The Week in Breach 06/10/20 – 06/16/20
New this week in cybersecurity and breach news: ransomware shuts down production of cars and beer, phishing lands a professional haul, and 2 free new coloring books to teach kids about internet safety!
Cybersecurity & Breach News: Dark Web ID’s Top Threats
- Top Source Hits: ID Theft Forums
- Top Compromise Type: Domain
- Top Industry: Insurance
- Top Employee Count: 1 – 10
Cybersecurity & Breach News: United States
United States – ST Engineering
https://securityaffairs.co/wordpress/104351/cyber-crime/st-engineering-maze-ransomware.html
Exploit: Ransomware
ST Engineering: Aeronautics Contractor
Risk to Small Business: 1.732 = Severe
The San Antonio, Texas branch of defense, aeronautics, and space contracting conglomerate ST Engineering was hit with a MAZE ransomware attack disrupting operations and putting data at risk for a second time. This division of the international flight equipment services giant was also hit with a MAZE ransomware attack in May 2020 to the same effect. In an industry that expects top-notch security standards to be maintained by any company that wants to be a player, this is problematic and dangerous.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware like MAZE is commonly delivered to vulnerable businesses through phishing attacks, including the use of fake websites and dodgy attachments to infect systems. Phishing has grown exponentially in 2020, and COVID-19 related attacks are on track to be the biggest phishing scam driver in history.
ID Agent to the Rescue: BullPhish ID is the ideal phishing training and testing solution for today’s remote workforce, with simulation kits and video lessons in 8 languages addressing today’s most dangerous phishing threats. LEARN MORE>>
United States – Kentucky Employee Health Plan
https://www.govtech.com/security/Two-Data-Breaches-Hit-Kentucky-Employees-Health-Plan.html
Exploit: Unauthorized Database Access
Kentucky Employee Health Plan: Health Insurance Provider
Risk to Small Business: 1.462 = Severe
Two data breaches compromised plan members’ personal data and enabled bad actors to steal more than $100,000 in gift cards. Hackers used valid login information to access the system in the first breach and were able to compound the damage of that breach in a second breach. The second breach accessed member programs to redeem reward points for gift cards. The two breaches created scrutiny and drew calls for further investigation as to whether the “bad actors” were from outside the office or if insider threats were the root cause.
Individual Risk: 2.703 = Moderate
Hackers accessed users’ account portals containing their screening and health assessment data. Although this attack appears to be financially motivated, healthcare-related data often makes its way to the Dark Web, where it can be used to execute additional fraud attempts. Those impacted by the breach should immediately update their account passwords while monitoring their accounts for suspicious activity.
Customers Impacted: 2,700
How it Could Affect Your Customers’ Business: whatever the results of this investigation show, it raises the question of insider threats. Whether staffers are accidentally or deliberately giving information and passwords to bad actors, insider threats have to be a top concern for every business
ID Agent to the Rescue: Don’t wait until insider threats become a problem for your company. Download our eBook on insider threats for tips on spotting and stopping them before they become a problem GET IT NOW>>
Cybersecurity & Breach News: Canada
Canada – Chartered Professional Accountants of Canada
Exploit: Phishing
Chartered Professional Accountants of Canada: Professional Membership Organization
Risk to Small Business: 1.317 = Severe
The organization recently disclosed that personal information for its members had been compromised following a successful phishing attack in April. CPA Canada announced the results of its completed investigation, determining that the compromised information primarily affected subscribers of its CPA Canada magazine and an indeterminate number of website users. Impacted members were sent a phishing email asking them to change their user information on the organization’s online platform.
Individual Risk: 2.238 = Moderate
The security alert sent to all users of the CPA Canada website or magazine subscribers notes that members should be wary of spear phishing emails using industry-specific details from CPA Canada and change their login credentials on the website as a safety precaution.
Customers Impacted: 329,000
How it Could Affect Your Customers’ Business: A data breach caused by a human error like phishing is a sign to an organization’s membership that it doesn’t take those members’ information security seriously, making it harder to retain members and sell professional resources.
