Last week, ransomware slows COVID-19 treatment development, malware targets online shoppers, and phishing scams jump by 667% in a month.
United States – Social Bluebook
Exploit: Unauthorized database access
Social Bluebook: Social media platform
Risk to Small Business: 2.117 = Severe
Cybercriminals ex-filtrated a company database containing personal information from thousands of internet influencers. Embarrassingly, the breach, which occurred in October 2019, was identified by TechCrunch reporters who were sent a copy of the stolen database. In a statement, the company claimed to be ignorant of the breach, raising serious questions about the efficacy of its cybersecurity strategy. This incident is likely to have significant blowback from well-connected influencers on social media and invite regulatory scrutiny on many fronts.
Individual Risk: 2.122 = Severe
The stolen database contains account information for 217,000 users. This includes names, email addresses, and hashed and scrambled passwords. Those impacted by the breach should immediately update their login credentials for this website and any other service using the same information, plus closely monitor their accounts for unusual or suspicious activity.
Customers Impacted: 217,000
How it Could Affect Your Customers’ Business: Hackers frequently target social media influencers because of their large public following. Therefore, companies catering to this clientele need to be prepared to protect their users’ valuable personal data. If they can’t, these influencers will almost certainly tell their followers all about it, a principle that applies to a growing number of consumers in every sector.
United States – Ozark Orthopedics
Exploit: Phishing scam
Ozark Orthopedics: Orthopedic healthcare practice
Risk to Small Business: 2.113 = Severe
Four employees fell for a phishing scam and gave hackers access to email accounts containing patient data. The scope of the data breach that occurred in late 2019 was just released by the healthcare provider, creating questions about the practice’s cybersecurity practices. As a result, patients were unable to quickly take steps to protect their identities and Ozark Orthopedics has opened itself up to regulatory scrutiny that could result in substantial financial penalties.
Individual Risk: 1.775 = Severe
Patients’ personally identifiable information was exposed in the breach, including their names, treatment information, Medicare or Medicaid identification numbers, Social Security numbers, and financial account information. In the wrong hands, this information can be used in a litany of financial or identity-related crimes. Those impacted by the breach should immediately enroll in credit and identity monitoring services to secure their personal information.
Customers Impacted: 15,240
How it Could Affect Your Customers’ Business: More than a trillion phishing emails are sent each year, some of which will inevitably make their way into your employees’ inboxes. Training employees to spot these scams is especially important to protect your company from a devastating data breach.
United States – 10x Genomics Inc.
Exploit: Ransomware
10x Genomics Inc.: Biotechnology company
Risk to Small Business: 2.206 = Severe
A ransomware attack disrupted operations at the biotechnology company, which is currently acting as part of a consortium working to quickly develop a treatment for COVID-19. Before encrypting IT, hackers exfiltrated company data. Although the company reports “no material day-to-day impact,” it’s unclear what the implications are for the stolen data or how this could impact its development of a COVID-19 treatment.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Companies in every sector have seen an uptick in cybersecurity threats as COVID-19 disrupts business-as-usual and puts many people on edge. This is especially true for the healthcare industry, which is experiencing a deluge of ransomware attacks, phishing scams, and other threats at a critical time.
United States – GoDaddy
Exploit: Phishing scam
GoDaddy: Internet domain registrar
Risk to Small Business: 2.313 = Severe
A spear phishing attack tricked a customer service employee into providing information that ultimately allowed hackers to view and modify customer records. As a result, several GoDaddy clients, including Escrow.com, which provides escrow services for several prominent websites, were impacted. The breach will have costly implications for both GoDaddy and its customers, who will have to decide if they want to continue partnering with a company that puts their sensitive data at risk.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Today’s online ecosystem is vast and interconnected. This incident is a reminder that failures at other companies can have significant implications for your own, which increases the importance of securing accounts to buttress your IT infrastructure against potential failure at third-party contractors. With simple cybersecurity features, like two-factor authentication, company accounts remain secure even when credentials or login information is exposed.
Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
In Other News:
Healthcare Data Breaches See Significant Increase
In late 2019, we wrote about the connection between healthcare data and the Dark Web, noting a troubling trend that saw bad actors increasingly targeting patient data. Unfortunately, that trend has only accelerated with the onset of the COVID-19 pandemic that is pushing healthcare providers to their limits.
A study of the Department of Health and Human Services’ HIPAA breach reporting tool found 105 breaches impacting 2.5 million patients. However, before February 19th, only 38 incidents and 1.1 million records were affected. Cybercriminals have upped their game to take advantage of the chaotic situation on the ground, and healthcare organizations need to be prepared.
Notably, the study found that hacking incidents are, by far, the leading cause of data breaches. Many included various forms of email account compromise. Moreover, the report predicts that, as more employees work from home, incidents of phishing attacks will increase because employees are more likely to fall for scams when they are isolated at home. Fortunately, a comprehensive employee awareness campaign can thwart these attacks, helping ensure that healthcare providers are focused on patient care rather than being inundated with cybersecurity threats.
https://www.bankinfosecurity.com/health-data-breach-tally-spikes-in-recent-weeks-a-14031
A Note From Kobargo
Phishing Scams Have Spiked by 667% in One Month
The global COVID-19 response has required millions of workers to work from home. When coupled with a general sense of unease and uncertainty, the situation has created a perfect environment for cybercriminals to execute phishing scams. As a result, the number of phishing emails has increased by 667% in the past month.
According to an assessment of 468,000 phishing emails, 2% were directly related to COVID-19. Meanwhile, 54% were labeled as scams, 34% as brand impersonation attacks, and 11% as blackmail. In addition, many are luring clicks by claiming to sell cures, face masks, and other critical supplies.
For businesses, the implications are clear. Nobody can afford a data breach in this environment. Now is the right time to update and reemphasize phishing scam awareness training to ensure that employees can repel these damaging cyberattacks.
https://www.infosecurity-magazine.com/news/covid19-drive-phishing-emails-667/
Contact Kobargo Technology Partners to schedule a free consultation today!
Last week, phishing attacks reel in a bountiful catch in the healthcare sector, how social distancing makes companies vulnerable to a data breach, and cybersecurity tips for working from home.
United States – Tandem Diabetes Care
Exploit: Phishing scam
Tandem Diabetes Care: Medical device manufacturer
Risk to Small Business: 2.555= Severe
Five employees fell for a phishing scam that gave hackers access to email accounts containing customer data between January 17 and January 20, 2020. Although the company acted quickly to secure the compromised employee accounts, they were unable to recoup the stolen information. Given the sensitive nature of their industry, Tandem Diabetes Care will likely face increased regulatory scrutiny and hefty financial penalties.
Individual Risk: 2.428 = Severe
Although Tandem Diabetes Care has expressed in the integrity of their data storage, hackers likely had access to names, contact information, service-related details – even some patients’ Social Security numbers were exposed in the breach. Victims should consider enrolling in credit and identity monitoring services.
Customers Impacted: 140,000
How it Could Affect Your Customers’ Business: In response to this breach, Tandem Diabetes Care is updating its email security protocols to prevent a similar incident in the future. However, phishing scams account for a significant portion of all data breaches, and preparing for these attacks should be a built-in component of every organization’s defense strategy.
United States – University of Utah Health
Exploit: Phishing scam
University of Utah Health: Research and teaching hospitalr
Risk to Small Business: 1.889= Severe
A phishing scam provided hackers with access to the University of Utah Health’s network for more than a month, beginning on January 22, 2020. In addition, the healthcare provider discovered malware on its network that allowed hackers to access patient data. Although the University of Utah Health responded quickly, bad actors still had prolonged access to company and customer data, including HIPPA-protected healthcare records – creating financial, reputational, and regulatory consequences both now and in the future.
