Monday, December 16, 2019

Breached!

United States - Florida Blue https://www.beckershospitalreview.com/cybersecurity/florida-blue-alerts-members-of-data-breach.html

Exploit: Phishing attackFlorida Blue: Health insurance provider
twib-severe
Risk to Small Business: 2.2 = Severe: A phishing attack at one of Florida Blue’s third-party vendors successfully duped an employee into compromising patients’ personally identifiable information (PII). The event included less than 1% of Florida Blue’s members, but it shines a spotlight on the underlying cybersecurity vulnerabilities within third-party partnerships. Now, because of an event outside of their immediate control, Florida Blue will face intense regulatory scrutiny and suffer from less-quantifiable reputational damage in the wake of breach.
twib-severe

Individual Risk: 2 = Severe: Patients’ PII was exposed in the breach, including names, dates of birth, and prescription information. Florida Blue is offering free credit monitoring and identity theft protection for anyone impacted by the breach. Although Florida Blue doesn’t believe that patient data has been misused, these services will provide long-term oversight to ensure that patients’ credentials remain secure.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: In today’s digital environment, cybersecurity needs to be a central component of any third-party partnership. Unprotected companies place your data at risk, potentially undermining your best efforts to secure infrastructure. In contrast, strong cybersecurity standards can serve as a competitive advantage, allowing companies to market their strong defensive posture as a reason to subscribe to their services.

ID Agent to the Rescue: Designed to protect against human error, BullPhish ID™ simulates phishing attacks and manages security awareness training campaigns to educate employees, making them the best defense against cybercrime. Learn more here: https://www.idagent.com/dark-web/#contact.

United States - SmartASP.NEThttps://www.zdnet.com/article/major-asp-net-hosting-provider-infected-by-ransomware/

Exploit: Ransomware attack
SmartASP.NET: Web hosting platform
twib-severe

Risk to Small Business: 2 = Severe: Hackers encrypted the web hosting platform’s data, crippling both its IT infrastructure and customer data. After the attack, the company’s phones and website were both inaccessible, and SmartASP.NET was forced to notify customers that their data was encrypted. In addition to encrypting customer-facing infrastructure, a common target for ransomware attacks, the attack locked up significant amounts of back end data and delayed recovery efforts considerably.
Individual Risk: No personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware attacks inevitably have significant financial repercussions, and this is only compounded by the reputational damage that follows such a newsworthy incident. However, hackers need an avenue to deploy this malware, and companies can protect themselves by ensuring that their defensive posture is sufficient to repel today’s most prescient threats.

ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal Assist™, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.

United States - Starling Physicians 
https://www.nbcconnecticut.com/news/local/Starling-Physicians-Warns-Patients-of-Data-Breach-564814302.html

Exploit: Phishing attack
Starling Physicians: Connecticut-based healthcare group
twib-severe
Risk to Small Business: 1.555 = Severe: Three employees fell for a phishing scam, providing hackers with access to their email accounts which contained patients’ personally identifiable information. The breach originally occurred on February 8th but wasn’t discovered until September. It’s taken the company two months to identify those impacted by the breach and send notifications. This lengthy response time will make it more difficult for patients to protect their information, while also opening the company up to increased regulatory scrutiny that could result in fines or penalties that will compound the financial implications of the breach.
twib-severe

Individual Risk: 2.142 = Severe: The compromised email accounts contained a limited number of patient data. Starling Physicians estimate that less than 1% of their patients are impacted, but the personal data includes patients’ names, addresses, dates of birth, passport numbers, Social Security numbers, and medical information. Starling Health is offering free credit and identity monitoring for patients whose Social Security numbers were exposed, and they are encouraging all victims to contact their financial institutions and to monitor their accounts for unusual activity.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Despite the best efforts of cybersecurity software, some phishing emails will inevitably make their way into your employees’ inboxes. Fortunately, these emails aren’t malicious until acted upon by employees. Comprehensive awareness training can equip all employees to identify and neutralize possible threats. It’s a low level of effort, high impact form of defense that can make a significant impact on your company’s data security efforts and ultimately, your bottom line.

ID Agent to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.

