Please fill in the form below to subscribe to our blog

The Week in Breach: 10/30/19 – 11/05/19

November 06, 2019

This week, negligence compromises user data, hackers attack digital points of sale, and SMBs struggle to hire top cybersecurity talent.

Dark Web ID Trends:

Top Source Hits: ID Theft Forums 
Top Compromise Type: 
Domain
Top Industry:
Education & Research
Top Employee Count:
501+ Employees 


United States – Web.com
https://www.scmagazine.com/home/security-news/data-breach/web-com-discloses-breach-affecting-customer-account-info/

Exploit: Unauthorized database access
Web.com: Domain name registration and web services provider

1.51 – 2.49 = Severe Risk Risk to Small Business: 2.111 = Severe: An unauthorized third party accessed Web.com’s network, which compromised their customers’ personally identifiable information. The intrusion took place in August 2019, but IT personnel were not able to identify the breach until October 16th. Data breach notifications went out this week, but the significant detection delay will certainly compound the damage for both the company and its customers.
1.51 – 2.49 = Severe Risk

Individual Risk: 2.285 = Severe: The breach compromised names, addresses, phone numbers, email addresses, and service information. Security experts believe that the breach extends beyond Web.com and includes users of Network Solutions and Register.com. This information often makes its way to the Dark Web where it can be repurposed for additional cyber-attacks or identity fraud. Anyone impacted by the breach should scrutinize their online communications, as hackers will use compromised data to orchestrate spear phishing attacks.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Survey after survey reveals that customers are increasingly wary of doing business with companies that can’t protect their personal information. This reality is only exacerbated when companies are slow to detect or respond to security incidents.
As a result, data security and response protocols are an integral part of doing business. In 2019, cybersecurity isn’t just for the IT department to consider. It needs to be a top-down priority that impacts every facet of the company.

ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID™ is the leading Dark Web monitoring platform in the Channel. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact.

United States – sPower
https://www.zdnet.com/article/cyber-attack-hits-utah-wind-and-solar-energy-provider/

Exploit: Cyber-attack
sPower: Renewable energy provider

1 – 1.5 = Extreme Risk Risk to Small Business: 1.444 = Extreme: sPower was the victim of a cyber-attack that brought down its services and disconnected its hardware from the electrical grid. Although the attack occurred in April, the details are emerging as part of a Freedom of Information Act filing by reporters covering the energy sector. Hackers were able to leverage a vulnerability in the company’s firewall that allows outside entities to access their network. The event could significantly harm the company’s reputation within the energy industry, impacting its ability to land future contracts and compete with other companies.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Reputation management can mean the difference between earning the next contract and losing out to a competitor. In that regard, ensuring that your organization’s most prescient threats are accounted for can help avoid the bad press and brand erosion that follow in the wake of a cyberattack. While every industry’s threats are unique, every consumer or collaborator wants the same thing: sufficient cybersecurity to meet the moment.

ID Agent to the Rescue: With BullPhish ID™, MSPs can provide understand the unique risks and available solutions, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.

United States – City of San Marcos
https://www.sandiegouniontribune.com/communities/north-county/story/2019-10-31/san-marcos-city-computer-systems-hacked

Exploit: Cyber-attack
City of San Marcos: Local government municipality

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.666 = Severe: Hackers accessed the city’s computer systems and restricted access to significant portions of their IT infrastructure. The attack, which began on October 24th, brought down email accounts and other communication services. As a result, messages sent to city employees were not delivered, though government facilities remain open. Recovering from the attack is proving especially difficult, as the services are still restricted for more than a week after the initial event. To prevent further attacks, employees are being asked to change their passwords and enable two-factor authentication on their accounts.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Many cybersecurity vulnerabilities can be mitigated by adopting adequate preventative measures. For instance, using strong, unique passwords and two-factor authentication can prevent hackers from using stolen credentials to access accounts and dig deeper into your company’s IT environment. As the costs associated with breach continue to pile up, the ROI on implementing cybersecurity defense becomes easily apparent.

ID Agent to the Rescue: With AuthAnvil, you can protect your employees’ password integrity. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your credentials and your data. Find out more at: https://www.idagent.com/authanvil-multi-factor-authentication.