Individual Risk: 2.428= Severe
The compromised accounts included patients’ names, dates of birth, medical record numbers, and clinical data. This information can be used to craft authentic-looking spear phishing campaigns. Victims should carefully evaluate all digital communications, and consider enrolling in identity and credit monitoring services to ensure that this information isn’t being misused in other ways.
Customers Impacted: Unknown.
How it Could Affect Your Customers’ Business: Like many companies responding to a data breach, the University of Utah Health is promising changes to its defensive posture to prevent a similar breach in the future. However, companies should assume that malware attacks and phishing scams are an “if” not a “when” proposition, and they should prepare their defensive posture accordingly.
United States – Tupperware
Exploit: Malware attack
Tupperware: Home products line
Risk to Small Business: 2.334= Severe
Hackers infiltrated Tupperware’s online store, injecting payment skimming malware into the checkout process. The malicious script was active for at least five days, and it effectively mimicked Tupperware’s official payment form. After shoppers entered their data into the fake form, a “time out” error appeared, redirecting customers to the actual payment page and disguising the theft, which allowed it to go undetected.
Individual Risk: 2.428= Severe
The payment skimming malware collected customer data entered including names, addresses, phone numbers, credit card numbers, expiration dates, and CVV codes. This data could allow hackers to commit financial theft or identity fraud. Those impacted by the breach should immediately notify their banks, as they will likely need to be issued new payment cards and carefully monitor their accounts for misuse.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: The COVID-19 pandemic has heightened the already-important online shopping experience for many businesses, and online shopping is a singular respite in an otherwise bleak outlook for retailers. Companies can’t afford to lose customers because of a cybersecurity vulnerability. Many customers indicate that they will not return to an online store after a data breach, which means that companies looking to capitalize on their online stores need to make sure this avenue is secure
European Union – Norwegian Cruise Line
Exploit: Phishing scam
Norwegian Cruise Line: Cruise tourism provider
Risk to Small Business: 2.334 = Severe
A Norwegian Cruise Line employee was reeled in by a phishing scam that compromised the personal details of thousands of independent travel agents. The information was then posted on Dark Web forums, making it widely accessible to bad actors. The company, already reeling from the COVID-19 crisis, has now damaged its relationship with partners that are critical to its recovery.
Individual Risk: 2.714= Moderate
The data breach includes plain text passwords and email addresses for thousands of travel agents. While many are associated with TUI and Virgin Holidays, it also covers independent agents and those working with other organizations. Those impacted by the breach should immediately reset their login credentials while also monitoring their accounts for unusual or suspicious activity.
Customers Impacted: 27,000
How it Could Affect Your Customers’ Business: This incident underscores the heightened risk and outsized consequences of falling for scams during the COVID-19 crisis. With more employees working remotely and a general, pervasive sense of uncertainty overshadowing many companies, there is a higher risk of damage from cyberattacks including phishing and ransomware encountered (and interacted with) by anxious employees.
Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
In Other News:
Expert Cybersecurity Tips for Working From Home During a Time of Social Distancing
The COVID-19 pandemic has brought about an unprecedented work-from-home experiment as social distancing measures require millions of employees around the world to work from home. As we’ve already seen, this presents unique cybersecurity challenges for both companies and their employees. To help you secure data while working remotely, here are four simple steps that every company and employee can take
1. Use a trusted VPN. These services can provide a layer of protection by encrypting network traffic and making it more difficult for bad actors to spy on your activity. Choose a reputable VPN provider, as a number of VPN scams have tricked employees into downloading malicious software that steals their login credentials
2. Enable two-factor authentication. Account security is critical, especially when entire companies are working remotely. Enabling two-factor authentication is an affordable and effective way to keep company accounts secure at all times.
3. Refrain from using personal devices. Many employees may be tempted to use personal devices for work-related tasks, especially when working from home. It’s always possible that these devices contain malware or other exploits that could compromise company data.
4. Look out for Phishing Scams. Cybercriminals are always looking for ways to capitalize on our vulnerabilities. At this moment, COVID-19-related phishing scams abound, targeting employees’ sense of isolation and vulnerability to capture critical information.