United States - Boardridershttps://www.bleepingcomputer.com/news/security/quiksilver-and-billabong-affected-by-ransomware-attack/

Exploit: RansomwareBoardriders: Action sports retailer
twib-severe

Risk to Small Business: 2.222 = Severe A ransomware attack crippled Boardriders’ operations, forcing several of their online stores to close and preventing employees from accessing any of the company’s IT. The event occurred during the last week of October, leaving the business with nearly two weeks of lost sales, productivity, and inventory. Until the ransomware was cleared from the network, employees were asked not to even turn on their computers. This productivity loss is one of the many hidden costs of ransomware attacks that are becoming increasingly prevalent as hackers look to extract large, single-payment sums from their victims.
Individual Risk: No personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: The costs of a ransomware attack are enormous. Whether companies pay the ransom or restore a system from backups, the immediate expense can cripple a business, and the long-term repercussions are a serious deterrent to profitability. In this case, Boardriders offered consumers deep discounts to entice them to return to the store, and their inventory and productivity losses will further erode profitability.


ID Agent to the Rescue: Monitoring the Dark Web for stolen credentials is critical for MSPs who want to provide comprehensive security to their customers. BullPhish ID compliments that data with simulated phishing attacks and security awareness training campaigns to educate employees, making them the best defense against cybercrime: https://www.idagent.com/bullphish-id.

Canada - Nunavut 
http://www.digitaljournal.com/tech-and-science/technology/government-services-in-nunavut-caught-in-ransomware-cyberattack/article/561203

Exploit: Ransomware
Nunavut: Local government
twib-severe
Risk to Small Business: 2 = Severe: A comprehensive ransomware attack has crippled the government’s ability to provide standard services. In total, the attack disabled medical services, family and education offerings, the finance department, and the territory’s legal system. In addition to the immediate price of restoring functionality, opportunity costs and reputational damage will further erode revenue. This episode reflects the total consequence of ransomware attacks, which bring uniquely troubling financial and technological repercussions for any business unlucky enough to be victimized.
Individual Risk: No personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Once a ransomware attack strikes, there is no good or affordable response plan. Therefore, businesses need to have a laser-like focus on defense. In this case, an employee fell for a phishing attack containing a malicious attachment that ultimately infected the entire system. Simply put, ransomware attacks are often avoidable, and every business has millions of reasons to ensure that they are prepared to prevent their execution.


ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.

United Kingdom - University of Hertfordshire https://www.bbc.com/news/uk-england-beds-bucks-herts-50333367

Exploit: Accidental data exposure
University of Hertfordshire: UK-based academic institution
correct severe gauge

Risk to Small Business: 2.555 = Moderate: In an email promoting an upcoming lecture, the university accidentally attached a file that included the recipients’ names and email addresses. Although the data breach is relatively restrained, it is another reminder that organizations of all sizes in every sector are charged with protecting their customers’ data, and this is a task that no organization can afford to take lightly.
correct severe gauge

Individual Risk: 2.857 = Moderate: The list was only provided to those attending the lecture, and it included students’ names and email addresses. However, this information can quickly spread beyond the immediate circulation, increasing the risk of data exposure. Those impacted by the breach should be mindful that this information can be used to perpetrate phishing scams or other forms of fraud, so they should be especially critical of their digital communications.
Customers Impacted: 2,000
How it Could Affect Your Customers’ BusinessIn a digital environment full of cybercriminals looking to exploit your organization’s vulnerabilities, a self-inflicted wound can be especially frustrating. Whether employees are accidentally sharing the personal data of customers or falling for phishing attacks, preparing your team to protect your customers’ information is one of the best ways to ensure that criminals have less opportunity to compromise your users’ data.


ID Agent to the RescueDark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at: https://www.idagent.com/dark-web.

