Last week, ransomware will cost companies critical revenue, repeat offenders put customer loyalty at risk, and businesses fail to account for the risks of compromised employee credentials.

 

United States – Alphabroder

Exploit: Ransomware attack
Alphabroder: Promotional product supplier

Risk to Small Business: 1.555 = Severe: A ransomware attack temporarily halted Alphabroder’s processing and shipping platform. Since the ransomware prevented the company from executing orders, Alphabroder was forced to make a statement on social media and interrupt most business processes. Alphabroder did subscribe to cybersecurity insurance to help offset the costs, but the reputational damage and long-term infrastructure costs can be difficult to quantify and are capable of significantly dampening the company’s financial prospects in the near term.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Cybercriminals are always looking for new ways to profit from businesses’ IT vulnerabilities. Unfortunately, these bad actors only have to execute their strategy once to inflict incredible long-term damage to a company. This complicated threat landscape makes it especially important that businesses regularly assess their cybersecurity stance to ensure that they are ready to defend whatever comes their way.

---

United States – Stripe

Exploit: Phishing attack
Stripe: Online payment processing company

Risk to Small Business: 1.888 = Severe: Hackers are deploying fake and invalid Stripe support alerts to engage customers and procure user credentials. After clicking on the fictitious support alert, users are prompted to enter their bank account information and user credentials on a fake customer login page. This isn’t the first time that Stripe customers have been targeted in phishing attacks, and such attacks are becoming increasingly sophisticated and prevalent.

Individual Risk: 2.428 = Severe: Given that Stripe is an online financial platform, users can easily be tricked into providing their most sensitive personal data to cybercriminals. It’s unclear if any Stripe customers have fallen for this phishing scam, but any users who responded to one of these malicious messages had their personal data compromised. They should immediately report this to Stripe and their other financial institutions, and they should take steps to ensure their data’s long-term integrity.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Cybersecurity has taken center stage among customers and employees, and both are demonstrating an unwillingness to work with companies that can’t protect their information. Especially for companies operating in a crowded and competitive market, top-shelf cybersecurity standards are a prerequisite to a thriving business model

---

United States – Pitney Bowes Inc. 

Exploit: Malware attack
Pitney Bowes Inc.: Mail management company

Risk to Small Business: 2.111 = Severe: A malware attack prevented Pitney Bowes’ employees and customers from accessing critical services. The company, which specializes in mail management, lost business directly as a result of the attack. Customers were unable to refill postage or upload transactions on their mailing machines. In addition, news of the announcement sent the company’s shares down 4%, which underscores the many ways that a cybersecurity incident can negatively impact a company’s bottom line.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Regardless of the attack methodology, cybersecurity events are incredibly costly for companies. In this case, Pitney Bowes was punished by investors, lost revenue opportunities, and endured reputational damage that will have long-term implications for the company. Given the high cost of recovery, pursuing robust cybersecurity services is a bargain.

---

United Kingdom – Sonic Jobs

Exploit: Exposed database
Sonic Jobs: Job recruitment website

Risk to Small Business: 2.111= Severe: An exposed database revealed the personal information of thousands of job seekers. Sonic Jobs, which partnered with Amazon Web Services for its database, failed to change the database configuration to private, meaning that all users could view the details of job applicants and anyone who knew the locations of the servers could have downloaded the information.

Individual Risk: 2= Severe: The exposed data was provided by job seekers, and it includes their names, addresses, contact information, and work experience. This information can quickly be sold on the Dark Web, where it can be used to facilitate other cybercrimes including phishing and identity scams. To protect themselves, anyone impacted by the breach should enroll in identity monitoring services while also being especially critical of unusual or unexpected communications.

