The Week in Breach News: 11/17/21 – 11/23/21 | CloudSmart IT

The Week in Breach News: 11/17/21 – 11/23/21

GoDaddy is back in the hot seat after another massive breach exposes data for more than 1 million users, an insider incident in Ohio raises election security concerns, and a data breach at Australia’s copyright authority.



GoDaddy

https://techcrunch.com/2021/11/22/godaddy-breach-million-accounts/

Exploit: Credential Compromise

GoDaddy: Web Hosting Provider 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.527= Severe

GoDaddy has reported a data breach that may impact more than 1 million customers who use the service for WordPress hosting. The company detailed the incident in an SEC filing, declaring that it had detected unauthorized access to its systems where it hosts and manages its customers’ WordPress servers when someone used a compromised password for access around September 6. GoDaddy said it discovered the breach last week on November 17. The company warned that active customers had their sFTP credentials (for file transfers), and the usernames and passwords for their WordPress databases, which store all the user’s content, exposed in the breach. In some cases, the customer’s SSL (HTTPS) private key was exposed, which if abused could allow an attacker to impersonate a customer’s website or services. 1.2 million active and inactive managed WordPress users had their email addresses and customer numbers exposed in this incident.

Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted: 1.2 million

How It Could Affect Your Customers’ Business: Third-party security risk is increasingly common in an interconnected world and building strong defenses helps protect against this unexpected danger.


California Pizza Kitchen

https://techcrunch.com/2021/11/18/california-pizza-kitchen-data-breach/

Exploit: Hacking

California Pizza Kitchen: Fast Casual Restaurant Chain

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.212=Severe

US casual dining chain California Pizza Kitchen has had a data security breach that impacts current and past employees. In a statement, the company disclosed that its systems were infiltrated by an unauthorized user on September 15. Those cybercriminals gained access to an undisclosed amount of data including employee records that contained at least employee names and SSNs.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.907=Severe

In a filing with the Maine attorney general’s office, the company reported that 103,767 current and former employees had their names and Social Security numbers exposed.

Customers Impacted: 103,767

How It Could Affect Your Customers’ Business A failure to secure employee data can be just as damaging and expensive as a failure to secure consumer data.


Lake County Board of Commissioners 

https://www.washingtonpost.com/politics/attempted-breach-ohio-election/2021/11/19/12417a4c-488c-11ec-b8d9-232f4afe4d9b_story.html

Exploit: Insider Incident

Lake County Board of Commissioners: Election Regulator

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.502=Severe

The Washington Post is reporting that a data security incident occurred at the Lake County, Ohio Board of Elections. The attempted breach occurred on May 4 inside the county office of John ­Hamercheck (R), president of the Lake County Board of Commissioners. In this incident, a private laptop was plugged into the county network in Hamercheck’s office, capturing routine network traffic. That information was then distributed at an August “cyber symposium” on election fraud hosted by MyPillow executive Mike Lindell. Officials say that no sensitive data was obtained. This is substantially similar to an incident in Colorado earlier this year. Data from the Colorado incident was circulated at the same event. The FBI is investigating the incident.

Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Insider threats can pop up anywhere and real havoc on an organization when they least expect it.



Cyprus – StripChat 

https://therecord.media/adult-cam-site-stripchat-exposes-the-data-of-millions-of-users-and-cam-models/ 

Exploit: Misconfiguration

StripChat: Adult Content Platform

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.615= Severe

StripChat, one of the world’s top 5 adult cam sites, has suffered a data breach that exposed more than its usual fare, including the personal data of millions of users and adult models. In a blunder discovered by security researchers, StripChat failed to properly configure an ElasticSearch database cluster, leaving data exposed for at least 3 days.

cybersecurity news represented by agauge showing severe risk

Individual Risk 1.802= Severe

Researchers listed the exposed data pertaining to 65 million users registered on the site including their username, email, IP address, ISP details, tip balance, account creation date, last login date and account status. Data for 421,000 models broadcasting on the site was also exposed including username, gender, studio ID, live status, tip menus/prices and strip scores. Other transaction data was also exposed.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business The company hasn’t just failed at data security, at press time they had also failed to publicly disclose or acknowledge the incident, a sure path to a hefty GDPR fine.


Denmark – Vestas

https://portswigger.net/daily-swig/wind-turbine-giant-vestas-confirms-data-breach-following-cybersecurity-incident

Exploit: Ransomware

Vestas: Wind Turbine Manufacturer

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.512= Severe

The world’s largest supplier of wind turbines Vestas has announced that it has experienced a suspected ransomware incident. The company says that its initial investigation has determined that data has been compromised, although no specifics about that data were given. The company says that the incident forced the shutdown of IT systems and has damaged parts of Vestas’ internal IT infrastructure. Recovery has begun, and the company has stressed that the impact on its manufacturing, construction and service arms has been minimal.

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware and infrastructure components are going hand in hand these days, creating an elevated risk level for companies in infrastructure-related sectors.



Exploit: Hacking

Copyright Agency: Royalty Collection Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.595 = Extreme

Australia’s Copyright Agency has suffered a data breach The agency which distributes royalties to authors, photographers and other creators for the reuse of their text and images, notified members of the incident last Friday. No information is yet available about what data may have been impacted, but there’s a possibility that extensive personal and financial data may have been exposed for the 37,000 creators that it services.

Customers Impacted: 37,000



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

View All News & Articles

Ready to customize an IT solution that fits YOUR business goals? Get free guidance from our CEO.

Ready to customize an IT solution that fits YOUR business goals?

Get free guidance from CloudSmart IT.

Book a call or call us at 844.200.0549 today for your no-cost, no-obligation consultation.