Australia - Monash IVFhttps://kirbyidau.com/2019/11/06/incident-monash-ivf-patients-receive-bogus-emails-after-malicious-cyber-attack-on-fertility-company-abc-news-australia/

Exploit: Compromised email server
Monash IVF: IVF Clinic and fertility program

extreme gauge

Risk to Small Business: 1.777 = Severe: Cybercriminals breached the Monash IVF’s email server, and they used their access to send malicious emails to patients. Since the company stores protected health information (PHI), there is concern about potential privacy violations resulting from the infiltration. To make matters worse, customers are complaining to the media, which will exacerbate the reputational damage that compounds the consequences of a data breach.
twib-severe

Individual Risk: 2.428 = Severe: Since hackers have such intimate access to the company's IT infrastructure, it’s possible that patient information was exposed. However, the fraudulent emails being sent to patients represent a more potent data security threat, as unsuspecting patients could unwittingly provide personal data or account credentials to bad actors. In response, every patient should be especially vigilant to assess the veracity of incoming messages, while also being scrupulous about the information that they provide in response to digital communications.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessIt’s never good for business when your brand is used to facilitate cybercrime. Not only can the costs of a data breach have far-reaching repercussions, but the loss in trust that follows can impact profitability for years to come. A data breach is one of the top causes of brand erosion, and every business needs to take steps to ensure that their technological capabilities improve the user experience without compromising their information.

ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help to ensure you are getting the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.

Australia - Perth https://www.perthnow.com.au/news/consumer-protection/scammers-target-perth-settlement-agent-in-email-scam-worth-70000-ng-b881376125z

Exploit: Compromised email account
Perth: Capital of Western Australia

twib-severe

Risk to Small Business: 2.111 = Severe: Hackers cloned a Perth settlement agent’s email address, and they leveraged the vulnerability to scam consumers out of $70,000. Hackers simply changed one character in the email address before sending authentic-looking invoices to unsuspecting clients. At least two recipients thought the invoice was genuine, and they sent funds to the fraudulent account. As a result, the government is urging home and business buyers to be on high alert during the buying process. This problem will likely interrupt revenue-generating business activities, as the recovery effort will require both cybersecurity updates and reputation repair.
twib-severe

Risk to Small Business: 2.142 = Severe: Due to the personalized nature of this data breach, anyone conducting a personal or business real estate transaction is encouraged to be highly critical of digital funding requests. Perth officials are asking consumers to make a phone call verification of money requests and to be highly critical of digital communications from agents.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessIt’s unclear exactly how hackers gained access to the agent’s information, but it’s evident that hackers were able to use transactional-specific information to dupe recipients into thinking the invoice was legitimate. When it comes to protecting account integrity, simple steps, like enabling two-factor authentication, can ensure that criminal activity doesn’t go unnoticed.

ID Agent to the Rescue: With AuthAnvil™, you can protect your employees’ password integrity. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your credentials and your data. Find out more at: https://www.idagent.com/authanvil-multi-factor-authentication.

Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Thursday, December 12, 2019

Australian Cybersecurity Personnel Are On the Verge of Burnout


For companies around the world, the threat of a data breach is becoming ever-present. This reality is especially pronounced in Australia, where cybersecurity professionals are reporting fatigue and burnout as they battle the litany of threats facing their companies. According to the 2019 Asia Pacific CISO Benchmark Study, the burnout rate among Australian organizations is more than double the global average of 30%. 

In total, 69% of Australian organizations are receiving more than 100,000 cybersecurity alerts every day, significantly higher than the global average. At the same time, the survey, which polled 2,000 information-security professionals, found that Australian organizations were slower to respond to data breaches than companies in other countries. Such behavior compounds costs, as 84% of Australian businesses that experienced a data breach admitted that the expenses exceeded $1 million, a significantly higher sum than other countries in the region. 

SMBs are already struggling to hire sufficient cybersecurity personnel, so supporting IT professionals is a critical component of any company’s cybersecurity initiatives. Fortunately, they don't have to do it alone. The supportive services of an MSP can augment capabilities, lightening the load on in-house cybersecurity professionals.

https://www.cso.com.au/article/668151/surging-breach-alert-identity-burdens-fatiguing-security-practitioners-australia-more-than-anywhere-else/

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Wednesday, December 11, 2019

Google Has Access to Personal Health Information of Millions of US Patients



Recently Google partnered with Ascension - one of the largest health systems in America - but did so quietly. This partnership allows Google access to all of Ascension's patients' data. Ascension operates 150 hospital 21 states.

The effort was code named "Project Nightingale," and has allowed some Google employees access to data including names, birth dates, addresses, family members, allergies, immunizations, radiology scans, hospitalization records, lab tests, medications, medical conditions, and even some billing records. 