Customers Impacted: 29,202

How it Could Affect Your Customers’ Business: In its response, Sonic Jobs cited its limited resources as one reason that the database’s configuration went undetected. Unfortunately for the company, consumers and global regulators don’t look at this metric when deciding how to respond to a data breach. Given the enormous financial and reputational costs of a data breach, acquiring the services to assess and secure your cybersecurity landscape is a no brainer.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

---

In Other News:

Canadian Companies Victimized by Uptick in Ransomware 

2019 has seen a precipitous increase in the number of ransomware attacks reaching SMBs, government agencies, and educational institutions. These attacks, which consist of encrypting a company’s files and then demanding a ransom payment, are becoming especially common among institutions that lack the resources to continually defend against the devastating attack vector. 

Now, that reality is hitting Canadian businesses especially hard, a noteworthy development for a country that has often managed to avoid being victimized by such threats.

According to a recent survey, 88% of Canadian organizations experienced some type of data breach in the past year, and 82% noted an increased attack volume during that period. However, in that survey, ransomware only accounted for 14% of these breaches. Since then, a string of Canadian healthcare companies, small businesses, and government organizations have been targeted. Some are speculating that the malware’s success in other countries, including the U.S., has encouraged cyber criminals to broaden their horizons.

Regardless of the intention, with ransomware widely available for lease on the Dark Web, businesses shouldn’t expect these attacks to abate any time soon. Rather, they should continually review and update their cybersecurity posture to ensure that their infrastructure is capable of defending against the latest ransomware strains.

 Last week, phishing attacks expose protected health information, hackers hijack a shoe company’s email list, patients are upset about healthcare data breaches, and Twitter comes under fire for data misuse.

 

United States – UAB Medicine

Exploit: Phishing attack
UAB Medicine: Academic medical center based in Birmingham, Alabama

Risk to Small Business: 1.666 = Severe: A phishing attack tricked several employees into providing their email credentials to hackers, which subsequently exposed the protected health information for thousands of patients. The email purported to originate from a hospital executive, asking employees to participate in a fake business survey. Executives believe that hackers were trying to access the healthcare provider’s payroll system, but they were prevented from reaching this information. Regardless, the August 7th breach will have a significant impact on the patients whose data was compromised and on UAB Medicine, as they will bear the cost of credit monitoring and identity theft protection services as well as the increased regulatory scrutiny because of the nature of the information involved.

Individual Risk: 2.571 = Moderate: Hackers had access to patients’ protected health information, including names, medical record numbers, dates of birth, dates of service, location of service, and other medical-related information. Some patients also had their Social Security numbers compromised. UAB Medicine is encouraging anyone impacted by the breach to closely monitor their accounts and benefit statements for fraudulent activity. In addition, they should enroll in the year of free credit and identity monitoring services provided by UAB Medicine.

Customers Impacted: 19,557

How it Could Affect Your Customers’ Business: Despite your best efforts, phishing attacks will likely make their way into your employees’ inboxes at some point. Fortunately, comprehensive awareness training can empower employees to sidestep ongoing efforts at gaining access to your network and compromising your data. Given the growing costs associated with a data breach, the ROI on cybersecurity best practices is remarkably clear and should be required for every employee with an email account.

---

United States – TOMS

Exploit: Unauthorized database access
TOMS: Designer and producer of shoes, eyewear, coffee, apparel, and handbags

Risk to Small Business: 2.333 = Severe: In an unusual cybersecurity incident, a hacker hijacked the mailing list for TOMS and sent a message encouraging customers to log off their devices and enjoy the outdoors. The message was not malicious in nature, but the hacker admitted that he accessed the platform for a significant time period before sending the email. The hacker also ridiculed bad actors, describing their actions in obscene language sent to TOMS customers. Fortunately, the hacker didn’t disrupt any other elements of TOMS’ IT infrastructure, but his actions highlight the company’s weak cybersecurity standards, which could negatively impact the company on many fronts.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: When it comes to protecting customer data, speed and precision are your best friends. Unfortunately, too many companies don’t have the IT capabilities to identify a data breach or to adequately investigate an event after it happens. As a result, customer data can virtually linger indefinitely before protective action can be taken, such as changing passwords or otherwise ensuring data integrity. This incident serves as an important reminder that every business needs to enlist in services that help proactively monitor and protect customer data.

