Data Breach, Cyber Alert Monday:
Last week, students learned a harsh lesson about data security, law enforcement agencies were forced offline, and a creative new malware threatened Windows users.
LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…
Ameritas: Insurance company operating as a subsidiary of Ameritas Mutual Holding Company
Exploit: Phishing attack
Risk to Small Business: 1.777 = Severe: Several employees fell for a phishing scam and provided their credentials to hackers who used that information to access customer data. The insurance company disabled the affected accounts and issued a company-wide, mandatory password reset. The company’s quick actions certainly prevented the data breach from becoming more expansive, but even temporary access can allow hackers to inflict significant damage on a company’s data security. Because Ameritas failed to adequately prepare their employees for a phishing scam, they will now incur the significant cost of hiring an external security firm to shore up their data integrity, even as they face the less quantifiable reputational cost that always accompanies a data breach.
Individual Risk: 2.285 = Severe: Hackers accessed customers’ personally identifiable information, including names, addresses, email addresses, social security numbers, and policy numbers. Ameritas is offering one year of free credit and identity monitoring services, and anyone impacted by this data breach should enroll in these programs. At the same time, they should diligently monitor their accounts for unusual or suspicious activity.
Customers Impacted: Unknown
How it Could Affect Your Business: The cost of a data breach is higher now than ever before, which makes a preventable data breach even more egregious. Consequently, awareness training should be a top priority for every company. The expense of credit and identity monitoring services, reputational damage, and IT upgrades far exceeds the awareness training that can prevent phishing scams from compromising customer data.
Washoe County School District: Public school district providing educational services to students in Washoe County, Nevada
Exploit: Unauthorized database access
Risk to Small Business: 2.111 = Severe: A data breach at one of the district’s contractors, Pearson, compromised students’ personally identifiable information. Even though the district isn’t directly responsible for the data breach, they will still incur the cost of providing credit and identity monitoring services to thousands of victims, and their already strapped budgets will be further strained by the recovery efforts.
Individual Risk: 2.714 = Moderate Risk: The data breach impacts students who attended the school district between 2001 and 2016, and it includes student names and dates of birth. Some staff names and email addresses were also accessed during the breach. Those impacted by the breach should enroll in the district-provided credit and identity monitoring services to ensure their information’s long-term integrity.
Customers Impacted: 144,000
How it Could Affect Your Business: Even when an organization isn’t directly responsible for a data breach, they are still charged with helping victims recover from the episode and for strengthening the cybersecurity standards going forward. Especially when minors are involved, knowing what happens to people’s information after it leaves your network is a good place to start.
Georgia Department of Public Safety: Government agency overseeing state law enforcement divisions
Exploit: Ransomware
Risk to Small Business: 2.111 = Severe: A ransomware attack on the Georgia Department of Public Safety forced the institution to take all of its computer servers offline. The department is responsible for several law enforcement agencies, which were unable to use their systems to conduct their day-to-day operations. Fortunately, the department was prepared with a ransomware response plan that will equip them to restore operations without paying the ransom. However, as other incidents in recent months revealed, that doesn’t mean that recovery is free or even cheap. The opportunity cost associated with network outages and the IT repairs costs can quickly exceed ransom demands.
Individual Risk: No personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Business:This is the third ransomware attack on a Georgia-based government agency in the past month, costing precious public funds that could be spent on more beneficial projects. The pattern is certainly not restricted to Georgia, and organizations of every size and in every location should prioritize robust security awareness to address network vulnerabilities before an attack occurs.
Los Angeles Police Department: Local police department serving Los Angeles, California
Exploit: Unauthorized database access
Risk to Small Business: 1.666 = Severe: A hacker gained access to the department’s database housing information on thousands of recruits, compromising sensitive personal information for thousands of potential officers in the process. While the department is taking steps to protect their network going forward, they neither knew they were breached nor accounted for their officers’ data security before the incident occurred. Consequently, their officers’ personal information is available to untold bad actors.
Individual Risk: 2.428 = Severe: When hackers contacted the department, they revealed that the personal information included names, partial social security numbers, dates of birth, email addresses, and application credentials. The breach extends to officers, trainees, recruits, and applicants, and those impacted by the breach should attain the credit and identity monitoring services necessary to ensure that their information isn’t being used for nefarious purposes.
