Data Breach, Cyber Alert Monday 09-23-2019

DATA BREACH, CYBER ALERT MONDAY: 

Last week, phishing scams continued to trap employees, weak passwords put company data at risk, and the consequences of a breach were higher for SMBs.

United States – Metro Mobility

Exploit: Unauthorized email account access

Metro Mobility: Shared ride public transportation service for riders with disabilities and health complications

Risk to Small Business: 1.333 = Extreme: An unauthorized party gained access to two employee email accounts that contained customers’ personally identifiable information. The data from one account was available between February 4th and March 12th, and information from the second account was available for several hours on March 12th. The company hired a third-party cybersecurity firm to audit their security standards, and they’ve made changes to prevent a similar breach in the future. However, it’s unclear why the company waited so long to notify customers, and future reparations will not be able to recover the damage of the data that’s already stolen.

Individual Risk: 2.143 = Severe: Impacted email accounts contained personal information, including customers’ names, dates of birth, contact information, drivers’ license information, financial information, medical record numbers, patient identification numbers, and treatment-related information. In addition, some users had their Social Security numbers compromised in the breach. Lyons is providing free credit monitoring and identity restoration services for everyone impacted by the breach. Since this information is incredibly valuable to cybercriminals on the Dark Web, breach victims should take advantage of these services to help ensure the integrity of their data.

Customers Impacted: Unkown

How it Could Affect Your Business: A data breach has far-reaching consequences for any company, which makes a preventable attack like a phishing scam especially problematic. Protecting customer data means protecting your bottom line, and cybersecurity training is a low-cost initiative to ensure that phishing threats are neutralized before they compromise customer data and put your company at risk.

 

United States – Premier Family Medical

Exploit: Ransomware
Premier Family Medical: Comprehensive family healthcare provider

Risk to Small Business: 2.111 = Severe: A ransomware attack on Premier Family Medical has significantly restricted employees’ access to patient data and company services, halting key business operations. In some cases, the opportunity cost associated with a ransomware attack can be more costly than the actual recovery effort, placing a multifaceted strain on a business’s finances.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: 320,000

How it Could Affect Your Business: Ransomware attacks have been on the rise in 2019, often targeting SMBs with limited resources for cybersecurity initiatives. Unfortunately, whether companies pay a ransom or restore operations using other recovery efforts, the implications can lead to lower ROI, or even worse, closed doors. When it comes to protecting your network against a ransomware attack, a strong defensive posture is the only option, and it’s one that every business should consider to be mission-critical in today’s digital environment.

 

United States – Entercom Communications

Exploit: Ransomware

Entercom Communications: Broadcasting and radio company based in Bala Cynwyd, Pennsylvania

Risk to Small Business: 2.111 = Severe: Hackers were able to spread ransomware across a company’s network using one company computer. The attack brought down email services, billing networks, and shared drives. While broadcasts continue uninterrupted, employees have been warned not to connect any devices to the company network, and Entercom expects several days of outages before services will be fully restored. Hackers are demanding $500,000 to decrypt the ransomware, but the company is choosing to use cybersecurity services to restore their network instead.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unkown

How it Could Affect Your Business: Regardless of the recovery methodology, recovering from a ransomware attack is incredibly expensive. In this case, hackers demanded $500,000 to restore Entercom’s network, a cost that comes without guarantees that bad actors will follow through on their promises. However, restoring a network often carries similar or even higher costs, meaning that there are no good solutions once an attack occurs. In a similar breach early this year, a station estimated that they lost up to $800,000 in revenue in addition to the $500,000 recovery charge. Consequently, it’s clear that every business needs to protect its bottom line by ensuring that its cybersecurity standards align with today’s emerging threat landscape.



In Other News:

Data Breaches Put Small Businesses at Risk 

Data loss events are a huge risk for any company, but the aftermath of a data breach can be especially problematic for SMBs, a recent study by Bank of America Merchant Services concluded. 

The survey, which included 522 small businesses and 409 consumers in the US, questioned consumers and small businesses about the cybersecurity risks underscoring today’s digital environment. In response, one in five SMBs reported a data breach in the past two years, a 17% increase in two years. Moreover, 41% of small businesses endured a data breach that cost the company more than $50,000.

This financial component is especially troubling for SMBs, which don’t have extravagant resources that large corporations can use to hasten their recovery efforts. Making matters worse, 30% of consumers indicated that they would never return to a small business that endured a data breach, a 20% increase year-over-year.

These trends are taking place as SMBs are increasingly moving online. 51% of SMBs run their own websites, and 70% have some form of e-commerce component to their business.

In total, it’s evident that SMBs have every reason to prioritize data security protocols as a foundational element of a successful, sustainable business model.


