Tuesday, January 22, 2019

Ireland - Luas

Ireland - Luas  
Exploit: Website compromise via newsletter hack.
Luas: Light rail system in Dublin.
correct severe gauge
Risk to Small Business: 2.111 = SevereSince the investigation is ongoing, the extent of damage is not determined. However, the hacker responsible for the attack threatened to publish all compromised data if the demanded ransom of 1 bitcoin was not met within 5 days. Currently, no financial information has been exposed, but complete access to a company’s website can result in theft of IP, IT system interference, and entry into sensitive data.
correct moderate gauge
Individual Risk: 3 = ModerateGiven that the attack was limited to the 3,226 that signed up for the Luas newsletter and did not include payment details, the threat to individual compromises is relatively low. Nevertheless, it remains to be seen if there will be other repercussions.
Customers Impacted: 3,226 people who signed up for the Luas newsletter.
How it Could Affect Your Customers’ BusinessSituations where ransom is involved can be sticky, since there is no assurance that the hacker will not leak the data even if the ransom is paid. On the other hand, the group or person responsible has threatened to publish all data and send emails to the users, which could cause customers to avoid visiting the website or trusting their payment information with the tram service. Also, the hacker could virtually destroy the website, resulting in the company having to rebuild their entire platform.
ID Agent to the Rescue: Dark Web ID can help you proactively monitor if customer data is being leaked on the Dark Web, helping reduce the impact of such a breach. See how you can benefit here: https://www.idagent.com/dark-web/.
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

France and Spain - Orange

France and Spain - Orange 
Exploit: Device vulnerability in modems that reveals Wi-Fi credentials.
Orange: Telecommunications operator that offers a router product.
correct severe gaugeRisk to Small Business: 2.333= SevereAlthough such an attack can be contained by finding all the hardware products with vulnerabilities, the breach can negatively impact customers and result in the erosion of brand loyalty.
correct moderate gaugeIndividual Risk: 2.571= Moderate: Such a compromise can be dangerous because it enables hackers to execute on-location proximity attacks, which means they can travel to a company headquarters or home to access a network and then hack into connected devices nearby. Also, Wi-FI passwords might be reused elsewhere, such as the backend administration panel, allowing hackers to control the system infrastructure and create online botnets.
Customers Impacted: 19,500 customers using Orange Livebox modems.How it Could Affect Your Customers’ BusinessSecurity vulnerabilities in hardware can be financially catastrophic, as they usually result in expensive patches, product recalls, reinvention, and customer churn.ID Agent to the Rescue: Dark Web ID™ monitors the Dark Web and can help discover this form of breach before it hits the news cycle. We work with MSP and MSSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/.
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

In Other News:

In Other News:
DNA For Pay The Leaders of Genomics England has revealed that foreign hackers have attempted to access the DNA data the organization is collecting. The reality that hackers could steal DNA data if they successfully access a network is a scary thought. As the general population becomes more aware that their data is valuable, it should also become apparent that handing over data and in this case, DNA, could result with it ending up on the Dark Web or in the hands of a nation state. While no breach occurred to this organization, the fact that they are regularly under attack should be a wake-up call.
What We’re Listening To

Monday, January 21, 2019

United States- Managed Health Services of Indiana

United States- Managed Health Services of Indianahttps://www.infosecurity-magazine.com/news/third-party-breach-exposed-31k/
Exploit: Third-party breach via employee email phishing attack.Managed Health Services (MHS) of Indiana: Healthcare group that manages Indiana's Hoosier Healthwise andHoosier Care Connect Medicaid programs.
extreme gaugeRisk to Small Business: 1.333 = Extreme:   When vulnerabilities of this magnitude are exposed within a third-party provider’s environment, the finger-pointing begins immediately. LCP Transportation, the vendor for MHS that disclosed the breach, will surface in news headlines and must answer to many other concerned clients as well. Although there is no evidence that any of the information was misused, experts are already calling for better cyber-risk management solutions to protect the healthcare industry.
correct severe gauge                                                   Individual Risk: 2.142 = Severe: When vulnerabilities of this magnitude are exposed within a third-party provider’s environment, the finger-pointing begins immediately. LCP Transportation, the vendor for MHS that disclosed the breach, will surface in news headlines and must answer to many other concerned clients as well. Although there is no evidence that any of the information was misused, experts are already calling for better cyber-risk management solutions to protect the healthcare industry.
Customers Impacted: Up to 31,000 patients.
How it Could Affect Your Customers’ Business:  In light of multiple reports of data breaches at Humana and the Blue Cross Blue Shield network of Michigan this year alone, it is clear that the healthcare industry is in the crosshairs of cybercriminals. Other organizations should take notice, protecting sensitive health data and putting systems in place to avoid being breached. Also, this example of third-party breach serves as a great reminder for businesses to thoroughly evaluate vendors and ensure that updated security systems are in place.ID Agent to the Rescue: SpotLight ID™ by ID Agent can help proactively monitor stolen employee and customer data, mitigating losses from this breach type. Learn more at: https://www.idagent.com/dark-web/.
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