Canada – Ontario Science Center
https://www.cbc.ca/news/canada/toronto/science-centre-data-breach-1.5338334

Exploit: Unauthorized database access
Ontario Science Center: Science museum

1.51 – 2.49 = Severe Risk Risk to Small Business: 2.222 = Severe The Ontario Science Center endured a data breach after an employee of a third-party contractor downloaded personal data from the museum’s newsletter subscribers. The breach impacts subscribers, along with participants in camp programs and birthday parties. Although the breach is relatively restricted, it will still drain resources from an educational institution with better priorities in mind.
1.51 – 2.49 = Severe Risk Individual Risk: 2.428 = Severe: The breach includes names and email addresses, but other personal or financial information was not included in the event. Despite the incident’s limited scope, this information can still be valuable in the hands of cybercriminals, and those impacted must enlist in identity and credit monitoring to stay protected.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Third-party collaborations are a normal part of business operations for most companies, but cybersecurity standards need to be considered when entering into a partnership. For instance, even though the Ontario Science Center wasn’t directly responsible for this data breach, the accountability will land squarely on their shoulders.


ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal Assist, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.

France – Sixth June 
https://www.bleepingcomputer.com/news/security/sixth-june-fashion-site-hacked-to-steal-credit-cards/

Exploit: Malware attack
Sixth June: Fashion online store

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.888 = Severe: Hackers infected Sixth June’s online store with e-skimming malware that is able to collect customer information at checkout. Despite the alarming nature of the attack, company leaders were slow to respond. Security researchers contacted Sixth June’s leadership team on October 20th, but the malware remained active five days later. This attack was especially covert as the hackers used a similarly registered domain name to disguise the malicious website. As a result, Sixth June customers were unlikely to discover malware without the company’s direct intervention.
1.51 – 2.49 = Severe Risk Individual Risk: 2.142 = Severe: E-skimming malware attacks collect extremely sensitive personal information, including names, addresses, and payment information. While Sixth June hasn’t reported specific data compromised in this breach, any information that users provide at checkout is likely available to hackers. Those impacted by the breach should take every measure to secure their credentials, including notifying their financial institutions and enrolling in credit and identity monitoring services.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Although being the victim to a data breach is a nightmare for any business, it’s even worse when the response is slow or inadequate. Multiple cybersecurity experts have commented online and criticized Sixth June leadership for not responding to their warnings about the malware. The blowback for Sixth June could be immense. Regulatory consequences, reputational damage, and lost revenue will likely change the company’s trajectory going forward.

ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.

Italy – UniCredit
https://uk.reuters.com/article/us-unicredit-cyber/unicredit-hit-by-data-breach-of-italian-client-records-idUKKBN1X70HM

Exploit: Exposed database
UniCredit: Banking and financial services company

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.555 = Severe: UniCredit recently discovered an exposed database containing the personal information for millions of the company’s customers. Shockingly enough, the database had been accessible since 2015. This is the company’s third data breach in recent years, and it sent their share price down by 4%. The bank is spending a significant amount of money to update its IT infrastructure to prevent such an event in the future, but that is unlikely to alleviate the reputational damage and regulatory repercussions heading their way.
1.51 – 2.49 = Severe Risk Individual Risk: 2.428 = Severe: The exposed database contains the email addresses and phone numbers for the banks’ clients. Hackers did not have access to login credentials, but that doesn’t mean that those impacted by the breach are out of the woods. Personal details can be used to facilitate additional cybercrimes that can compromise even more sensitive information.

Customers Impacted: 3,000,000
How it Could Affect Your Customers’ Business: The path to restoring customer confidence after a data breach is one that is not well-charted. However, companies are testing their customers’ limits when they endure multiple cybersecurity incidents. Each episode forces businesses to restart the restoration process. Knowing what happens to exposed or stolen customer data is the first step to a swift response that can revive customer confidence.

ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more: https://www.idagent.com/dark-web.