A Note From Kobargo..

Brute Force Attacks are the Preferred Method for Spreading Ransomware 

Ransomware attacks are on the rise in 2019, making headlines as they afflict local governments and SMBs with frightening regularity. At the same time, the cost of a ransomware attack is rising precipitously, making these attacks one of the most complicated and feared cybersecurity risks this year. 

However, cybersecurity researchers at F-Secure found that brute force attacks are one of the most prevalent methodologies deployed by hackers, occurring in 31% of ransomware attacks. This approach leverages common or weak passwords to access employee email accounts or company networks where malware can be deployed.

Consequently, companies can reduce their exposure to ransomware threats by ensuring that employees maintain strong, unique passwords for all their accounts. This simple cybersecurity standard is just one best practice that employers can instill in their employees through comprehensive awareness training that can help thwart cyberattacks.


Contact Kobargo Technology Partners to schedule a free consultation today!

Read more
Data Breach, Cyber Alert Monday 09-09-2019

DATA BREACH, CYBER ALERT MONDAY: 

Last week’s customer loyalty programs were compromised, employees continued to fall for phishing scams, and data breach costs continued to increase.

United States – Lyons insurance

Exploit: Unauthorized email account access

Lyons Insurance: Independent insurance broker and employee benefits firm

Risk to Small Business: 1.333 = Extreme: An unauthorized party gained access to two employee email accounts that contained customers’ personally identifiable information. The data from one account was available between February 4th and March 12th, and information from the second account was available for several hours on March 12th. The company hired a third-party cybersecurity firm to audit their security standards, and they’ve made changes to prevent a similar breach in the future. However, it’s unclear why the company waited so long to notify customers, and future reparations will not be able to recover the damage of the data that’s already stolen.

Individual Risk: 2.143 = Severe: Impacted email accounts contained personal information, including customers’ names, dates of birth, contact information, drivers’ license information, financial information, medical record numbers, patient identification numbers, and treatment-related information. In addition, some users had their Social Security numbers compromised in the breach. Lyons is providing free credit monitoring and identity restoration services for everyone impacted by the breach. Since this information is incredibly valuable to cybercriminals on the Dark Web, breach victims should take advantage of these services to help ensure the integrity of their data.

Customers Impacted: Unkown

How it Could Affect Your Business: Few things can cripple a business like a data breach, and post-breach security initiatives can’t help those whose personal information is already available on underground marketplaces. Consumers and employees are increasingly unwilling to associate with companies that cannot protect their information, making cybersecurity a bottom-line problem for every business. Identifying and addressing vulnerabilities before a breach occurs offers tangible benefits over waiting until after a data disaster to make changes.

 

United States – Presbyterian Healthcare Services

Exploit: Phishing scam
Presbyterian Healthcare Services: Private not-for-profit healthcare system and provider

Risk to Small Business: 1.555 = Severe: An employee unwittingly opened a phishing email that provided hackers with access to a treasure trove of patients’ personally identifiable information. The breach occurred on or before May 9th, and it wasn’t discovered for nearly a month. While the healthcare provider began notifying those impacted by the breach in early August, the latest accounting reveals even more extensive damage than originally identified. Moreover, Presbyterian Healthcare Services expects that they still have to understand the full scope of the breach. Healthcare is a highly regulated industry, so Presbyterian Healthcare Services will endure a significant repair cost, along with increased scrutiny from regulatory bodies.

Individual Risk: 2.571 = Moderate: While hackers didn’t have access to electronic health records or billing information, they were able to access patient names, dates of birth, Social Security numbers, and health plan information. Although Presbyterian Healthcare Services hasn’t found the data on the Dark Web yet, those impacted by the breach should assume that it will be exploited for fraud in the near future.

Customers Impacted: 183,000

How it Could Affect Your Business: Companies that store copious amounts of sensitive personal information are sitting ducks for data thieves and have an obligation to take necessary precautions to protect their customers’ data. Fortunately, phishing scams are entirely defensible, and comprehensive awareness training can render such attacks useless. With phishing attacks on the rise, this training should be mandatory for every company storing personal data of employees or customers.

 

United States – Oregon Judicial Department 

Exploit: Phishing Scam

Oregon Judicial Department: Judicial branch of the state of Oregon

Risk to Small Business:  1.444 = Extreme risk: A phishing campaign effectively duped five employees into opening malicious emails that compromised the personal information of thousands of people. The attack occurred on July 15th, and it left affected accounts exposed for four hours before IT admins could disable access to personal data. Consequently, the department is responsible for providing credit monitoring services to impacted individuals, an expense that will hinder the efforts of an already cash strapped organization.