---

United States – Methodist Hospitals

Exploit: Phishing attack
Methodist Hospitals: Community-based healthcare system located in Gary, Indiana

Risk to Small Business: 1.222 = Extreme: A successful phishing attack against two employees compromised the private health data for thousands of patients. The incident occurred in June, but the healthcare provider didn’t finish investigating the breach until August. It’s unclear why the company waited two months before making the breach public. Regardless, Methodist Hospitals will face intense regulatory scrutiny due to the nature of the information involved.

Individual Risk: 2.142 = Severe: The compromised data was accessed on June 12th or between July 1st and July 8th. It included patient names, addresses, health insurance information, Social Security numbers, government ID information, passport numbers, financial account numbers, payment card information, electronic signatures, usernames, and passwords. This incredibly expansive data set has a great value on the Dark Web, as it can be used to perpetuate additional cybercrimes. Therefore, those impacted by the breach should take every precaution to protect their data, including contacting their financial institutions and enrolling in credit and identity monitoring services.

Customers Impacted: 68,039

How it Could Affect Your Customers’ Business: Today’s digital landscape is replete with threats, but companies are not defenseless. Phishing scams require employees to actively compromise their credentials, and comprehensive awareness training can equip team members to identify and report fraudulent communications, effectively rendering them useless and creating a safe environment for your customers’ data.

---

Canada – TransUnion 

Exploit: Unauthorized database access
TransUnion: Consumer credit reporting agency

Risk to Small Business: 2.111 = Severe: Using compromised user credentials, hackers accessed the personal information of Canadian TransUnion customers. The breach, which occurred between June 2019 and July 2019 and detected in August, shines a spotlight on the company’s delayed breach response and notification process. Although the company’s IT infrastructure wasn’t at fault, their inability to account for a holistic vulnerability that allowed hackers using stolen credentials to access their customers’ information, will bring negative media scrutiny and public attention to the company.

Individual Risk: 2.857 = Moderate: TransUnion did not release a specific overview of the compromised data; however, the sensitive nature of their business means that personally identifiable information was likely included in the event. Notably, the company acknowledged that credit report data was exposed in the breach. This can include individuals’ names, dates of birth, current and former addresses, information on existing card and loan obligations, social insurance numbers, and other sensitive data.

Customers Impacted: 37,000

How it Could Affect Your Customers’ Business: The deluge of data breaches in the past several years have made login credentials widely available to bad actors. Therefore, today’s companies should be proactive about identifying compromised credentials and taking intentional steps to limit accessibility using this information.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

---

In Other News:

Twitter Uses Two-Factor Data for Targeted Advertising 

Implementing cybersecurity best practices is critical for today’s companies, especially in regard to securing infrastructure throughout an increasingly complicated threat environment. Unfortunately, in many cases, organizations rely on their customers to adopt these priorities in order to effectively protect their data. 

These protocols include initiatives such as using strong, unique passwords to secure accounts and implementing two-factor authentication to further secure this information. Of course, companies undermine user adoption when they use that information to serve up targeted advertising.

This week, Twitter acknowledged that it used the phone number and email address data from its two-factor authentication protocol to developing targeted advertisements. The information was used by the company’s tailored audiences program that allows companies to create targeted advertisements by matching their own marketing lists with Twitter user data. The company resolved the issue on September 17th, but it’s unclear how long companies benefit from this security-centered information.

More importantly, this misuse of personal data might discourage users from adopting these security protocols in the future, a decision that would put both parties at risk for a data breach.

 Last week, hackers make a sport of exploiting online gamers’ data, unauthorized database breach affect software firm, and business leaders lament today’s data landscape.

United States – Zynga 

Exploit: Unauthorized database access
Zynga: Social game development company

Risk to Small Business: 2 = Severe: Hackers gained access to the company’s database, which exposed the personally identifiable information (PII) for millions of customers. The company discovered the breach in September, and they responded by hiring an external investigator to determine the scope and severity of the breach. Unfortunately, by the time they responded, hackers uploaded user data to various hacker forums.