Customers Impacted: 20,000
How it Could Affect Your Business: Data breaches are a veritable PR nightmare for any company, and this is especially true when prized community members, like police officers, are victimized by the incident. Since this information can quickly make its way to the Dark Web, organizations can begin repairing the damage by verifying that this information isn’t being used to perpetuate further crimes. Moreover, offering supportive services, like comprehensive identity theft restoration, provides the support that victims need to recover from a data breach.
Poshmark: Social commerce marketplace for buying and selling clothing, shoes, and accessories
Exploit: Unauthorized database access
Risk to Small Business: 2.222 = Severe Risk: Hackers gained access to the company’s database where they accessed customers’ personal information. The company hashed and salted users’ passwords, making it difficult for hackers to use this information to directly access user accounts. However, similar breaches at online retailers eventually saw their customers’ data sold on the Dark Web, giving Poshmark a heavy responsibility to identity the stolen information and to ensure its long-term integrity. In addition, the company is paying the expense of hiring a third-party cybersecurity team to update their protocols in the wake of the breach.
Individual Risk: 2.714 = Moderate Risk: Poshmark is used by customers in Canada and the United States, but only US-based accounts were impacted by the breach. For those impacted by the breach, their usernames, passwords, names, gender, and city of residence are compromised. In addition, some platform-related content, like clothing size, was also made available. Ensuring this data’s security is a long-term process that doesn’t have an easy solution. Therefore, users should attain the monitoring services necessary to secure their information.
Customers Impacted: Unknown
How it Could Your Customers’ Business: Research shows that customers are unlikely to return to a platform that compromises their personal data, making cybersecurity not just a technological issue but a bottom-line priority. Providing comprehensive care to those impacted by a breach allows companies to put their best foot forward toward restoring the customers’ confidence, and, hopefully, retaining their business.
Lodi, California: City located in San Joaquin County, California
Exploit: Ransomware
Risk to Small Business: 1.888 = Severe Risk: Ransomware was delivered to city employees as an email attachment that appeared to be an invoice. The malware ultimately disabled the city’s phone lines, financial data systems, and other computer systems. Hackers demanded a $400,000 ransom in Bitcoin, which officials have declined to pay. The ransomware was first discovered in April, and, after several attempts to remove it from their system, it’s continued to plague their systems months later. While the city has cybersecurity insurance, it includes a $50,000 deductible, which means that there are only bad options for restoring network functionality.
Individual Risk: No personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Your Customers’ Business: This incident illustrates the complicated debate surrounding ransomware attacks. $400,000 is an expensive ransom, but local municipalities can quickly spend more as they endure the arduous process of recovering their systems. As Lodi demonstrates, this process can take months, and success isn’t a guarantee. Consequently, government agencies and organizations need to prioritize cybersecurity initiatives to strengthen their defensive posture before an attack occurs. In this case, a single malicious email will have significant financial consequences for the local government.
In Other News:
Capital One Data Breach Impacts US and Canadian Customers
An expansive data breach at the credit card juggernaut, Capital One Financial, has compromised the personal information for more than 100 million US and Canadian customers.
The breach exposed the personal data for more than six-million Canadians, making it one of the most significant data breaches in the country’s history. Capital One, which provides Mastercard credit cards for retailers like Costco Wholesale and Hudson Bay Company, noted that the data is primarily restricted to consumers and small businesses who applied for a credit card between 2005 and 2019.
The data includes names, addresses, postal codes, phone numbers, dates of birth, and incomes. For US customers, the stolen data also includes 80,000 linked bank account numbers and 140,000 social security numbers.
The incident is just the latest wide-spread data breach impacting small businesses and consumers, making their preemptive data protection a must-have element of personal or organization data security. For example, Kobargo’s Dark Web monitoring services can identify if an organization’s data is made available on the Dark Web, providing you with an opportunity to enhance your security posture before an attack takes place.
A Note From Kobargo..
A new malware strain, SystemBC, targets Windows computers with a multifaceted attack that can wreak havoc on their users.
In addition to infecting computers with the primary strain of malware, SystemBC contains an on-demand proxy component that allows other malware stains to integrate with infected computers. Bad actors can use this arrangement to install trojans, ransomware, and other malware on users’ computers.
This iterative approach to malware illustrates the ever-changing cybersecurity landscape that threatens every organization. With the cost of a data breach growing each year, companies have every incentive to protect their IT infrastructure. Although the challenges are immense, partnering with qualified professionals (Like us!) can ensure that your organization is always ready to combat the latest threats.
Contact Kobargo Technology Partners to schedule a free consultation today!