Individual Risk: 2.286 = Severe: The data breach exposed personally identifiable information, including names, full and partial dates of birth, financial information, health data, and Social Security numbers. Anyone impacted by the breach should enroll in the provided credit monitoring services to keep tabs on their financial data. Meanwhile, they should be vigilant about monitoring their personal accounts for suspicious or unusual activity.

Customers Impacted: 6,607

How it Could Affect Your Business: Phishing scams may be incredibly prevalent, but they are also entirely preventable. Despite the best efforts of automated detection services, businesses should assume that some phishing emails will make their way to your employees’ inboxes, making comprehensive awareness training a critical component of holistic data security. By training employees to spot and respond to phishing campaigns, it’s possible to mitigate persistent attacks while demonstrating cybersecurity prowess.

 

United States – Wisconsin Diagnostic Laboratories

Exploit: Unauthorized database access

Wisconsin Diagnostic Laboratories: Medical laboratory and testing service provider

Risk to Small Business: 1.556 = Severe: A June 2019 data breach at one of the company’s partners has compromised the personal information of patients at Wisconsin Diagnostic Laboratories. The company has severed the relationship with their third-party vendor, and they are taking steps to retrieve and secure compromised patient data. Of course, retrieving information once it reaches the web is extremely difficult, and Wisconsin Diagnostic Laboratories will certainly face regulatory scrutiny that will cost time and resources.

Individual Risk: 2.857 = Moderate Risk: The data breach revealed personal data including patient names, dates of birth, dates of service, and other medical information. In some cases, payment information, including credit card numbers and bank account details, was exposed. Social Security numbers and payment data were excluded in the breach. Since this type of information is frequently exchanged on the Dark Web, those impacted by the breach should monitor their accounts closely.

Customers Impacted: 114,985

How it Could Affect Your Business: Today’s business environment often requires partnering with third-parties to provide the best experiences for your customers. Unfortunately, this also increases your company’s exposure to various cybersecurity risks, and every business needs to have effective recovery protocols in place to respond to these incidents. In this way, companies can benefit from relationships with strategic partners with cybersecurity expertise in order to proactively secure sensitive information.

 



In Other News:

Data Breaches Expected to Cost Businesses $5 Trillion by 2024 

By now, every business should be aware of the costs associated with a data breach. Unfortunately, such damages are not being contained. Instead, they are rising steadily, culminating in a $5 trillion price tag by 2024, according to the latest report from Juniper Research. 

A recent report, “The Future of Cybercrime & Security,” found that regulatory fines and lost business will be the primary drivers of this expense.

Consumers continually demonstrate a disdain for platforms that can’t protect their data, making opportunity cost one of the most arduous, often immeasurable consequences of a data breach.

At the same time, the report notes that cybercrimes are likely to accelerate as hackers deploy increasingly sophisticated technology, like AI, to perpetuate even more disruptive cybercrimes.

However, Juniper Research found that cybersecurity-related expenditures are only expected to increase by 8% over the next four years, meaning that enterprises are turning to other methodologies to protect their data. Most prominently, the report concluded, employee awareness training is seen as the most efficient and cost-effective way to protect a company’s data.

Regardless of the technique, one truth is certain. The cybersecurity landscape will not look the same in four years, and every business needs to be prepared to adapt and meet the shifting challenges of its time.


A Note From Kobargo..

Ransomware Attacks Have Doubled in 2019 

The scourge of ransomware attacks around the world are well documented, appearing in front-page headlines and disrupting everything from SMBs to local municipalities. 

Even so, the scope of the problem is even more extensive than many people realize. The latest McAfee Labs Threat Report found a 118% rise in ransomware attacks in the first quarter of 2019.

The precipitous increase follows years of decline for malware as it appeared to fall out of vogue with cybercriminals. However, in 2019, the practice has been monetized by targeting SMBs and local governments, soft targets that don’t often have the resources to effectively update their defenses against ransomware.

The report found that three ransomware strains – Dharma, Ryuk, and GandCrab – are used in the vast majority of attacks, and McAfee notes that a large number of organizations are willing to pay six-figure payments to help ensure that such strategies will continue to adapt and remain relevant well into the future.

Given the high cost of recovering from a ransomware attack, the cybersecurity services that can fortify a company’s defenses are a relative bargain. Especially for SMBs, a strong defensive posture comes with the cost of doing business, and it’s more affordable than cybersecurity failure. 


Contact Kobargo Technology Partners to schedule a free consultation today!

Read more
Data Breach, Cyber Alert Monday 09-02-2019

DATA BREACH, CYBER ALERT MONDAY: 

Last week’s hacks, attacks, data breaches and more…

United States – Rhode Island Ear, Nose, and Throat Physicians Inc.