Australia – 7-Eleven
https://www.infosecurity-magazine.com/news/drivers-data-exposed-in-7eleven/

Exploit: Accidental data exposure
7-Eleven: Convenience store and gas station chain

1.51 – 2.49 = Severe Risk Risk to Small Business: 2 = Severe: Australian customers using 7-Eleven’s app designed to help drivers reduce fuel costs were able to view the personal information of other customers after logging in to the platform. In response, the company brought the app offline to identify a suitable solution. The company later relaunched a repaired app several hours later, but the damage had already been inflicted.
1.51 – 2.49 = Severe Risk Individual Risk: 2 = Severe: Personally identifiable information, including names, email addresses, cell phone numbers, and dates of birth were exposed. Only one customer reported accessing this data, but it’s possible that it was made available to many more, including bad actors who were aware of the vulnerability. It’s better to be safe than sorry, so it’s recommended that anyone impacted by the breach enroll in identity monitoring services to protect the integrity of their information.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This incident serves as a reminder that a simpler user experience should never come at the expense of data security. 7-Eleven app developers failed to identify a relatively simple flaw in their system, and this oversight will have untold consequences for their customer base and ability to innovate in the future. In other words, technological advancement and cybersecurity need to go hand-in-hand.

ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help to ensure you are getting the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.

Australia – Exchange for Change
https://www.brewsnews.com.au/2019/11/01/brewers-hit-by-nsw-container-deposit-scheme-data-breach/

Exploit: Accidental data sharing
Exchange for Change: Coordinator of litter reduction program

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.666 = Severe: Exchange for Change inadvertently emailed invoices containing financial information to various competitors participating in the litter reduction program. The error has compounded public scrutiny of the program, which has had several problems in its rollout. While the company made clear that their network had not been compromised, the accidental sharing will have many of the same repercussions, including reputational damage and potential customer defections.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Today’s companies face a litany of cybersecurity threats, so self-inflicted wounds are especially frustrating and problematic. Of course, human error isn’t just limited to accidental sharing. There are multiple threats that companies can diffuse simply by preparing their employees to be successful at this critical imperative.

ID Agent to the Rescue: Designed to protect against human error, BullPhish ID simulates phishing attacks and manages security awareness training campaigns to educate employees, making them the best defense against cybercrime. Learn more here: https://www.idagent.com/bullphish-id.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.



In Other News:

Small Businesses Struggle to Acquire Top Cybersecurity Talent 

Few institutions are at more risk of a cyber-attack than SMBs. Unfortunately, these same companies are struggling to compete with major corporations for the IT and cybersecurity talent that can keep their infrastructure and data secure. 

In general, this trend reveals a growing chasm between escalating cybersecurity threats and the availability of affordable, qualified professionals who can defend against them. In Canada alone, it’s estimated that organizations will need to fill 3,600 cybersecurity positions alone, meaning that the market forces of supply and demand are inextricably working against SMBs with more modest budgets.

Moreover, today’s cybercrimes are becoming increasingly sophisticated and exponentially more expensive. For instance, credential stuffing and ransomware attacks often require specialized personnel to adequately defend against these threats.

However, SMBs don’t have to bring all of this talent under their own roof. Instead, they can partner with qualified cybersecurity specialists (Like us!) to augment their capabilities and ensure their data security in a dangerous digital environment.

https://www.theglobeandmail.com/featured-reports/article-small-business-struggles-to-compete-for-cybersecurity-talent/


What We’re Listening to:

Know Tech Talks
Security Now
Defensive Security Podcast
Small Business, Big Marketing – Australia’s #1 Marketing Show!
IT Provider Network – The Podcast for Growing IT Service
TubbTalk – The Podcast for IT Consultants
Risky Business
CHANNELe2e


A Note for Your Customers:

Data Breaches Are Pushing SMBs Into Bankruptcy 

A recent survey by Zogby Analytics confirmed what many people already knew: data breaches are wreaking havoc on SMBs. In particular, the financial implications of a data breach are overwhelming their capacity and forcing them to take drastic action. 

The survey, which questioned more than 1,000 small business leaders, found that 37% of SMBs that experienced a data breach suffered financial loss and 25% filed for bankruptcy. Ultimately, 10% of SMBs went out of business following a data breach.

At the same time, leaders understand the threat. 88% of respondents indicated that their company was “somewhat likely” to experience a data breach, while nearly half believe that they are “very likely” to be the victim of data loss event. As today’s world continues to grow increasingly aware of the costs and prevalence of data breaches, the responsibility for leaders to defend against them has never been greater.

https://www.smallbusinesscomputing.com/news/25-percent-of-smbs-hit-by-a-data-breach-last-year-went-bankrupt.html

 


 Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in entirety) for your own social media and marketing efforts! Just send an email to [email protected] to let us know!

Not a Partner? Learn more about Dark Web ID™ and the benefits it holds for your Business. Contact us today!