The current agreement does not appear to be a violation of HIPAA (Health Insurance Portability and Accountability Act). Google has been looking to expand their health information efforts, including plans to acquire Fitbit. However, Google has responded to the news of the partnership to say the data will not be used other than to assist Ascension medical providers.



Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Tuesday, December 10, 2019

Italian Precision Engineering Companies Hit with Spear Phishing Campaign

Italian precision engineering companies are the latest victims of spear phishing attacks that trick employees into compromising personally identifiable information, login credentials, or other sensitive data. 

The attacks are arriving in employees’ inboxes disguised as authentic-looking inquiries from potential customers. The emails appear with a seemingly innocuous Microsoft Excel spreadsheet that actually contains a fileless trojan capable of capturing users’ credentials. 

The Excel spreadsheet is filled with lists of spare parts, real catalog codes, and other ordering information, making the attacks especially difficult to identify. In addition, the emails are being sent under the guise of international textile producers, a viable client for precision engineering companies.

Currently, only a fraction of antivirus software detects credential stealing malware, which underscores the importance of cybersecurity best practices for protecting company data. Holistic employee awareness trainingequips employees to spot phishing scams and trains them to follow cybersecurity best practices with a simple, streamlined solution.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Monday, December 9, 2019

Breached!

United States - InterMed https://www.newscentermaine.com/article/news/crime/maine-health-provider-hit-by-an-email-security-breach-30000-patients-health-information-exposed/97-c8a8aa5f-fa87-45ba-999c-122fea7a76c8

Exploit: Compromised email accountInterMed: Maine-based physician group
twib-severe
Risk to Small Business: 1.777 = Severe: Hackers gained access to four employee email accounts that contained patients’ protected health information. The first employee account was accessed on September 6th, and the subsequent accounts were available between September 7th and September 10th. Although InterMed did not report the specific vulnerability that led to the breach, credential stuffing and phishing attacks were likely the culprit. The company’s slow response time and the sensitive nature of the compromised data will result in regulatory scrutiny that will amplify the post-breach impact.
twib-severe

Individual Risk: 2.428 = Severe: Patients’ protected health data was compromised in the breach. This includes names, dates of birth, health insurance information, and clinical data. In addition, some Social Security numbers were exposed to hackers. This information has a ready market on the Dark Web, and those impacted by the breach should take every precaution to protect their identity.
Customers Impacted: 30,000
How it Could Affect Your Customers’ Business: Data breaches are becoming increasingly costly, so sufficiently addressing defensible threats should be a top priority for every organization. Employee email accounts are often a top target for hackers who use phishing campaigns and credential stuffing attacks to gain access to their account data. Comprehensive awareness training and Dark Web services that provide advanced notification when credentials are compromised can position companies to protect this easy access point from bad actors.

ID Agent to the Rescue: BullPhish ID™ simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/dark-web/#contact.

United States - Brooklyn Hospital Centerhttps://www.fiercehealthcare.com/tech/ransomware-attack-at-brooklyn-hospital-center-results-permanent-loss-some-patient-data

Exploit: Ransomware
Brooklyn Hospital Center: Full-service community teaching hospital
twib-severe

Risk to Small Business: 2.111 = Severe: A ransomware attack struck Brooklyn Hospital Center, making some patient data inaccessible while deleting other information entirely. The ransomware originated with unusual network activity in July, but it wasn’t until September that the hospital determined that certain data would never be recoverable. However, it’s unclear why it took another month to notify the public of the disabled or missing data. As healthcare providers both big and small face the threat of ransomware attack, this lengthy reporting delay can compound the problem as it ushers in the opportunity for more hostile consumer blowback.
twib-severe

Individual Risk: 2.285 = Severe: Brooklyn Hospital Center declined to identify the specific data compromised in the breach, but healthcare providers are often a target for cybercriminals because of the sensitive nature of this information. Therefore, anyone impacted by the breach should take the necessary steps to ensure their data’s security, including enrolling in identity monitoring services and closely evaluating their accounts for unusual or suspicious activity.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This incident is a reminder that ransomware attacks can have ominous outcomes for any organization. While some are cut and dry transactions, others can be more damaging, resulting in permanent data loss or information exposure. Once your company’s data is in the hands of bad actors, there is no script for determining what happens next. With that in mind, preventing ransomware attacks proactively with proper cybersecurity measures must be a top priority for businesses of every shape, size, and sector.