Exploit: Unauthorized database access

Rhode Island Ear, Nose, and Throat Physicians Inc.: Specialty healthcare practice providing family care for diseases of the ears, nose, and throat

Risk to Small Business: 1.666 = Severe: Hackers accessed a patient database that contained personally identifiable information for patients served by the practice between May 1st and June 12th. Third-party forensic IT specialists determined that information wasn’t copied or downloaded. Regardless, the practice will incur the cost of updating their protocols, and also be subjected to regulatory scrutiny. This could eventually result in additional HIPAA fines, which will negatively affect their bottom line.

Individual Risk: 2.285 = Severe: For those impacted by the breach, personal information, including names, dates of birth, and clinical data was exposed. In some cases, patients had their Social Security numbers compromised as well. Since this information can quickly spread online and onto the Dark Web, identity monitoring services can help identify potential misuses in the future.

Customers Impacted: 2,493

How it Could Affect Your Business: Personal data can quickly make its way to the Dark Web marketplaces where it is often used to facilitate crippling attacks. Therefore, businesses bear the responsibility of protecting and informing their customers of what happens to compromised information. With the CCPA on the brink of being implemented, healthcare companies aren’t the only ones that face the threat of legal penalties.

United States – Massachusetts General Hospital 

Exploit: Unauthorized database access
Massachusetts General Hospital: The largest teaching hospital of Harvard Medical School

Risk to Small Business: 1.555 = Severe: Massachusetts General Hospital (MGH) has begun notifying patients of a data breach in two of the hospital’s computer programs. The event first occurred in June, but the hospital waited more than two months before notifying patients, significantly restricting their opportunity to take precautionary measures before the data is further misused. Now, MGH is incurring the cost of third-party security analysts, and they will be subjected to additional regulatory scrutiny because of the sensitive nature of their business.

Individual Risk: 2.428 = Severe: The data breach exposed personal information for patients participating in select clinical trials. The information includes patient names, dates of birth, medical record numbers, and medical histories. However, Social Security numbers and financial data was not exposed to hackers. Despite the elongated timeframe, those impacted by the breach should review their accounts for suspicious activity, and they should enroll in identity monitoring services to ensure their information’s security moving forward.

Customers Impacted: 10,000

How it Could Affect Your Business: Especially for businesses operating in highly-regulated industries, protecting personal information is of the utmost importance. However, when a mistake is made, every business needs to supportive resources in place to hasten a full recovery and to begin repairing the intense reputational damage that accompanies a cybersecurity incident. In doing so, companies protect their customers, which could make a big difference when securing their loyalty in the future.

United States – City of Borger 

Exploit: Ransomware

City of Borger: Local government administration serving Borger, Texas

Risk to Small Business:  1.666 = Severe: A ransomware attack on the city’s IT infrastructure has crippled their ability to conduct business. The attack was part of a targeted effort impacting 20 Texas municipalities, and it cut off access to basic city services like public records, bill payments, and communications systems were inaccessible. Fortunately, the city has been able to restore several functions without paying the ransom, but several services remain unavailable.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks increasingly afflict local governments and small businesses that often don’t have robust resources to devote to cybersecurity initiatives. However, cybersecurity experts that can identify and address potential vulnerabilities are a relative bargain compared to the tangible and less quantifiable costs associated with a ransomware attack.

United States – Fargo Public Schools

Exploit: Unauthorized database access

Fargo Public Schools: Public school district serving students in Fargo, North Dakota

Risk to Small Business: 1.888 = Severe: An expansive data breach at a third-party vendor compromised students’ personally identifiable information. The breach is attributed to Pearson, but the cost of containment and restoration will fall squarely on the district’s shoulders. Consequently, the district will endure the cost of updating its data privacy protocols and the increased public and media scrutiny that often accompany a data

Individual Risk: 2.285 = Severe: Hackers accessed students names, birthdates, and student ID numbers. However, Social Security numbers or payment information were not compromised. Unfortunately, even small amounts of personal information can be used to enact future identity or cybercrimes. Therefore, those impacted by the breach should enroll in the provided identity monitoring services while also being aware that their information could be used against them in future phishing or other cyber-attacks.

Customers Impacted: Unknown

How it Could Affect Your Business: Today’s business environment often depends on third-party partnerships that can increase an organization’s capabilities. However, when it comes to data privacy, these relationships can also create vulnerabilities, so cybersecurity protocols need to be a top priority when entering into these relationships. Moreover, having customer protection services in place can help mitigate the risks of a data privacy event negatively impacting your customers.



In Other News:

The First Half of 2019 Sees Precipitous Rise in Data Breaches 

A recent report by Risk Based Security confirmed what many people already knew: data breaches are increasing in frequency and scope. 

