associated with breach continue to pile up, the ROI on implementing cybersecurity defense becomes easily apparent. 


Canada – Ontario Science Center

https://www.cbc.ca/news/canada/toronto/science-centre-data-breach-1.5338334

Exploit: Unauthorized database access
Ontario Science Center: Science museum

twib-severe Risk to Small Business: 2.222 = Severe The Ontario Science Center endured a data breach after an employee of a third-party contractor downloaded personal data from the museum’s newsletter subscribers. The breach impacts subscribers, along with participants in camp programs and birthday parties. Although the breach is relatively restricted, it will still drain resources from an educational institution with better priorities in mind.
extreme gauge Individual Risk: 2.428 = Severe: The breach includes names and email addresses, but other personal or financial information was not included in the event. Despite the incident’s limited scope, this information can still be valuable in the hands of cybercriminals, and those impacted must enlist in identity and credit monitoring to stay protected.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Third-party collaborations are a normal part of business operations for most companies, but cybersecurity standards need to be considered when entering into a partnership. For instance, even though the Ontario Science Center wasn’t directly responsible for this data breach, the accountability will land squarely on their shoulders. 


France – Sixth June 

https://www.bleepingcomputer.com/news/security/sixth-june-fashion-site-hacked-to-steal-credit-cards/

Exploit: Malware attack
Sixth June: Fashion online store

twib-severeRisk to Small Business: 1.888 = Severe: Hackers infected Sixth June’s online store with e-skimming malware that is able to collect customer information at checkout. Despite the alarming nature of the attack, company leaders were slow to respond. Security researchers contacted Sixth June’s leadership team on October 20th, but the malware remained active five days later. This attack was especially covert as the hackers used a similarly registered domain name to disguise the malicious website. As a result, Sixth June customers were unlikely to discover malware without the company’s direct intervention.
extreme gauge Individual Risk: 2.142 = Severe: E-skimming malware attacks collect extremely sensitive personal information, including names, addresses, and payment information. While Sixth June hasn’t reported specific data compromised in this breach, any information that users provide at checkout is likely available to hackers. Those impacted by the breach should take every measure to secure their credentials, including notifying their financial institutions and enrolling in credit and identity monitoring services.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Although being the victim to a data breach is a nightmare for any business, it’s even worse when the response is slow or inadequate. Multiple cybersecurity experts have commented online and criticized Sixth June leadership for not responding to their warnings about the malware. The blowback for Sixth June could be immense. Regulatory consequences, reputational damage, and lost revenue will likely change the company’s trajectory going forward. 


Italy – UniCredit 

https://uk.reuters.com/article/us-unicredit-cyber/unicredit-hit-by-data-breach-of-italian-client-records-idUKKBN1X70HM

Exploit: Exposed database
UniCredit: Banking and financial services company

twib-severeRisk to Small Business: 1.555 = Severe: UniCredit recently discovered an exposed database containing the personal information for millions of the company’s customers. Shockingly enough, the database had been accessible since 2015. This is the company’s third data breach in recent years, and it sent their share price down by 4%. The bank is spending a significant amount of money to update its IT infrastructure to prevent such an event in the future, but that is unlikely to alleviate the reputational damage and regulatory repercussions heading their way.
extreme gauge Individual Risk: 2.428 = Severe: The exposed database contains the email addresses and phone numbers for the banks’ clients. Hackers did not have access to login credentials, but that doesn’t mean that those impacted by the breach are out of the woods. Personal details can be used to facilitate additional cybercrimes that can compromise even more sensitive information.

Customers Impacted: 3,000,000
How it Could Affect Your Customers’ Business: The path to restoring customer confidence after a data breach is one that is not well-charted. However, companies are testing their customers’ limits when they endure multiple cybersecurity incidents. Each episode forces businesses to restart the restoration process. Knowing what happens to exposed or stolen customer data is the first step to a swift response that can revive customer confidence. 


Australia – 7-Eleven

https://www.infosecurity-magazine.com/news/drivers-data-exposed-in-7eleven/

Exploit: Accidental data exposure
7-Eleven: Convenience store and gas station chain

twib-severe Risk to Small Business: 2 = Severe: Australian customers using 7-Eleven’s app designed to help drivers reduce fuel costs were able to view the personal information of other customers after logging in to the platform. In response, the company brought the app offline to identify a suitable solution. The company later relaunched a repaired app several hours later, but the damage had already been inflicted.
twib-severe Individual Risk: 2 = Severe: Personally identifiable information, including names, email addresses, cell phone numbers, and dates of birth were exposed. Only one customer reported accessing this data, but it’s possible that it was made available to many more, including bad actors who were aware of the vulnerability. It’s better to be safe than sorry, so it’s recommended that anyone impacted by the breach enroll in identity monitoring services to protect the integrity of their information.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This incident serves as a reminder that a simpler user experience should never come at the expense of data security. 7-Eleven app developers failed to identify a relatively simple flaw in their system, and this oversight will have untold consequences for their customer base and ability to innovate in the future. In other words, technological advancement and cybersecurity need to go hand-in-hand. 


Australia – Exchange for Change 

https://www.brewsnews.com.au/2019/11/01/brewers-hit-by-nsw-container-deposit-scheme-data-breach/

Exploit: Accidental data sharing
Exchange for Change: Coordinator of litter reduction program

twib-severe Risk to Small Business: 1.666 = Severe: Exchange for Change inadvertently emailed invoices containing financial information to various competitors participating in the litter reduction program. The error has compounded public scrutiny of the program, which has had several problems in its rollout. While the company made clear that their network had not been compromised, the accidental sharing will have many of the same repercussions, including reputational damage and potential customer defections.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Today’s companies face a litany of cybersecurity threats, so self-inflicted wounds are especially frustrating and problematic. Of course, human error isn’t just limited to accidental sharing. There are multiple threats that companies can diffuse simply by preparing their employees to be successful at this critical imperative.

Risk Levels:

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 615.610.3500 today for your no-cost, no-obligation consultation.