A Note From Kobargo
Social Distancing Puts Company Data at Risk
As the COVID-19 pandemic continues to cause chaos for businesses, we continue to be committed to helping keep your data secure. To that end, we’ve compiled several resources to help you navigate this unique terrain, and if we can serve you in any way, please don’t hesitate to contact us.
This week, we wanted to highlight a cybersecurity vulnerability that is especially prescient as many people work from home and practice social distancing. According to a study by the Better Business Bureau, the FINRA Investor Education Foundation, and the Stanford Center on Longevity, people are more likely to fall for a scam when they are socially isolated.
Cybercriminals are already taking advantage of our new digital environment sending a flurry of phishing and other fraudulent messages meant to compromise personal and company data, and isolated employees are more vulnerable than usual to these attack methodologies. Therefore, in addition to preparing employees for this troubling trend, make an effort to reach out to employees, coworkers, and family members to make personal connections during this challenging time.
Contact Kobargo Technology Partners to schedule a free consultation today!
Last week, cybercrime makes COVID-19 recovery more difficult, unsecured databases give away millions of records, and resources you need to protect data during this challenging time.
Switzerland – World Health Organization
Exploit: Phishing scam
World Health Organization: United Nations agency responsible for international public health
Risk to Small Business: 1.888= Severe:
Hospital workers are receiving an email purportedly from Dr. Tedros Adhanom Ghebreyesus, director of the World Health Organization (WHO). The email contains a personalized message using the recipients’ valid username and an innocuous-looking attachment. Unfortunately, it’s a phishing attack – when the attachment is opened, it installs malware capable of stealing credentials from the computer. According to cybersecurity researchers, the messages specifically prey on the altruism of recipients, by purporting to include information about novel, preventative drugs and COVD-19 cures.
Individual Risk: 2.571 = Moderate:
At this time, there are no reports of recipients falling for this scam. However, anyone who does click on the attachment has likely allowed malware to compromise their credentials. In that case, they should immediately take steps to remove the malware, reset account passwords, and notify their employers of the incident.
Customers Impacted: Unknown.
How it Could Affect Your Customers’ Business: In 2020, clever spear-phishing emails are par for the course when it comes to anticipated attack vectors, and the bad guys are making them look more authentic all the time. Rather than allowing employees to fall for these scams, possibly compromising company and customer data along the way, keep them alert for trouble by providing regular phishing scam awareness training that accounts for the latest trends and encompasses all of the possible vulnerabilities.
**We’ve learned that even more cyberattacks have been mounted against WHO during this crisis, easily double the usual number. A group of hackers known as DarkHotel is suspected in one of the most major recent live attacks. More than 2000 Corona-virus themed websites are being created each day as cybercriminals rush to take advantage of the opportunity to breach data and steal passwords that is presented to them by the chaos of this pandemic.
United States – Open Exchange Rates
Exploit: Unauthorized database access
Open Exchange Rates: Currency data provider
Risk to Small Business: 1.777= Severe:
While investigating a network misconfiguration, Open Exchange Rates discovered that an unauthorized user was accessing their network. Ultimately, it was determined that the hacker had been accessing their database for nearly a month, beginning on February 9, 2020, and ending on March 2, 2020. The company believes that hackers extracted sensitive user information. In response, Open Exchange Rates has disabled the passwords for all accounts created before March 2, 2020.
Individual Risk: 2.285= Severe:
A copious amount of personal data was compromised in the attack, including user names, addresses, encrypted and hashed passwords, IP addresses, country of residence details, and website addresses. In addition to resetting their account passwords and updating their credentials on any other website using the same information, Open Exchange Rates is warning customers that this information can be used to execute targeted spear-phishing attacks. Therefore, those impacted by the breach should carefully monitor their online accounts for suspicious activity.
Customers Impacted: Unknown.
How it Could Affect Your Customers’ Business: Although it’s a relatively small operation, Open Exchange Rates provides an API that is used by several prominent financial service providers. As a result, the costs of repairing this breach will be compounded by reputational damage that could impact its relationship with these critical partners.