In the first half of 2019, there were 3,816 data breaches, a 54% increase from the same period in 2018. In total, more than 4 billion records were stolen. While the majority of these records, 3.2 billion were stolen as part of eight high-profile breaches, more than one billion records were taken in lesser known data heists from smaller organizations.

The healthcare sector led all industries with 224 data breaches while retail and finance accounted for 199 and 183 breaches respectively. Meanwhile government and education have collectively endured nearly 300 data breaches.

According to the report, email addresses and passwords were the most sought after data, occurring in more than 70% of data heists. In contrast, only 11% of data breaches contained financial information like credit card numbers.

Email addresses and passwords can be used to promulgate additional cybercrimes, and companies need to train their employees to protect this information as phishing scams and other attacks threaten the integrity of these credentials and business’ entire cyber infrastructure. For starters, implementing comprehensive awareness can help strengthen the security of your company’s email addresses and passwords.


A Note From Kobargo..

Google Estimates 1.5% of All Internet Passwords Vulnerable to Spearphishing 

Sometimes cybercriminals get too much credit for their ability to infiltrate businesses’ IT infrastructure. In many cases, employees’ bad password practices actually cause the vulnerability, a reality that was confirmed in a Google study released this week. 

In the report, Google estimates that 1.5% of all logins used on the internet are a vulnerability to credential stuffing attacks because they were disclosed in previous data breaches. What’s more, even when companies or employees were notified of this vulnerability, only 26% of people changed their passwords to secure their accounts.

However, there is one silver lining. For those who did update their information, 94% created a password that was as strong or stronger than the original password. Ultimately, it’s a reminder that many security vulnerabilities are fixable, and partnering with qualified cybersecurity experts can help you identify these vulnerabilities before they create a catastrophe.


Contact Kobargo Technology Partners to schedule a free consultation today!

Read more
Data Breach, Cyber Alert Monday 08-26-2019

DATA BREACH, CYBER ALERT MONDAY:

LAST WEEK, RANSOMWARE THREATENED A COMPANY’S FINANCIAL FUTURE AND ONLINE SHOPPERS HAD THEIR PAYMENT INFORMATION STOLEN BY MAGECART.

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…

Grays Harbor Community Hospital: Healthcare provider operating as part of the Harbor Medical Group

Exploit: Ransomware

Risk to Small Business: 1.666 = Severe: After an employee accidentally clicked on a phishing email, cybercriminals were able to infect the hospital’s IT infrastructure with ransomware that impacted the provider’s access to medical records, prescription information, and more services, including payment processing. The hackers demanded $1 million to unlock the files, a significant sum that places a serious strain on the cash-strapped hospital. While it’s unclear if the hospital paid the ransom, officials noted that restricted cash flow will threaten the organization’s future financial viability..

Individual Risk: 2.142 = Severe: While there is no evidence that personal data was collected as part of the breach, sensitive patient information, including medical records, demographic information, insurance information, medical history, medical treatment, and billing information could have been made accessible to unauthorized third-parties. Since personally identifiable information can quickly make its way to the Dark Web, where it can be used to facilitate additional cybercrimes, those impacted by the breach should acquire monitoring services to secure this information.

Customers Impacted: 85,000

How it Could Affect Your Business: Ransomware is much more than a temporary inconvenience. The astounding costs surrounding repair, restoration, or even ransom payments can significantly impact a company’s ability to continue operating. Once ransomware takes hold of a company’s IT infrastructure, every path forward is expensive and fraught with difficulties. Therefore, identifying and addressing vulnerabilities before they enable a breach is the only effective way of avoiding the costly aftermath of a ransomware attack.


National Baseball Hall of Fame: American History Museum for Major League Baseball

Exploit: Malicious code script

Risk to Small Business: 1.555 = Severe: The notorious hacking group MageCart infiltrated the National Baseball Hall of Fame, compromising the personal information of customers shopping on their e-commerce store. Hackers had access to shopper information for seven months, beginning in November 2018. The hackers injected a malicious script into the checkout page that forwarded user information to the hacking group. Now, the museum will incur the inevitable repair costs that always accompany a data breach, and the reputational damage to their online store will likely cost them revenue and loyal customers moving forward.

Individual Risk: 2.428 = Severe: MageCart scams steal customer data at checkout, and online shoppers between November 15, 2018 and May 14, 2019 could have their information stolen by the hacking group. This data involves customers’ names, addresses, and payment information, including CVV codes. Customers who made purchases at the online store during this timeframe are encouraged to contact their credit card company and monitor accounts for fraudulent or suspicious activity.