ID Agent to the Rescue: Monitoring the Dark Web for stolen credentials is critical for MSPs who want to provide comprehensive security to their customers. BullPhish ID compliments that data with simulated phishing attacks and security awareness training campaigns to educate employees, making them the best defense against cybercrime: https://www.idagent.com/bullphish-id.

United States - Utah Valley Eye Clinic 
https://threatpost.com/eye-clinic-breach-reveals-data-of-20000-patients/149878/

Exploit: Unauthorized database access
Utah Valley Eye Clinic: Utah-based eye clinic
twib-severe
Risk to Small Business: 2.333 = Severe: A cybersecurity vulnerability at a third-party affiliate compromised personal data for thousands of the clinic’s customers. The incident resulted in patients receiving fraudulent emails indicating that they received a payment from PayPal. The breach was only recently discovered, originally occurring on June 18, 2018, so patient data has been exposed for a significant duration. As a result, the company will likely face legal penalties and lost revenue due to exposed protected health information (PHI).
twib-severe

Individual Risk: 2.142 = Severe: The clinic confirmed that patient email addresses were compromised in the breach, but it also conceded that other personally identifiable information, including names, addresses, dates of birth, and phone numbers, may have been exposed. The prolonged time to detection means that this information has been available for misuse, and they should be especially vigilant to evaluate online communications and credentials for suspicious or unusual activity.
Customers Impacted: 20,000
How it Could Affect Your Customers’ Business: Third-party partnerships are becoming increasingly important in today’s business environment, yet also capable of inviting potential cybersecurity vulnerabilities. It’s estimated that more than 60% of data breaches involve a third-party exposure. Consequently, cybersecurity should be a top priority when considering partnerships, information sharing, or other collaborative opportunities.

ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID™ is the leading Dark Web monitoring platform in the Channel. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact.

Canada - TD Canada Trusthttps://globalnews.ca/news/6126894/a-couple-who-banks-with-td-canada-trust-loses-hundreds-of-dollars-during-e-transfer-not-once-but-twice/

Exploit: Unauthorized database accessTD Canada Trust: Financial services provider
twib-severe

Risk to Small Business: 2 = Severe TD Canada Trust believes that weak security questions provided hackers with an easy way to access user accounts and redirect online money transfers. Although the complaints are currently limited to two accounts within the same family, compromised user credentials can be a serious problem for both companies and consumers. In this case, frustrated clients took to the media to complain about their experience, harming TD Canada Trust’s customer relationships and brand reputation.
extreme gauge

Individual Risk: 2.142 = Severe: Although it is unclear what personal information is compromised, it’s certain that hackers had access to users’ login credentials and security questions. Therefore, other personal information including names, addresses, and financial data could be compromised. In that case, disrupted payment transfers could be the least of the company's problems. Those impacted by the event should notify their financial institutions about the compromise, and should update credentials with strong, unique passwords and better security questions.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: TD Canada Trust views this cyber incident as an avoidable intrusion since hackers relied on weak login credentials to access a user’s account. Faced with an already complex threat landscape, ensuring that employees and customers do their part to secure data should be an obvious priority for every business. At the same time, having the ability to identify compromised credentials before they are used maliciously allows for preemptive action to prevent a data breach.


ID Agent to the Rescue: With AuthAnvil™, you can prioritize your employees’ password integrity. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your credentials and your data. Find out more at: https://www.idagent.com/authanvil-multi-factor-authentication.

Canada - Pipestone Kin-Ability Centre 
https://www.cbc.ca/news/canada/saskatchewan/kin-ability-cyber-attack-sask-1.5349230

Exploit: Unauthorized network access
Pipestone Kin-Ability Centre: Non-profit serving adults with mental and physical disabilities
twib-severe
Risk to Small Business: 1.666 = Severe: A flaw in the non-profit’s network security allowed hackers to access the company’s financial system, eventually siphoning off more than $400,000. The funds were earmarked for general operations and wages. Administrators immediately identified the unauthorized activity, but their reactive security measures will cause significant losses. The organization is working to identify the culprit, but their efforts are unlikely to fully restore the company’s resources.
Individual Risk: No personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This incident underscores the importance of a forward-thinking readiness posture when addressing today’s cybersecurity risks. Any company relying exclusively on reactive measures will lose time, money, credibility, and customers. However, by preparing for the most prescient threats before they occur, companies can help ensure that their IT infrastructure remains secure.


ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.

United Kingdom - LendingCrowd https://www.p2pfinancenews.co.uk/2019/11/04/lendingcrowd-reports-data-breach/

Exploit: Unauthorized database access
LendingCrowd: Online peer-to-peer lending company
twib-severe
Risk to Small Business: 1.888 = Severe: LendingCrowd notified users of a data breach that impacted a subset of the company’s investors. Company officials noted that their platform hasn’t been breached, which could indicate successful credential stuffing attacks or other account-specific vulnerabilities. The company has contacted those impacted by the breach and regulatory bodies, but LendingCrowd will now deal with the litany of negative consequences that accompany a breach of any size.
extreme gauge

Individual Risk: 2.428 = Severe: LendingCrowd failed to disclose the specific data involved in the breach, but since it impacted P2P lenders, it’s likely to include personally identifiable information such as names, addresses, and certain financial data. This information has incredible value on the Dark Web where it can quickly spread, putting users at risk for additional cybercrimes. Therefore, anyone impacted by the breach should enroll in credit and identity monitoring services to oversee and ensure their data’s long-term integrity.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessEvery business faces numerous cybersecurity threats, but many can be avoided by following cybersecurity best practices. In this case, LendingCrowd is asking all users to enable two-factor authentication to protect their account integrity. These simple steps can make a profound difference in your cybersecurity readiness posture.


ID Agent to the RescueWith AuthAnvil, you can protect your employees’ password integrity. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your credentials and your data. Find out more at: https://www.idagent.com/authanvil-multi-factor-authentication.

United Kingdom - James Fisher and Sons PLChttps://www.cnbc.com/2019/11/05/reuters-america-update-1-marine-firm-james-fisher-reports-cyber-breach.html

Exploit: Unauthorized database access
James Fisher and Sons PLC: Marine services provider

correct severe gauge

Risk to Small Business: 3 = Moderate: An unauthorized third-party gained access to the company’s computer system, forcing JFS to bring their systems offline to prevent intruders from further infiltrating their network. In some sense, the company was lucky. Personal information wasn’t compromised in the breach, but cybersecurity events of any kind can still have serious repercussions for any company. In this case, the company’s shares dropped by nearly 6% after the breach, and JFS will incur the cost of cybersecurity specialists who are working to secure their network retroactively.
Individual Risk: No personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessShareholders recognize that a data breach will inevitably impact a company’s bottom line and sell offs have become a common response to many cybersecurity incidents. This only accelerates and amplifies brand erosion. When coupled with consumers’ wariness surrounding cybersecurity breaches, it’s clear that the financial impact of a data breach can be extensive and long-lasting.

ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help to ensure you are getting the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.

Spain - Everis https://www.bleepingcomputer.com/news/security/ransomware-attacks-hit-everis-and-spains-largest-radio-network/

Exploit: Ransomware
Everis: Managed service provider

twib-severe

Risk to Small Business: 2.666 = Severe: A ransomware attack forced Everis to disconnect their network, cutting off services to employees and customers alike. The attack encrypted many of the company’s files, and it caused a frantic response from IT administrators who warned employees to keep their computers turned off to avoid infection. The hackers left a ransom note that includes a contact address, and they demanded $835,923 to provide a decryption key. In the meantime, the company’s services are entirely inaccessible, and employees are unable to complete work, signaling impending financial implications for the company.
Individual Risk: No personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessRansomware attacks are incredibly costly. Not only are companies tasked with either paying a pricey ransom or acquiring IT support to restore their information, but the brand erosion, opportunity cost, and reduction in productivity all compound the costs. Since there is no cheap way to recover from such an attack, establishing a robust defensive posture is the only advantageous way forward.

ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal Assist, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.

Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com

Breached!