United States – TrueFire
Exploit: Malware attack
TrueFire: Online music school
Risk to Small Business: 1.555= Severe:
On January 10th, TrueFire identified unauthorized access to its database by a mysterious user who was active for more than six months. It’s unclear why the company waited until March to disclose the incident to its customers. The breach compromised users who made online purchases between August 3, 2019, and January 14, 2020. Although the company didn’t explicitly categorize the breach, payment skimming malware is likely responsible for the theft, which included users’ personal and financial data from their online purchases of classes and services.
Individual Risk: 2.571= Severe:
The breach compromised customers’ personal and financial data, including names, addresses, payment card numbers, card expiration dates, and security codes. TrueFire is encouraging victims to monitor their financial statements for unusual activity, but they should do much more. Those impacted by the breach should immediately notify their financial institutions of the incident, and they should strongly consider enrolling in a credit and identity monitoring service to provide long-term oversight of this critical information.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Customers increasingly prefer shopping online rather than going to physical stores. Especially now, as the COVID-19 pandemic forces people to stay home, online stores are a vital lifeline for SMBs to continue generating revenue while people stay off the streets. Therefore, protecting the checkout process must be a top priority, as many customers will be gone for good if their personal or financial data is compromised through mishandled data on the merchant’s end when they make online purchases.
United States – College of Dupage
Exploit: Accidental data exposure
College of Dupage: Academic institution
Risk to Small Business: 1.555= Severe:
The College of Dupage accidentally exposed the 2018 W-2 forms of current and former employees. In a statement, the school identified the risk of data misuse as low. In reality, even one cybercriminal misusing this information could pose significant consequences for a potential victim. The breach occurred as the College of Dupage is preparing to move its services online due to the spread of COVID-19, forcing the cancellation of in-person classes – a timely reminder that in uncertain times information security will still be top-of-mind for end-users, whether they are consumers, staffers, patients, or students.
Individual Risk: 2.142= Severe:
W-2 forms contain personally identifiable information, including names, addresses, and Social Security numbers. College of Dupage is offering free identity monitoring services to those impacted by the breach, and victims should take advantage of it to ensure that their information remains secure both now and in the future.
Customers Impacted: 1,775
How it Could Affect Your Customers’ Business: In response to the incident, the College of Dupage is updating its data management standards to prevent a similar incident from occurring in the future. Unfortunately, these updated protocols will not undo the damage for the nearly 2,000 victims of this data breach. Rather than waiting until a cybersecurity incident occurs, companies should prioritize a reevaluation of their practices to ensure that customer and company data is secure before a breach occurs.
Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
In Other News:
Canadian Healthcare System Inundated by Cybercrime Attacks
The stress created by an emergency like the Coronavirus pandemic is a golden opportunity for hackers. As the Canadian healthcare system grapples with surging treatment demands related to COVID-19, their IT systems are also grappling with a significant uptick in cyberattacks from bad actors trying to steal data and breach systems at healthcare organizations in a critical time.
The threat is so severe that some organizations have called on the government to enact national cybersecurity standards and provide emergency funding to help defend patient data. We’ve reported on several Canadian health institutions impacted by data breaches this year, and in 2019, nearly half of all Canadian data breaches were healthcare-related.
According to several officials, many Canadian healthcare providers are midway through their cybersecurity upgrade roadmaps. Their slow progress means that many of their defenses are outdated and inadequate to meet today’s quickly evolving threats to data and systems.
Don’t wait for your organization’s Doomsday scenario to unfold. Get support now to prevent phishing scams, malware, and other cyber threats from compromising company data. Partnering with cybersecurity experts can help you get your defenses against cyberattacks up to speed faster before a breach occurs.
A Note From Kobargo
How to Avoid Data Breaches While Working From Home
The COVID-19 pandemic has reshaped the way we work practically overnight, as many people are working from home for the foreseeable future. Unfortunately, bad actors are taking advantage of these circumstances by increasing phishing attacks targeting home workers. Taking action now to secure your data and keep your staff alert about threats is the best way to protect your company’s data and systems from opportunistic cybercriminals.