United States - BlackMediaGames (Town of Salem)

United States - BlackMediaGames (Town of Salem) 
https://www.scmagazine.com/home/security-news/town-of-salem-breach-affects-7-million-accounts/
Exploit: LFI/RFI attack that injected malicious code into database.
BlankMediaGames: Game maker of ‘Town of Salem’.
correct severe gauge
Risk to Small Business: 2 = SevereWith a number as high as 7.6M users exposed, this cyberattack has the potential to be game-changing. News broke that DeHashed, a commercial breach indexing service, discovered the successful attack before Christmas and tried alerting the company, but no actions were made to secure the hacked servers and notify users until later on. Cybersecurity experts are claiming that the company’s hashing technique (PHPBB) for securing passwords was relatively weak, meaning that it is only a matter of time until hackers were able to crack them.
correct moderate gauge
Individual Risk: 2.428 = SevereStolen user data included usernames, email addresses, hashed passwords, IP addresses, and game/forum activities. Payment information or credit card details were not exposed, but compromised information can still be leveraged to gain access to payment details on other similar accounts.
Customers Impacted: 7.6M users of ‘Town of Salem’.How it Could Affect Your Customers’ BusinessAlthough BlankMediaGames clarified that it does not handle payment information, users may not fully grasp what this means. When they hear breach, they feel exposed. To further compound the issue, the company admitted that its hashing platform for passwords was not as secure as it could be. Overall, video game services are becoming “low hanging fruits” for cybercriminals due to the emphasis of user experience over security and increasingly growing value of digital “in-game” goods or purchases.
ID Agent to the Rescue: SpotLight ID™ is backed by our $1M identity theft restoration policy, and can help MSPs’ clients proactively protect customers while enhancing overall cyber security awareness. Learn more at:https://www.idagent.com/identity-monitoring-programs.
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

United States - Quora

United States - Quora 
Exploit: Unclear at this time.
Quora: A popular question and answer site that boasts 300 million monthly active users.
correct severe gauge
Risk to Small Business: 2.333 = SeverePeople are not soon to forget that the question and answer site was unable to keep their data safe. This could cause a migration from any site to another similar one, something that is common among social media sites in particular.
correct moderate gauge
Individual Risk: 2.857 = Moderate: Those affected by this breach are at an increased risk of phishing attacks 
Customers Impacted: Unclear at this time.
How it Could Affect Your Customers’ BusinessQuora handled the breach very well, with the CEO releasing a blog post detailing what they know and apologizing to their users. The amount of time it will take for the organization to regain their users’ trust is unclear. The transparency by the organization’s leadership will greatly help it bounce back sooner than if they hadn’t responded as such.
ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach of this type. Learn more: https://www.idagent.com/identity-monitoring-programs
Risk Levels:
1 - Extreme Risk
2 - Severe Risk
3 - Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.
Exploit: Credential Stuffing.
Humble Bundle: Humble Bundle, Inc. is a digital storefront for video games, which grew out of its original offering of Humble Bundles, collections of games sold at a price determined by the purchaser and with a portion of the price going towards charity and the rest split between the game developers.
correct severe gaugeRisk to Small Business: 2.333 = SevereThe breach only contained user’s subscription status, but it is believed that this could be the first part of a more extreme breach. Because the bad actor knows if user’s subscriptions are active, inactive, or paused, they could send out spear-phishing emails about the subscriptions that would trick users into clicking.
correct moderate gaugeIndividual Risk: 3 = Moderate: No information directly related to the individual has been compromised other than the subscription status of users.
Customers ImpactedA “very limited” number of people.
How it Could Affect Your Customers’ BusinessThis breach is a good lesson in how it is important to report any breach, as this seemingly minor breach is most likely the first step in a spear phishing campaign.ID Agent to the Rescue: ID Agent offers Dark Web ID™ which discovers compromised credentials that could be used to implement a crypto jacking script. Make sure your credentials are safe; for more information go tohttps://www.idagent.com/dark-web/
Risk Levels:
1 - Extreme Risk2 - Severe Risk3 - Moderate Risk
*The risk score is calculated using a formula that takes into account a wide range of factors related to the assessed breach.

Ireland - Luas