Individual Risk: 2.428 = Severe: The data breach applies to all users of the platform’s popular Words with Friends gaming app on Android and iOS who registered on or before September 2, 2019. In addition, some users of Draw Something, another mobile game produced by Zynga, were compromised. The exposed information includes names, email addresses, login IDs, hashed passwords, password reset tokens, phone numbers, Facebook IDs, and other Zynga account details. Since this information is already available to bad actors on the Dark Web and will be used to perpetuate additional cybercrimes, those impacted by the breach should carefully monitor their accounts while being especially watchful for other fraudulent communications.

Customers Impacted: 218,000,000

How it Could Affect Your Customers’ Business: Data security is increasingly top of mind for consumers. For companies operating in a highly competitive marketplace, it can mean the difference between keeping your customers happy while increasing revenue or losing them forever. Therefore, businesses of every size need to meet the moment by understanding their vulnerabilities, embracing best practices for cyber defense, and building a breach response action plan.

---

United States – Zendesk 

Exploit: Unauthorized database access
Zendesk: Customer service software company

Risk to Small Business: 1.888 = Severe: More than three years after the event, Zendesk acknowledged a data breach after a third party notified the customer service software company of unauthorized data access. The breach impacts Support and Chat accounts, and it includes personal data from all categories of Zendesk users, including customers, agents, and end-users. The company is resetting all passwords for users that registered before November 1, 2016. However, the platform touts many high-profile companies as clients, which means that the breach could have far-reaching repercussions for all stakeholders involved.

Individual Risk: 2.285 = Severe: The personal details of customers, agents, and end-users were compromised in the breach. This includes names, email addresses, phone numbers, passwords, and other technically-oriented data. The company is contacting all customers who could be impacted by the breach, and those affected should reset their Zendesk passwords and any redundant passwords used on other platforms.

Customers Impacted: 10,000

How it Could Affect Your Customers’ Business: When it comes to protecting customer data, speed and precision are your best friends. Unfortunately, too many companies don’t have the IT capabilities to identify a data breach or to adequately investigate an event after it happens. As a result, customer data can virtually linger indefinitely before protective action can be taken, such as changing passwords or otherwise ensuring data integrity. This incident serves as an important reminder that every business needs to enlist in services that help proactively monitor and protect customer data.

---

Canada – The National Basketball Association 

Exploit: Unauthorized database access
The National Basketball Association: Men’s professional basketball league in North America

Risk to Small Business: 2.111 = Severe: An unauthorized user accessed a server managed by the NBA for its Canadian business efforts. The league quickly identified the intrusion and took the server offline, began an investigation, and hired cybersecurity experts to make further recommendations. However, these measures can’t retroactively restore users’ data integrity, nor will it negate the reputational damage that always accompanies a privacy breach.

Individual Risk: 2.428 = Severe: The exposed user data includes names, addresses, email addresses, phone numbers, and other account-related information. Although the breach is limited to those who recently entered an online contest in Canada, this information is especially sensitive, and those impacted by the breach should take every precaution to ensure the long-term integrity of their credentials.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Digital platforms can be a great way to engage customers, but when data integrity is compromised, these initiatives can quickly become a liability. Therefore, cybersecurity needs to be the bedrock of any online engagement to ensure that such marketing efforts meet customers where they are secure, as opposed to manifesting into self-inflicted wounds on your company’s reputation and customer engagement.

---

The United Kingdom – EA Sports 

Exploit: Accidental sharing
EA Sports: Developer and publisher of sports video games

Risk to Small Business: 2 = Severe: EA Sports inadvertently leaked the personal data of 1,600 gamers who participated in a competition on the company’s website. The breach is related to the company’s FIFA 20 Global Series competition. Aside from becoming a PR nightmare for EA Sports on social media, the leak occurred just hours after the company’s announcement of new security features and promotional events related to the UK’s National Cyber Security Month. The webform was removed after thirty minutes, and the competition was temporarily canceled.