According to a recent assessment, Italy saw a sharp spike in phishing scams as workers quickly shifted from in-office work to home-based arrangements. Around the globe, more than 40% of all workers are currently working from home, a significant jump even in just the past week. In addition to phishing scams, cybersecurity researchers identified a spike in malicious remote access attempts.
Cybercriminals are taking advantage of the jump in employees teleworking to mask their activity and gain access to company data. The US Department of Homeland Security recommends that organizations remain vigilant about equipping employees to identify phishing scams and that they enable two-factor authentication to protect accounts from unauthorized access.
At ID Agent, we recognize that this is a uniquely challenging time for your organization and your employees. To address your data security concerns in these quickly changing times, we’ve compiled several resources to help your data stay safe. If we can be of service, don’t hesitate to reach out. Throughout this crisis, we are committed to keeping your company and customer information secure.
Don’t forget to follow us on social media for our latest news, events, product updates and more!
Contact Kobargo Technology Partners to schedule a free consultation today!
Last week, a ransomware attack impacts COVID-19 care, what happens when a company ignores basic security protocols, and mitigating cybersecurity risks during the Coronavirus pandemic.
United States – Whisper
Exploit: Unsecured database.
Whisper: Privacy-focused messaging app.
Risk to Small Business: 2.111 = Severe:
Developers overlooked basic security protocols when they left a database containing customer information unprotected by even a password, and hackers pounced. As a result, 900 million files dating back to the company’s launch in 2012 were made available online. Although the company was quick to secure the database, its reactive efforts will do little to assuage the doubts and concerns of its privacy-minded customer base.
Individual Risk: 2.571 = Moderate:
Users’ names were not stored in the exposed database, but nicknames, ages, ethnicities, genders, hometowns, group memberships, and location data were all available. Some personal information was highly sensitive and could be used to execute spear phishing campaigns or targeted ransomware attacks.
Customers Impacted: Unknown.
How it Could Affect Your Customers’ Business: Ransomware attacks not only negatively impact productivity and manufacturing, they also negatively impact growth. Companies like Visser Precision have many high-profile and mission-critical clients. Cybersecurity incidents can put those organizations at risk, making them less likely to do business with companies that have data security issues.
United States – Champaign-Urbana Public Health District
Exploit: Ransomware.
Champaign-Urbana Public Health District: Healthcare service provider.
Risk to Small Business: 2.111 = Severe:
A ransomware attack disabled the healthcare provider’s website as concerns over Coronavirus (COVID-19) are reaching a fever pitch. While the incident spared the provider’s email accounts, health records, and patient records, it limited the agency’s ability to communicate with patients. The Champaign-Urbana Public Health District has begun using its social media accounts to communicate with the public, and they’ve launched a backup website to replace the disabled page. This is an expensive and potentially harmful incident at a time when quickly communicating information can be a matter of life and death.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown.
How it Could Affect Your Customers’ Business: The particular malware strain that infected the Champaign-Urbana Health District targets enterprises running Windows 10. It’s a reminder that ransomware is on the rise and companies can take simple steps to ensure that malware doesn’t enter their system through outdated software, phishing attacks, or other vulnerabilities.
United Kingdom – Anteus Tecnologia
Exploit: Exposed database.
Anteus Tecnologia: Developer and distributor of fingerprint identification systems
Risk to Small Business: 1.888 = Severe:
A cyberattack on February 20, 2020, compromised customers’ personal data and payment information but didn’t impact customer funds. The company admitted that the breach occurred because of a known vulnerability, raising questions about the priority of data security at the fintech startup. Now Loqbox is poised to experience significant customer blowback and regulatory scrutiny as it falls under the purview of Europe’s GDPR.
Individual Risk: 2.142 = Severe:
In addition to precise fingerprint data, the database also contained the email addresses and phone numbers of employees who store their information with the company. Those impacted by the breach should take every precaution to secure their data and beware of potential instances of fraud resulting from this compromised information.