Customers Impacted: Unknown

How it Could Affect Your Business: Online shopping is quickly becoming the go-to buying method for many shoppers, and SMBs rely on this revenue stream to compete with major corporations. Therefore, securing IT infrastructure is critical to stay competitive in today’s digital-first environment. To mitigate the damage after a breach, businesses should strive to provide proactive customer care to ensure that they can quickly and completely recover from a breach.


Camp Verde Unified School District: Public school district serving students in Camp Verde, Arizona

Exploit: Ransomware

Risk to Small Business: 2.111 = Severe: A ransomware attack prevented the school district from accessing its entire network for more than two weeks. The attack’s timing is particularly problematic since it occurred during back-to-school season for the district and its families. Consequently, records and payments are being recorded by hand as the district attempts to continue business as usual. Fortunately, the district has ransomware insurance that will help offset some of the costs, but those resources won’t undo the difficulties incurred by the organization at a critical time for business operations.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business:Opportunity cost is a significant factor in a ransomware attack. Many businesses are making arrangements to account for the costs of recovery, but there is no way to avoid losses in productivity and revenue that inevitably occur during a ransomware attack. Therefore, businesses and organizations need to take every precaution to prevent a ransomware attack before it occurs.


Hy-Vee: Supermarket chain with 245 locations throughout the Midwestern United States

Exploit: Unauthorized database access

Risk to Small Business: 1.777 = Severe: Unauthorized activity involving payment processing software compromised transaction data at the company’s fuel pumps, coffee shops, and restaurants. However, card data involving the company’s supermarket check lanes and other payment systems was not impacted by the breach. As a result, the regional company will have to spend considerably to upgrade its cybersecurity standards and absorb the less quantifiable costs in brand erosion.

Individual Risk: 2.428 = Severe: Hy-Vee took steps to eradicate the malicious activity, but the company has not revealed the specific data sets that were compromised in the breach. Given that the event focused on point-of-sale platforms, it’s possible that names and payment information was made available to hackers. Customers should anticipate further developments from the company, but they should carefully monitor their accounts to identify suspicious activity.

Customers Impacted: 15,298

How it Could Affect Your Business: Supporting those impacted by a data breach is the most important responsibility of any company that fails to protect customer data. Having the policies, procedures, and technology in place to quickly respond to a breach can help mitigate the inevitable reputation damage and customer blowback that accompanies a security lapse.


Choice Hotels: Hospitality franchisor based in Rockville, Maryland

Exploit: Ransomware

Risk to Small Business:2 = Severe Risk: An unsecured database for the hospitality company was discovered by security researchers, but cybercriminals stole a trove of company data before Choice Hotels could repair the vulnerability. When repairing the database, researchers discovered a ransom note indicating the data theft and demanding a $4,000 payment in Bitcoin to return the information. Cybersecurity personnel believe that the hackers intended to destroy the entire database, but their efforts failed.

Individual Risk: 2.714 = Moderate Risk: The data breach includes data from staff and students from the years 2001 – 2016, and it includes first and last names, school email addresses, and birth dates. Personal data can travel quickly on the Dark Web, and those impacted by the breach should enroll in the credit monitoring services offered by the district.

Customers Impacted: Unknown

How it Could Your Customers’ Business: Choice Hotels is working to put new security measures in place to prevent something like this from happening again. Unfortunately, once a breach occurs, customer information is readily and permanently available online. Therefore, data security is one of the best customer-facing initiatives that a business can adopt. When mistakes are made, knowing what happens to that information and putting procedures in place to prevent future breaches is a must-have service for any business.


In Other News:

Canadian Government Launches Cybersecurity Certification Program for SMBs 

A recent survey by StaySafeOnline.org found that 71% of data breaches occur at small businesses, a prolific problem that the Canadian government is trying to solve. Consequently, they’re instituting an incentive program for SMBs prioritizing cybersecurity initiatives.

The new initiative, CyberSecure Canada, allows organizations to prove that they meet specific security criteria, then awards the organization with a certificate and logo that they can include on their website and promotional material.

To become CyberSecure certified, SMBs must demonstrate compliance with 13 security controls that collectively create a safer internet experience for businesses and their customers. The program strives to encourage Canadian SMBs to spend time and resources on cybersecurity initiatives. Not only will this help shore up their own long-term viability, but it also supports customer data security, a top priority in the digital age.

Interestingly, the survey found that many companies aren’t equipped to defend against these threats. The research found that 64% of small businesses don’t have a security team, and only 1/3 provided cybersecurity training to their employees.

Notably, SMBs don’t have to tackle this priority alone. Partnering with qualified cybersecurity professionals can help augment your cybersecurity posture and transforming weaknesses into strengths.