ID Agent to the Rescue: A well-educated staff is every company’s best defense against phishing. BullPhish ID has constantly updated training and testing materials available that keep staffers informed about the latest phishing threats and on guard to resist attempts. LEARN MORE>>
Canada – Fitness Depot
Exploit: Ransomware
Fitness Depot: Fitness Equipment Retailer
Risk to Small Business: 1.871 = Severe
Fitness Depot’s online store was infected with card-skimming malware that stole customers’ personal and financial data at checkout. It took the retailer more than three months to identify the breach, giving cybercriminals ample time to capitalize on the surge of online sales since the COVID-19 pandemic began. The data breach, which began on February 18th, will likely cause online shoppers to think twice before buying from their platform, potentially disrupting a vital lifeline while many in-person shops remain closed.
Individual Risk: 1.764 = Severe
Payment card skimming malware captures all information entered at checking. This information can allow hackers to commit identity or financial fraud. Those impacted by the breach need to notify their financial institutions and to carefully monitor their accounts for misuse. In many cases, victims should enroll in credit or identity monitoring services to ensure their data’s long term integrity.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: For most consumers, cybersecurity is a critical component of their buying decisions when shopping online. Card skimming malware represents a growing threat to online stores, and companies counting on digital sales to drive revenue need to account for this risk and many others presented by online shopping. In 2020, it’s a bottom-line issue that retailers can’t afford to ignore.
ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal AssistT, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. LEARN MORE NOW>>
Cybersecurity & Breach News: United Kingdom
United Kingdom – Inventory Hub
Exploit: Accidental Data Sharing
Inventory Hub: Property Management Inventory Platform
Risk to Small Business: 2.209 = Severe
A recently unearthed flaw in the security of this property management platform made members’ names and addresses, internal and external property images, inventories of each property’s contents, and information about physical security including photos of alarms, cameras, and locks available for an indeterminate amount of time. According to the researcher who discovered the vulnerability, the opening allowed would-be burglars to access exact layouts of all the listed properties, plus inventories of the contents, and user records back to 2017.
Individual Risk: 2.607 = Moderate
User information including names, physical addresses, and lists of contents for properties listed on the platform since 2017 were compromised. Users should remain on guard for potential spear phishing attacks using these details.
Customers Impacted: 8,871
How it Could Affect Your Customers’ Business: Data breaches that leak personal information can be dangerous and lead to other types of criminal activity. Users of a service like Data Hive expect that even their most basic personal information will be kept safe when they choose a partner company, and increasingly reject service providers that fail them.
ID Agent to the Rescue: It pays for your customers to know quickly if a flaw in third party security has caused a data breach. Dark Web ID immediately alerts businesses if their information or important data appears on the Dark Web, allowing them to address the flaw and stop the problem before it becomes a catastrophe. LEARN MORE NOW>>
Cybersecurity & Breach News: Africa
South Africa – Life Health Care
https://www.iol.co.za/business-report/companies/life-healthcare-hit-by-cyber-attack-49149807
Exploit: Unauthorized Database Access
Life Health Care: Healthcare Provider
Risk to Small Business: 2.605 = Extreme
The healthcare provider, which operates 49 hospitals and dozens of other healthcare facilities across South Africa and Botswana, was hit with an attack that compromised its data storage and intake systems. The attack affected its admissions systems, business processing systems, and email servers, although investigators have not yet determined how much patient data (if any) has been compromised. The healthcare provider said that patient service and care were not impacted, although patients could expect longer wait times for the resolution of administrative requests.
Individual Risk: 2.230 = Severe
Patients who have been treated at any of Life Health Care’s facilities should expect that their personal information and health information has been compromised and take appropriate measures to protect their identities.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Healthcare facilities that fall victim to cyberattacks aren’t just facing the costs of a standard breach recovery – they’re also facing potentially hefty regulatory fines, as well as the negative impact on patient trust.