Customers Impacted: 76,000
How it Could Affect Your Customers’ Business: Today’s regulatory landscape promises steep penalties for companies that fail to protect customer information. In this environment careless errors, like failing to password protect a database, are especially egregious to regulators and customers – and all companies need to ensure that data security is a day-one, top-down priority.
Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
In Other News:
Hackers Collect Millions from Stolen Payment Card Records
In an increasingly digital-first world, payment card skimming malware has been a growing threat to both customers and retailers – and a profitable business for the bad guys. Unfortunately, that trend is unlikely to abate anytime soon. According to cybersecurity researchers, hackers recently hauled in $1.6 million from selling 239,000 stolen payment cards on the Dark Web.
The card information was stolen throughout 2019 from as thousands of retailers fell victim to malware. In this web-skimming incident, attackers used malicious JavaScript to steal payment data at checkout from stores hosted on the Volusion cloud platform. Unfortunately, the high yield is likely to incentivize other cyber-criminals to pursue payment card skimming, creating a serious liability for companies and customers processing payments online.
Customers routinely demonstrate an unwillingness to shop at online retailers after a data breach. Making cybersecurity at the point of sale a top priority could be the difference between a flourishing online store and a floundering operation. Any business planning to implement online sales needs to have a strong cybersecurity strategy that works mitigate some of the risk of this means of attack including regular malware assessments and Dark Web monitoring.
A Note From Kobargo
Free Coronavirus (COVID-19) Cybersecurity Support Resources!
The Coronavirus (COVID-19) pandemic continues to disrupt the normal flow of business. We know that this is causing challenges for our Partners and clients, and we’re committed to doing everything that we can to support you. We’ve put together some resources that address cybersecurity threats during this difficult time, and we’ll keep providing you with news and tips about protecting data and systems during this crisis to read and share in our blog.
- Take These 3 Steps to Protect Your Data from Coronavirus (COVID-19) Scams
- Remote Work Poses Data Breach Dangers During Coronavirus Lock-down
- New Phishing Attack Threat: Coronavirus Maps, Messages, and Attachments
We’re on top of staying responsive to this rapidly evolving threat environment and monitoring the Dark Web. If we can be of service don’t hesitate to contact us – we’re still working to stay one step ahead of the bad guys.
Don’t forget to follow us on social media for our latest news, events, product updates and more!
Contact Kobargo Technology Partners to schedule a free consultation today!
Last week, ransomware puts contracts at risk, big security errors lead to big fines, and the rise of Coronavirus-related phishing scams.
United States – Visser Precision
Exploit: Ransomware.
Visser Precision: Parts manufacturer for space and defense contractors.
Risk to Small Business: 2.111 = Severe:
Visser Precision was infected with data exfiltrating ransomware that stole proprietary information before encrypting IT systems. Based on documents published online, it appears that hackers obtained company data, including a list of clients, nondisclosure agreements, and some development plans. This incident reflects a growing trend in ransomware attacks – cybercriminals are increasingly stealing company data before encrypting critical IT systems, and organizations don’t detect it until it’s too late.
Individual Risk: No personal information was compromised in this breach.
Customers Impacted: Unknown.
How it Could Affect Your Customers’ Business: Ransomware attacks not only negatively impact productivity and manufacturing, they also negatively impact growth. Companies like Visser Precision have many high-profile and mission-critical clients. Cybersecurity incidents can put those organizations at risk, making them less likely to do business with companies that have data security issues.
United States – Riverview Health
Exploit: Accidental data sharing.
Riverview Health: Healthcare provider.
Risk to Small Business: 2.333 = Severe:
On January 14, 2020, an employee inadvertently sent notification letters that intermixed patients’ names and addresses. The messages were delivered to the appropriate addresses, but they included the incorrect patient name. In today’s digital landscape, even small clerical errors can have significant consequences as both customers and regulators look to punish companies that fail to secure personal information.