Individual Risk: 2.142 = Severe: The leaked data includes email addresses, account ID numbers, usernames, and dates of birth. Those impacted by the breach should monitor their accounts for suspicious or unusual activity.

Customers Impacted: 1,600

How it Could Affect Your Customers’ Business: Even relatively small data breaches can have a sizable impact on a company’s reputation and future earnings potential. Even apart from the bad press and media scrutiny that often accompanies a breach, customers are quick to take to social media to voice their concerns. Taken together, a data breach can quickly escalate into a PR disaster. To protect your brand’s reputation, prioritize customer data security.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

---

In Other News:

U.S. Senate Passes Ransomware Response Law 

Ransomware is making a devastating comeback in 2019, impacting SMBs, government agencies, and educational institutions with frightening regularity and at great cost. 

The scourge of attacks has been so profound that a bill governing ransomware response tactics actually elicited bipartisan support from a divisive U.S. senate.

The new legislation calls for dedicated teams tasked with providing organizations with best practice advice for protecting against and responding to ransomware attacks. These resources will be available for SMBs, government agencies, and schools, which were specifically addressed by the senate minority leader, Chuck Schumer.

The practical effects of such legislation are unclear, but the more prescient fact is that the law exists at all. It underscores the incredible need for more companies to adopt a best practice defensive posture and the chasm between those that are ready to defend themselves and those that remain vulnerable.

However, the law alone won’t solve SMBs problems. They need to understand the ways that their IT infrastructure might be vulnerable, and they need to make addressing those concerns a top priority.

---

A Note From Kobargo

UK Business Leaders Believe Data Breaches Are the New Normal 

The majority of UK businesses have suffered some form of a data breach in 2019, and C-suite business leaders view this reality as the “new normal.” 

This information was derived from the latest Carbon Black study, which surveyed 250 C-level business leaders from the UK. In total, 84% indicated that they endured a data breach in the past year, and the same amount indicated that cyber attacks were becoming more sophisticated.

This new reality is especially notable among smaller businesses, which reported a 57% increase in cyber attacks. While the financial repercussions varied significantly, 75% of executives noted that reputational cost is one of the most problematic results of a data breach.

Interestingly, two of the most prominent threats identified by executives, malware and phishing attacks, are defensible. By implementing comprehensive awareness training, companies of all sizes can neutralize a persistent and problematic threat group.

In a cybersecurity landscape that’s increasingly defined by continuous attacks, controlling some of the variables can give any organization a leg up on the best efforts of bad actors.

---

Contact Kobargo Technology Partners to schedule a free consultation today!

Last week, hackers gain access to data from popular delivery service, ransomware diverts ambulance services, and few employees report sufficient cybersecurity training.

United States – Thinkful

Exploit: Unauthorized database access
Thinkful: E-learning website for developers
Risk to Small Business: 2.333 = Severe: By leveraging an employee’s stolen credentials, an unauthorized third party was able to access the company’s database. While sensitive data, such as social security information, was not exposed, it’s possible that other personal information was accessed. In response, Thinkful has notified its users of the data breach and is requiring password resets on all accounts. While the company wrote to its users that it is taking additional steps to enhance security, these efforts will not help those whose credentials were already compromised in the breach. This incident follows on the heels of the company being acquired by Chegg.
Individual Risk: 2.857 = Moderate: Users’ Social Security numbers were not compromised in the breach, but other personal information could have been accessed by hackers. Users should create unique passwords, enroll in multi-factor authentication, and monitor their accounts for suspicious activity in the wake of the attack.
Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Thinkful’s data breach announcement is especially problematic since it immediately followed news that the company was being acquired by Chegg. It’s unclear how this cybersecurity incident will impact the deal, but cybercriminals often target small companies before an acquisition, hoping to infiltrate their IT infrastructure before coming under the protection of the larger, more robust system of their new parent company. Therefore, businesses must consider cybersecurity as both a moral imperative and financial necessity, especially in the realm of mergers and acquisitions.