ID Agent to the Rescue: Digital threats are causing more serious (and expensive) damage than ever before. A comprehensive digital risk protection platform ensures that companies have all the bases covered for both security and compliance. See how ours fits the bill. LEARN MORE NOW >>
Cybersecurity & Breach News: Australia & New Zealand
Australia – Lion Beer Australia
https://www.thedrinksbusiness.com/2020/06/australian-brewer-lion-suffers-major-cyber-attack/
Exploit: Ransomware
Lion Beer Australia: Brewing Conglomerate
Risk to Small Business: 1.302 = Extreme
At Lion Brewing Australia, operations were disrupted by a ransomware attack as it began to reopen and restaff its 8 breweries in Australia and New Zealand. The attack came just as the company was able to resume operations after a period of closure caused by COVID-19 restrictions. The company has been forced to shut down its key systems entirely, reverting to manual systems to operate and process orders in this devastating incident that has still not been fully resolved.
Individual Risk: No employee or customer information was reported affected by this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: A successful ransomware attack can be catastrophic for a business at any time, and its typically powered by information obtained from the Dark Web. Ransomware is especially problematic right now, and a nasty surprise as businesses try to start recovering lost revenue in the wake of the COVID-19 pandemic.
ID Agent to the Rescue: Watch for trouble to prevent disasters like this. Dark Web ID uses human and machine intelligence to search for and analyze Dark Web threats to your company, alerting you fast when potential trouble arises LEARN MORE>>
Cybersecurity & Breach News: Asia & Pacific
Japan – Honda Motor Company Inc.
https://www.computerweekly.com/news/252484389/Honda-investigates-suspected-Snake-ransomware-attack
Exploit: Ransomware
Honda Motor Company Inc.: Automotive and Equipment Manufacturer
Risk to Small Business: 1.308 = Extreme
Honda was recently walloped by a huge cyberattack that briefly shut down production at its factories worldwide. The attackers are suspected of using SNAKE/EKANS ransomware to infiltrate equipment and computer systems connected to operations and production in every Honda facility, leading to delayed post-pandemic reopenings at some factories. Honda is undertaking restoration operations at its factories, sales centers, and business units and has successfully restored most functionality.
Individual Risk: No individual data was reported as compromised in this breach, nor does Honda believe that individual data was affected.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is a powerful foe, and even unsophisticated ransomware like SNAKE/EKAN can bring a mighty company like Honda to its knees fast. Without a comprehensive digital risk protection strategy in place, companies are at a higher risk of attack by bad actors looking to steal data or disrupt operations.
ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.
The Week in Breach Risk Levels
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
The Week in Breach: Added Intelligence
Go Inside the Ink to Get the Inside Scoop on Cybersecurity & Breach News
Have you been reading our blog? We’re bringing you timely cybersecurity & breach news, problem-solving advice, and expert analysis of today’s threats every day, plus intelligent cybersecurity insight that helps you plan for tomorrow.
Catch up on what you need to know now:
- Healthcare Cyberattacks Increase Five-Fold
- Dark Web Records for Sale Create Risk in 2 Surprising Ways
- The Week in Breach 06/03/20 – 06/09/20
- How Can I Grow my MSP Business? Use These 3 Tools
- National Go Fishing Day: Maritime Analysis
- National Go Fishing Day: Fish Facts
Free Education, Sales & Marketing Resources
Internet and Information Safety is Important for Kids too!
Kids these days are instant citizens of the digital world. That’s why it’s important for kids to learn about safe online behavior and what to watch out for. To that end, we’ve created 2 fun books to teach kids about how not to get tricked by cybercriminals using lovable characters and memorable rhymes combined with fun coloring pages and other activities. Download them today to print out some fun art pages for family time – or maybe just to keep the kids busy during your next Zoom.
Click here to get “The ID Agent Security Team Coloring and Activity Book” with coloring pages and games that teach kids about general online information and password safety.
Click here to get “Billy the Bull Goes Phishing”, a coloring book to teach kids to protect their personal information and not be fooled by phishing attacks.
Free eBook of the Week
NEW RELEASE! How Does Your Password Measure Up?
Bad passwords can have serious cybersecurity consequences. Passwords don’t just become compromised because they’re stolen or mishandled – sometimes they become compromised because they have a fatal flaw that makes them terrible. Is your password a winner or a failure? Find out now.