Individual Risk: 2.714 = Moderate:
Patients’ names and addresses were compromised in the breach. Riverview Health maintains that the risk of data misuse is very low, but victims should still be aware that this information can be used for nefarious purposes and take precautions to ensure that their information is secure.
Customers Impacted: 2,610
How it Could Affect Your Customers’ Business: The biggest threat to your data isn’t cybercriminals, its human error. With customer blowback and regulatory penalties increasing, every organization needs to take steps to mitigate the risk posed by staff mistakes. Implementing protocols and increasing training about the pitfalls presented by phishing attacks and data sharing errors can significantly reduce your organization’s exposure to a data breach.
United States – J Crew
Exploit: Unauthorized database access.
J Crew: Clothing retailer.
Risk to Small Business: 2.111 = Severe:
J Crew identified a data breach that took place in April 2019. In response, the company has disabled all impacted accounts and advised all customers to reset their account credentials. The incident follows cybersecurity lapses at other prominent retailers at a time in which many consumers are shunning companies that don’t secure their information. The lengthy identification and reporting time will likely open the organization up to additional regulatory scrutiny that could further erode its brand reputation and bottom line.
Individual Risk: 2.428 = Severe:
Hackers accessed customers’ account login credentials, email addresses, and passwords. Partial payment card data and order information was also compromised. The company has closed the impacted accounts, but all J Crew customers should take steps to protect their personal information.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: With threats coming from multiple directions, every organization must enact strong cybersecurity defenses to ensure that they are ready to address potential threats and keep their clients’ data safe – and avoid the brand-eroding fallout that comes from a cybersecurity disaster. In doing so, they can minimize the consequences of a breach, keep customer data off the Dark Web, and promote rapid recovery.
Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
In Other News:
60% of UK Consumers Impacted By a Data Breach in 2019
As expected, 2019 was a devastating year for data breach victims. As more year-end studies are completed and released, we’re learning more about who was affected the most. According to a recent report, nearly 60% of UK consumers were impacted by a data breach last year, a staggering total that underscores the personal implications of the more than 7,000 data breaches that affected UK companies in 2019.
The report noted the potential consequences of such an extensive breach environment, including cybercriminals using the sensitive personal and financial information that they collect from users as a gateway to deploy other cyberattack tactics like spear-phishing that can compromise sensitive information, data, and systems even more severely.
Although the number of breaches hasn’t increased significantly, the amount of compromised records has escalated. The number of records that have been compromised has tripled since 2018, surpassing 15 billion this year. This 300% year-over-year increase should encourage companies to seek solutions that can monitor the Dark Web for their data to preempt further hacking attempts. At the same time, training employees to identify and neutralize increasingly sophisticated spear-phishing campaigns is an absolute prerequisite for a capable defensive posture in 2020. https://securityboulevard.com/2020/02/almost-60-of-uk-consumers-affected-by-data-breaches-in-2019/
A Note From Kobargo
Coronavirus Phishing Scams Capitalizing on Fear & Urgency
As concern over the Coronavirus (COVID-19) spreads around the globe, hackers are exploiting the atmosphere of panic and fear created by the pandemic to steal peoples’ personal information. According to a recent report, more than 4,000 Coronavirus-related domains have been registered since the beginning of the year. Experts consider 3% to be outright malicious, and 5% are categorized as suspicious – more than double the usual number. Hackers are likely to target organizations with phishing attacks in an attempt to steer employees toward these malicious sites where they can steal critical data.
The World Health Organization has already issued a warning about Coronavirus-related phishing attacks that purport to be from to their organization, and CISA has released several warnings about the emerging threat of COVID-19 related phishing scams. Taken together, it’s a reminder that while phishing scam awareness training is an effective defense against cybercrime, security education isn’t a static endeavor. It must always adapt to address today’s shifting threats in order to keep your organization a step ahead of tomorrow’s bad actors.
https://www.vox.com/recode/2020/3/5/21164745/coronavirus-phishing-email-scams
Contact Kobargo Technology Partners to schedule a free consultation today!