Tuesday, April 23, 2019

Breached!

United States - City of Greenville https://www.scmagazine.com/home/security-news/ransomware/ransomware-knocks-greenville-n-c-offline/
Exploit: Ransomware attackCity of Greenville: Part of a South Carolina network
correct severe gaugeRisk to Small Business: 1.777 = Severe: After local police detected a ransomware infection, the city was forced to shut down most of its servers. While police and fire facilities remain unaffected, other services, including payments to city agencies, are significantly restricted. Consequently, city officials recommend making cash payments until the network can be restored. The city expects servers to be offline for several days as they work to determine the next steps towards rectifying the situation.
correct moderate gauge                                              
Individual Risk: 2.571 = Moderate: According to the city’s communications manager, Brock Letchworth, the city does not believe that the incident compromised personal information.
Customers Impacted: To be determined
How it Could Affect Your Customers’ Business: This episode is a reminder of the fragility within local infrastructure. Although critical safety operations remain unaffected, city employees are unable to continue business as usual, and new solutions are not immediately apparent. Most importantly, it’s essential to know if data is stolen and to understand what thieves intend to do with that information.

ID Agent to the Rescue:  SpotLight ID™ allows MSPs, Resellers and Channel Partners to deliver comprehensive personal identity protection for clients’ employees and customers, ultimately safeguarding corporate systems. Get started here: https://www.idagent.com/identity-monitoring-programs


Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
United States - Minnesota Department of Human Serviceshttps://www.securityweek.com/minnesota-state-agency-breach-may-have-put-thousands-risk 

Exploit:
 Phishing scam

MN Department of Human Services: Minnesota state agency
correct severe gaugeRisk to Small Business: 2 = Severe: In March 2018, a bad actor logged into a state agency email account and sent emails seeking personal information and invoice payments via wire transfer. The breach was detected when an agency employee received the email and flagged it as suspicious. The breach was just disclosed this week, and department officials believe that hackers gained access to the personal information of 11,000 users.
correct severe gauge                                               Individual Risk: 2.285 = Severe Although the agency contends that personal information has not been misused, the perpetrator certainly had access to the data of thousands of people. Because the breach impacted the agency's Direct Care and Treatment division, the data stolen includes treatment information and other sensitive health files.
Customers Impacted: 11,000
How it Could Affect Your Customers’ BusinessThis most recent incident is the department’s third breach in just over a year, something that can have broad implications for data security and patient trust. The employee who received the malicious email responded appropriately, but these scams are preventable through security training and education.

ID Agent to the Rescue: BullPhish ID™ simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: idagent.com/bullphish-id

Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United States - Palmetto Health & Women's Health USAhttps://www.palmettohealth.org/patients-guests/news/palmetto-health-addresses-phishing-incident

Exploit: Phishing scam
Palmetto Health & Women's Health USA: Healthcare providers based in the U.S. that collect and maintain ePHI
correct severe gaugeRisk to Small Business: 1.666 = SeverePalmetto Health and Women’s Health USA reported separate phishing scams that compromised private employee information and patient health records. Only two employee accounts were compromised, but this had cascading consequences for both the companies and their patients.
correct severe gaugeIndividual Risk: 2 = Severe: Both healthcare companies acknowledge that hackers accessed sensitive patient information including names, addresses, social security numbers, Medicare Health Insurance Claim Numbers, and health insurance policy numbers.
Customers Impacted: 41,162
How it Could Affect Your Customers’ BusinessSensitive patient information was disclosed in this breach, and the companies are offering identity theft protection services or free credit reports to affected patients. By all accounts, these companies worked quickly to secure patient information and to respond appropriately. However, email phishing scams are entirely preventable, and training and education can make all the difference.

ID Agent to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id

Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach 

Canada - Mitsubishi Aerospacehttps://www.citynews1130.com/video/2019/04/11/canadian-company-victim-of-apparent-cyber-attack/ 

Exploit: RansomwareMitsubishi Aerospace: Airplane parts manufacturer
correct severe gaugeRisk to Small Business: 1.888 = SevereEmployees at the Mitsubishi Canada Aerospace offices received a notification on their desktops declaring, “Your network has been penetrated. You will receive a BTC address for payment.” The ransomware was signed by RYUK, a notorious hacker believed to have Russian or North Korean origins. While the company's manufacturing capabilities are unobstructed, their facilities have been without internet service since that attack.
correct moderate gauge                                              Individual Risk: 3 = Moderate: It is not currently believed that any personal information was revealed in the ransomware attack.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessRansomware is a serious problem for companies of all sizes. Critical information and operations can be cut off until the ransom is paid. Businesses must establish security protocols and source advanced security solutions in order to appropriately respond in the event of a ransomware attack.



ID Agent to the Rescue: SpotLight ID allows MSPs, Resellers and Channel Partners to deliver comprehensive personal identity protection for clients’ employees and customers, ultimately safeguarding corporate systems. Get started here: https://www.idagent.com/identity-monitoring-programs.
 

Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United Kingdom - UK Home Officehttps://www.bbc.co.uk/news/uk-politics-47888214

Exploit: Accidental sharing
UK Home Office: Ministerial department of the UK government responsible for immigration, security, and law and order 
correct moderate gaugeRisk to Small Business: 2.555 = Moderate: In a mass email communicating with EU citizens applying for the EU Settlement Scheme, an employee inadvertently included all recipients’ emails in the CC field rather than the BCC field, exposing the list of email addresses to all recipients. The agency notified the Information Commissioner’s Office and the Departmental Data Protection Officer about the error, and new internal steps are required to prevent a similar error from happening again.
correct moderate gauge                                             Individual Risk: 2.714 = Moderate: Individuals included in the communication had their email addresses exposed to all other recipients. However, there is little risk of other information exposed from the message.
Customers Impacted: 240
How it Could Affect Your Customers’ Business:  In many ways, this mistake could happen to anyone as human error is often the cause of a data breach. Companies need to put their employees in a position to be successful by implementing software that identifies potential vulnerabilities and deploys real-time safeguards to prevent accidental information sharing.


ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id

Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United Kingdmo - VSDC (Flash-Integro LLC)https://www.bleepingcomputer.com/news/security/vsdc-site-hacked-again-to-spread-password-stealing-malware/

Exploit: Trojan malware attack
VSDC (Flash-Integro LLC): Free multimedia editor
correct severe gaugeRisk to Small Business: 2.222 = SevereHackers accessed the platform’s download links and replaced them with links containing trojan malware that stole personal information from various applications on the infected computer. The company acknowledged the breach and issued a patch, but it will be much more difficult to repair their reputation and to restore customer confidence in their platform.
correct severe gaugeIndividual Risk: 2.428 = Severe: Users who downloaded the application between February 21, 2019 and March 23, 2019 could be impacted by this malware.
Customers Impacted: 648
How it Could Affect Your Customers’ BusinessThis isn’t the first time that VSDC’s website was compromised, and previous breaches made this event possible. Although the company deploys security software to guard its websites, it’s evident that they are not doing enough to protect their critical infrastructure. With a myriad of solutions to choose from, it’s important for small businesses to partner with competent providers and protect users from trojan malware attacks and other vulnerabilities.


ID Agent to the RescueDark Web ID™ can find out how payment data is being used on the Dark Web, even in the case of a malware attack. We work with MSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/.

1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United Kingdom - Matrix.orghttps://www.zdnet.com/article/matrix-hack-forces-servers-offline-user-credentials-leaked/

Exploit: Credentials leak
Matrix.org: Internet protocol for decentralized communication including instant messaging, VoIP, IoT, and more

correct moderate gaugeRisk to Small Business: 2.111 = Severe: A hacker accessed hosting servers for the Matrix.org platform, providing them access to several of the company’s database and exposing unencrypted personal data. The attackers capitalized on outdated software to access the servers. The breach caused widespread network outages that shut down many messaging platforms for hours while the company rebuilt its production servers.
correct moderate gaugeIndividual Risk: 2.428 = Severe Matrix.org’s communication protocols are predicated on privacy, and this incident may have compromised unencrypted content like private messages, password hashes, and access tokens. All users were logged out and asked to change their passwords, and certain data including encrypted conversation history may no longer be available.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessMatrix.org may have escaped the most catastrophic consequences of a data breach, but they will struggle to rebuild their infrastructure and user trust for a long time. Unfortunately, this entire incident may have been avoided through a simple software update. By deploying security software that provides offer a high-level snapshot of a company’s security vulnerabilities, it’s possible to protect against preventable data breaches.

ID Agent to the Rescue:  With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.
Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Japan - Unidenhttps://www.bleepingcomputer.com/news/security/hacked-uniden-commercial-site-serves-emotet-trojan/

Exploit: Emotet trojan distribution
Uniden: Wireless communications brand offering security, monitoring, and radio technologies

correct moderate gauge
Risk to Small Business: 1.777 = Severe: The company’s website was compromised, hosting a Microsoft Word document that delivers a form of the Emotet trojan. When opened, the document runs a macro that downloads three versions of the Trojan. Although the virus is now detectable using many antivirus programs, it was originally discovered by a Twitter user who posted about the incident. The problem is still unsolved, and the website remains compromised. Not only do they risk infecting their customers’ computers, but their lack of awareness and action is even problematic for a company operating in an industry where the emphasis on security should be paramount.
correct moderate gaugeIndividual Risk: 2.142 = Severe: According to reports, the website remains compromised, and any users who download Microsoft Word files from the company could be impacted by the virus.
Customers Impacted: To be determined
How it Could Affect Your Customers’ Business: The company's lack of response is most troubling here. When a data breach does occur, it’s important for businesses to quickly acknowledge and solve the problem. However, at the time of publication, Uniden’s website is still compromised. Companies need the tools to identify security risks and to detect anomalies, rather than having Twitter users raise the alarm by finding them first.

ID Agent to the Rescue:  Dark Web ID can find out how payment data is being used on the Dark Web, even in the case of a malware attack. We work with MSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/.


Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Breached!