Download our new eBook “Is This Your Password? 3 Common Password FAILS & 3 Quick Password Wins”
The Week in Breach Threat Spotlight
Ransomware is Everywhere, and Every Company is At Risk
Ransomware is a growing menace to companies of every size and has surged to become even more popular as a means of attack. During the global pandemic, researchers reported that ransomware attacks have skyrocketed, increasing by more than 140% over 2019.
Ransomware has not only become more pervasive; it’s also become more expensive. The expected cost of a ransomware attack, (including recovery, remediation, and ransoms), is expected to increase to $20 billion in 2021. One U.S. oil and gas company lost a whopping $30 million to a single ransomware attack in 2019, and ransomware related downtime can also cost a fortune.
Healthcare is an especially popular and juicy target for bad actors, and cyberattacks against healthcare industry targets have increased fivefold in 2020. Ransomware has ravaged healthcare organizations providing essential COVID-19 care in the US, Canada, the UK, and other regions impacted by the pandemic.
The most common method of delivery for ransomware is through a phishing attack, and they’ve jumped over 600% since the start of the COVID-19 pandemic. Don’t wait until ransomware makes an impact on your bottom line – start training every staffer thoroughly to make them the strongest possible defense against the phishing attacks that aim to deliver ransomware.
BullPhish ID is the perfect training and testing solution for today’s remote workforce. This dynamic platform includes over 80 phishing kits (including the initial email and related landing page and reply email), and 50 security video campaigns (short animated videos with test and reply email), including training to resist COVID-19 phishing scams.
Because phishing is a universal menace, we offer training materials in 8 languages, and we’re constantly updating our menu of training choices to account for new threats as they become apparent, keeping every user in an organization on guard for trouble like ransomware.
Watch this 10-minute technical demonstration video to see BullPhish ID in action.
Catch Up With Us at These Virtual Events
JUNE 17: 3 Steps to Rev Up Your Sales Engine with Gary Pica REGISTER >>
JUNE 23: MVP GROWTHFEST featuring Magic Johnson! REGISTER>>
AUG 24-27: Connect IT Global in Las Vegas REGISTER >>
AUG 30-SEPT 1: ITBYDesign BuildIT REGISTER>>
A note for your customers:
Are You Staying Remote? Update Your IT Security Plan.
Although many companies were accustomed to supporting a remote workforce at least part of the time before the global pandemic, every company that’s still operating had to quickly transition to a fully remote workforce as the pandemic took hold of the world – and some of them discovered that they liked it.
Many companies used to only allow limited remote work, convinced that their staffers would be less productive at home without supervision. As remote work became a necessity during the COVID-19 restrictions imposed around the world, companies that braced for decreased productivity from their newly remote workforce were in for a surprise. Instead of diminishing production, remote work was boosting it, with one study reporting that remote workers on average worked 1.4 more days in a month than they did in the office.
This has led to a sea change in the thinking about remote work. Myriad companies in a broad range of industries have already adopted or are beginning to adopt permanent remote work as a norm for staff. The enticement of smaller facility costs and more flexibility combined with the added staff productivity and satisfaction is encouraging progressive companies to stay fully remote – but remote work brings its own cybersecurity risks.
Get the tools to support your remote workforce in our Remote Working Cybersecurity package, including a digital risk checklist and eBook! GET IT NOW>>
If you’re considering never going back to the office or even just keeping your staff flexible with extended remote capability, you’ll need to reconsider your cybersecurity posture. Remote work may bring many benefits, but it also brings new cybersecurity challenges to the table. Choosing the right cybersecurity stack (including a digital risk protection platform) to support remote work today can save many headaches, and dollars, in the future.
Contact ID Agent today for an expert analysis of how you can update your security posture to support a remote workforce and maintain data security compliance to protect your company from threats at a price that doesn’t threaten your budget.
Get high-quality marketing tools to help you connect with your customer with our free resources for marketing and education like eBooks, webinars, social media graphics, infographics, and more!.
Follow us on social media to find out about upcoming events, new blog posts, eBooks, white papers, webinars, product updates, marketing tools, and other cybersecurity news!
Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Just send an email to [email protected] to let us know – we welcome your feedback and we love to hear about how our content works for you!
Ready to become an ID Agent Partner or learn more about our remote-ready suite of cybersecurity solutions including the award-winning DarkWeb ID? Contact us today!