A Note From Kobargo..

ACSC Warns Australian Small Businesses About BlueKeep VulnerabilityAccording to a warning by the Australian Cyber Security Centre, thousands of Australian SMBs are at risk of being compromised by the BlueKeep vulnerability that can wreak havoc on outdated Windows operating systems.

The warning comes on the heels of a disclosure by a security researcher who revealed a publicly available Remote Desktop Protocol that can scan for unpatched systems.

The ACSC estimates that 50,000 Australian devices are vulnerable to this malady, which is easily defensible using a patch provided in a software update.

Unfortunately, for companies that don’t take advantage of the update, their systems can be easily infiltrated by bad actors who steal and destroy company data.

Software updates are critical for ensuring that your business is protected in an ever-evolving threat landscape. Moreover, cybersecurity specialists (Like us!) can provide a comprehensive view of your cybersecurity readiness posture, ensuring that all vulnerabilities are accounted for.


Contact Kobargo Technology Partners to schedule a free consultation today!

Read more
Data Breach, Cyber Alert Monday 08-26-2019

Data Breach, Cyber Alert Monday:
Last week, ransomware threatened a company’s financial future and online shoppers had their payment information stolen by MageCart.

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…

Grays Harbor Community Hospital: Healthcare provider operating as part of the Harbor Medical Group

Exploit: Ransomware

Risk to Small Business: 1.666 = Severe: After an employee accidentally clicked on a phishing email, cybercriminals were able to infect the hospital’s IT infrastructure with ransomware that impacted the provider’s access to medical records, prescription information, and more services, including payment processing. The hackers demanded $1 million to unlock the files, a significant sum that places a serious strain on the cash-strapped hospital. While it’s unclear if the hospital paid the ransom, officials noted that restricted cash flow will threaten the organization’s future financial viability..

Individual Risk: 2.142 = Severe: While there is no evidence that personal data was collected as part of the breach, sensitive patient information, including medical records, demographic information, insurance information, medical history, medical treatment, and billing information could have been made accessible to unauthorized third-parties. Since personally identifiable information can quickly make its way to the Dark Web, where it can be used to facilitate additional cybercrimes, those impacted by the breach should acquire monitoring services to secure this information.

Customers Impacted: 85,000

How it Could Affect Your Business: Ransomware is much more than a temporary inconvenience. The astounding costs surrounding repair, restoration, or even ransom payments can significantly impact a company’s ability to continue operating. Once ransomware takes hold of a company’s IT infrastructure, every path forward is expensive and fraught with difficulties. Therefore, identifying and addressing vulnerabilities before they enable a breach is the only effective way of avoiding the costly aftermath of a ransomware attack.


National Baseball Hall of Fame: American History Museum for Major League Baseball

Exploit: Malicious code script

Risk to Small Business:1.555 = Severe: The notorious hacking group MageCart infiltrated the National Baseball Hall of Fame, compromising the personal information of customers shopping on their e-commerce store. Hackers had access to shopper information for seven months, beginning in November 2018. The hackers injected a malicious script into the checkout page that forwarded user information to the hacking group. Now, the museum will incur the inevitable repair costs that always accompany a data breach, and the reputational damage to their online store will likely cost them revenue and loyal customers moving forward.

Individual Risk:2.428 = Severe: MageCart scams steal customer data at checkout, and online shoppers between November 15, 2018 and May 14, 2019 could have their information stolen by the hacking group. This data involves customers’ names, addresses, and payment information, including CVV codes. Customers who made purchases at the online store during this timeframe are encouraged to contact their credit card company and monitor accounts for fraudulent or suspicious activity.

Customers Impacted: Unknown

How it Could Affect Your Business: Online shopping is quickly becoming the go-to buying method for many shoppers, and SMBs rely on this revenue stream to compete with major corporations. Therefore, securing IT infrastructure is critical to stay competitive in today’s digital-first environment. To mitigate the damage after a breach, businesses should strive to provide proactive customer care to ensure that they can quickly and completely recover from a breach.


Camp Verde Unified School District: Public school district serving students in Camp Verde, Arizona

Exploit: Ransomware

Risk to Small Business: 2.111 = Severe: A ransomware attack prevented the school district from accessing its entire network for more than two weeks. The attack’s timing is particularly problematic since it occurred during back-to-school season for the district and its families. Consequently, records and payments are being recorded by hand as the district attempts to continue business as usual. Fortunately, the district has ransomware insurance that will help offset some of the costs, but those resources won’t undo the difficulties incurred by the organization at a critical time for business operations.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business:Opportunity cost is a significant factor in a ransomware attack. Many businesses are making arrangements to account for the costs of recovery, but there is no way to avoid losses in productivity and revenue that inevitably occur during a ransomware attack. Therefore, businesses and organizations need to take every precaution to prevent a ransomware attack before it occurs.