---

United States – Campbell County Memorial Hospital

Exploit: Ransomware
Campbell County Memorial Hospital: Healthcare provider operating as part of the Campbell County Health Department
Risk to Small Business: 2.111 = Severe: A ransomware attack on Campbell County Memorial Hospital forced the healthcare provider to divert ambulance services, cancel surgeries, and stop admitting patients. The hospital’s emergency room remains operational, but many services are curtailed. Hackers did not send a ransom demand, leaving hospital IT administrators grappling for a solution. Campbell County Memorial Hospital reports that no patients were harmed because of the outage. However, with no solution in sight, patient care remains dubious and the long-term financial ramifications of the incident could be extensive.
Individual Risk: No personal information was compromised in the breach.
Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Unfortunately, once a ransomware attack infects your network, there are usually no get-out-of-jail-free cards. Ransom demands themselves often cost companies hundreds of thousands, whereas restorative services can be even more expensive. Moreover, the opportunity costs associated with interrupting business processes only makes matters worse. In this case, patients’ lives could have been put at risk, which is a worst-case scenario for any cybersecurity incident.

---

Canada – DoorDash

Exploit: Unauthorized database access
DoorDash: Food delivery service
Risk to Small Business: 1.555 = Severe: Hackers infiltrated a DoorDash server, providing them with access to user and driver data. In response, the company is encouraging all users to reset their passwords. Although the breach was discovered in early September, it’s unclear why they waited nearly a month before notifying users. Now, DoorDash will likely face legal and reputational blowback that will damage its standing in an already competitive market.
Individual Risk: 2.285 = Severe: Hackers accessed personal data for both DoorDash users and drivers, including names, email addresses, delivery addresses, phone numbers, hashed passwords, and the last four digits of payment cards. However, full payment card data was not accessible. In addition, the breach does not include DoorDash users who joined after April 5, 2018. The platform is encouraging all users to reset their passwords and to monitor their financial accounts for unusual activity. Moreover, those impacted by the breach should know that this data can be used to facilitate additional cyberattacks, including phishing scams, that can further compromise personal information.
Customers Impacted: 4,9000,000

How it Could Affect Your Customers’ Business: In 2019, companies can’t afford to spare any expense when it comes to protecting their data. With the initial cost of a breach soaring and the long-term damage becoming clearer, the big-picture threat is a tangible reality for every company. Rather than hoping to avoid being caught in the crosshairs by hackers, every business should take steps to identify vulnerabilities and to apply best practice solutions to mitigate the risk of a devastating data breach.

---

In Other News:

Cyber Insurance Rises 5% in 2019 
Despite a significant uptick in cybersecurity lapses, the average cost of cyber insurance only rose by 5% in 2019, according to a recent report.
In some ways, this is good news for companies as cyber insurance has become an important commodity in today’s dangerous digital environment. However, the report also found that the insurance industry is getting more adept at controlling its own losses by imposing high deductibles and offering limited payouts.
For instance, the sub-limit on a $1 million ransomware policy can be as low as $25,000, and deductibles often exceed $10,000.
At the same time, the cost of a data breach is escalating quickly, and insurance payouts aren’t adjusting to this new reality, meaning that, even with insurance reimbursement, companies often incur significant direct losses from a data breach.
Taken together, it underscores the importance of a strong defensive posture when it comes to cybersecurity risks as there are no helpful or affordable options once a data breach occurs.

---

A Note From Kobargo

Few Employees Receive Cybersecurity Training 
The precipitous rise in phishing scams and malware attacks has made employee cybersecurity training a critical component of any cyber defense strategy. However, a recent report by Chubbs indicates that many businesses aren’t providing cybersecurity training to their employees.
The report found that only 31% of employees receive cybersecurity training, while 70% of companies claim to have “excellent” or “good” cybersecurity standards.
These divergent claims contradict one another as companies with disengaged or ignorant employees pose a serious cybersecurity threat to their cybersecurity posture.
As data breaches continue to make headlines and to damage businesses’ bottom lines, it seems that too many organizations are unnecessarily putting themselves at risk. Comprehensive employee awareness training is an affordable way to bolster your defensive posture, and it can make a significant impact on the most prescient threats facing businesses today.