Hy-Vee: Supermarket chain with 245 locations throughout the Midwestern United States

Exploit: Unauthorized database access

Risk to Small Business:1.777 = Severe: Unauthorized activity involving payment processing software compromised transaction data at the company’s fuel pumps, coffee shops, and restaurants. However, card data involving the company’s supermarket check lanes and other payment systems was not impacted by the breach. As a result, the regional company will have to spend considerably to upgrade its cybersecurity standards and absorb the less quantifiable costs in brand erosion.

Individual Risk: 2.428 = Severe: Hy-Vee took steps to eradicate the malicious activity, but the company has not revealed the specific data sets that were compromised in the breach. Given that the event focused on point-of-sale platforms, it’s possible that names and payment information was made available to hackers. Customers should anticipate further developments from the company, but they should carefully monitor their accounts to identify suspicious activity.

Customers Impacted: 15,298

How it Could Affect Your Business: Supporting those impacted by a data breach is the most important responsibility of any company that fails to protect customer data. Having the policies, procedures, and technology in place to quickly respond to a breach can help mitigate the inevitable reputation damage and customer blowback that accompanies a security lapse.


Choice Hotels: Hospitality franchisor based in Rockville, Maryland

Exploit: Ransomware

Risk to Small Business:2 = Severe Risk: An unsecured database for the hospitality company was discovered by security researchers, but cybercriminals stole a trove of company data before Choice Hotels could repair the vulnerability. When repairing the database, researchers discovered a ransom note indicating the data theft and demanding a $4,000 payment in Bitcoin to return the information. Cybersecurity personnel believe that the hackers intended to destroy the entire database, but their efforts failed.

Individual Risk: 2.714 = Moderate Risk: The data breach includes data from staff and students from the years 2001 – 2016, and it includes first and last names, school email addresses, and birth dates. Personal data can travel quickly on the Dark Web, and those impacted by the breach should enroll in the credit monitoring services offered by the district.

Customers Impacted: Unknown

How it Could Your Customers’ Business: Choice Hotels is working to put new security measures in place to prevent something like this from happening again. Unfortunately, once a breach occurs, customer information is readily and permanently available online. Therefore, data security is one of the best customer-facing initiatives that a business can adopt. When mistakes are made, knowing what happens to that information and putting procedures in place to prevent future breaches is a must-have service for any business.


In Other News:

Canadian Government Launches Cybersecurity Certification Program for SMBs 

A recent survey by StaySafeOnline.org found that 71% of data breaches occur at small businesses, a prolific problem that the Canadian government is trying to solve. Consequently, they’re instituting an incentive program for SMBs prioritizing cybersecurity initiatives. 

The new initiative, CyberSecure Canada, allows organizations to prove that they meet specific security criteria, then awards the organization with a certificate and logo that they can include on their website and promotional material.

To become CyberSecure certified, SMBs must demonstrate compliance with 13 security controls that collectively create a safer internet experience for businesses and their customers. The program strives to encourage Canadian SMBs to spend time and resources on cybersecurity initiatives. Not only will this help shore up their own long-term viability, but it also supports customer data security, a top priority in the digital age.

Interestingly, the survey found that many companies aren’t equipped to defend against these threats. The research found that 64% of small businesses don’t have a security team, and only 1/3 provided cybersecurity training to their employees.

Notably, SMBs don’t have to tackle this priority alone. Partnering with qualified cybersecurity professionals can help augment your cybersecurity posture and transforming weaknesses into strengths.


A Note From Kobargo..

ACSC Warns Australian Small Businesses About BlueKeep Vulnerability

According to a warning by the Australian Cyber Security Centre, thousands of Australian SMBs are at risk of being compromised by the BlueKeep vulnerability that can wreak havoc on outdated Windows operating systems. 

The warning comes on the heels of a disclosure by a security researcher who revealed a publicly available Remote Desktop Protocol that can scan for unpatched systems.

The ACSC estimates that 50,000 Australian devices are vulnerable to this malady, which is easily defensible using a patch provided in a software update.

Unfortunately, for companies that don’t take advantage of the update, their systems can be easily infiltrated by bad actors who steal and destroy company data.

Software updates are critical for ensuring that your business is protected in an ever-evolving threat landscape. Moreover, cybersecurity specialists (Like us!) can provide a comprehensive view of your cybersecurity readiness posture, ensuring that all vulnerabilities are accounted for.


Contact Kobargo Technology Partners to schedule a free consultation today!

Read more

CATEGORIES

YOU MAY ALSO LIKE