---

Contact Kobargo Technology Partners to schedule a free consultation today!

[/mp_span]
[/mp_row]

DATA BREACH, CYBER ALERT MONDAY: 

Last week, data breaches threatened future government contracts, PII was exposed online, and cybersecurity incidents were projected to reach an all-time high.

United States – Carle Foundation Hospital 

Exploit: Phishing attack

Carle Foundation Hospital: Regional, not-for-profit healthcare provider

Risk to Small Business: 2.111 = Severe: Three company employees fell victim to a phishing scam that gave hackers access to their email accounts containing patient data. Although the hospital immediately secured the accounts, the easily preventable incident will expose Carle Foundation Hospital to intense regulatory scrutiny and cascading costs related to the breach.

Individual Risk: 2.428 = Severe: The compromised email accounts belonged to three physicians, and they included data from patients that received cardiology or surgery services at Carle. The data includes patient names, medical record numbers, dates of birth, and clinical information. Fortunately, patients’ Social Security numbers and financial data were not included in the breach. However, personal data is a widely accepted currency on the Dark Web, since personally identifiable information(PII) can be used to facilitate additional cybercrimes. Therefore, those impacted by the breach need to closely monitor their accounts for usual activity while being mindful of other malicious uses of that information.

Customers Impacted: Unkown

How it Could Affect Your Business: Data breaches bring a host of complications to any company, including reputational damage and ancillary recovery costs. Altogether, it can cause significant financial distress to any organization. Neutralizing defensible threats, like phishing scams, is a simple and affordable solution that can play a prominent role in protecting your company’s reputation and bottom line.

---

United States – Miracle Systems

Exploit: Malware attack

Risk to Small Business: 1.555 = Severe: Using stolen credentials, hackers gained access to several databases that store company data related to the US military. The breach, which occurred on three separate occasions between November 2018 and July 2019, was enabled by a malware attack that was distributed via a malicious email attachment. Although the stolen data was years old, the company was closely scrutinized by the Secret Service, and company leaders estimate that they’ve lost as much as $1 million because of the breach. Of course, this doesn’t include the opportunity costs associated with a loss in trust and business with the government.

Individual Risk: 2.428 = Severe: Several email account credentials were stolen during the breach, and their accessibility was broadly advertised on the Dark Web. Although the company believes that this information is outdated, all employees should reset their password and follow best practices for creating unique credentials.

Customers Impacted:Unknown

How it Could Affect Your Business: For many companies, protecting their data should be an extension of protecting their bottom line. The Miracle Systems breach is a reminder of the steep price that many companies pay in lost revenue and reputational damage that can have far-reaching consequences for their financial viability and future business model.

---

United States – Restaurant Depot

Exploit: Spear phishing attack

Restaurant Depot: Commercial food service wholesaler

Risk to Small Business: 1.666 = Severe: Restaurant Depot’s customers are receiving phishing emails requesting payment for invoices, purportedly from the company. In response, customers began lashing out on social media, and the company was forced to issue a statement on its website discrediting the email content. The emails are personalized so cybercriminals likely purchased company data from a Dark Web marketplace, which could suggest the possibility of an even more expansive data breach at Restaurant Depot.

Individual Risk: 2.142 = Severe: Any recipient who paid a fraudulent invoice has compromised their personally identifiable information and their payment data. However, even for those that delete the message, it’s likely that their information was obtained through a different data breach, and they should closely examine their credentials for other potential misuses. In some cases, credit or identity monitoring services might be required to ensure their data’s long-term integrity.

Customers Impacted: Unkown

How it Could Affect Your Business: Having your company co-opted as a tool for cybercriminals is bad for business, and companies that are victimized in this way face an expensive, up-hill battle to restore their customer’s confidence. Preemptively knowing if your employee or customer data is compromised can help prevent this scenario by giving your business an opportunity to respond before hackers wreak havoc on your system.

---

In Other News: