Monday, February 3, 2020

ID Agent Speaks with The Cyber Wire Podcast


This week, The Cyber Wire Podcast replayed my conversation in which I discussed the role of monitoring initiatives in helping victims recover from the 2015 data breach at the US Office of Personnel Management, which compromised 4.2 million government employees. 

The data breach is one of the most significant data breaches in history, and it serves as a harbinger for our current data landscape. Hackers effectively obtained a dossier on millions of Americans and monitoring the Dark Web for this information was an enormous, sprawling effort that provided security and peace-of-mind to those impacted by the breach.

Listen to the Cyber Wire Podcast to learn more about the team responsible for restoring and protecting the identities of more than four million government employees in the Office of Personnel Management. Today, this type of data disaster is much more common, and the risk of both companies and consumers has never been higher. At ID Agent, we provide the tools to help protect your customer and company data from falling into the wrong hands.

https://www.linkedin.com/posts/id-agent_the-cyberwire-special-edition-kevin-lancaster-activity-6620354728314363904-Tbmf

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

Tuesday, January 28, 2020

Breached Companies!

United States - Rooster Teeth Productions https://www.bleepingcomputer.com/news/security/attackers-steal-credit-cards-in-rooster-teeth-data-breach/

Exploit: Malware attackRooster Teeth Productions: Entertainment production company
extreme gauge

Risk to Small Business: 2 = Severe: Hackers injected malware into the company’s online store that siphoned off customers’ payment details at checkout. The breach was first detected on December 2nd, and the company claims that the malware was removed on the same day. However, it’s unclear why they waited several weeks before notifying customers of the breach. Rooster Teeth Productions has sent breach notification letters to those impacted by the incident, but the episode will certainly have a negative impact on the brand’s reputation at a critical time of year for sales.
twib-severe

Individual Risk: 2.285 = Severe: Those impacted by the breach had their names, email addresses, telephone numbers, physical addresses, and payment card information stolen in the breach. As a result, they should immediately contact their financial institutions to report the breach. Rooster Teeth Productions is offering a free year of identify monitoring services and enrolling in this service can offer long-term oversight of personal data.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: The timing of this data breach couldn’t be worse. Customers continually demonstrate that they aren’t willing to make purchases from platforms that can’t secure data, so Rooster Teeth Productions will almost certainly lose business during the busy holiday shopping season. Any company relying on e-commerce sales needs to understand cybersecurity risks and take necessary steps to ensure their revenue centers do not become liabilities.

ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal Assist™, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.

United States - Conway Medical Centerhttps://www.beckershospitalreview.com/cybersecurity/south-carolina-hospital-alerts-2-550-patients-of-data-breach.html

Exploit: Phishing attack
Conway Medical Center: Healthcare provider
twib-severe

Risk to Small Business: 1.555 = Severe: Several employees fell for a phishing scam that provided hackers access to patients’ personal data. Although the healthcare provider quickly identified the intrusion and cut off access to those accounts, they can’t recover information already accessed by cybercriminals. As a result, Conway Medical Center will face regulatory scrutiny, which often results in fines and other penalties that can damage their reputation and profitability.
twib-severe

Individual Risk: 2 = Severe: Hackers had access to patients’ personally identifiable information, including their names, dates of birth, Social Security numbers, phone numbers, dates of admission, account numbers, and account balances. Conway Medical Center is providing free identify and credit monitoring services to those impacted by the breach, and those affected should enroll in these services. In addition, they should be vigilant about monitoring their accounts for unusual or suspicious activity.
Customers Impacted: 2,250
How it Could Affect Your Customers’ Business: This major cybersecurity incident was entirely avoidable, since phishing scams are only effective if employees engage with malicious emails. Unfortunately, Conway Medical Center will now bear the cost of credit and identity monitoring services for thousands of patients, as well as the fines and penalties that often accompany a breach. In contrast, comprehensive employee awareness training is a bargain, protecting your company against the phishing attacks that will inevitably make their way to employee inboxes.

ID Agent to the Rescue: BullPhish ID™ simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.

United States - Central Square Technologies 
https://www.cbs46.com/news/security-breach-threatens-credit-card-info-of-marietta-utility-customers/article_b70e1b7e-21f2-11ea-8797-834dde57a97e.html

Exploit: Malware attack
Central Square Technologies: Technology services provider for public sector agencies
extreme gauge

Risk to Small Business: 1.888 = Severe: Hackers compromised the Click2Gov payment system that allowed customers to pay their utility bills online, allowing them to siphon off payment details from customers. Specifically, the breach impacts the City of Marietta, as customers who entered payment information on the website between August 26th and October 26th may have had their credit card information stolen. However, the breach does not impact those paying in person, over the phone, or who are enrolled in the auto-pay system. Unfortunately, the company didn’t identify the breach until early December, which will complicate their recovery efforts and place customers at greater risk for data misuse.
twib-severe

Individual Risk: 2.428 = Severe: The data breach compromised customers’ personal and payment details. Those impacted by the breach should contact their financial institutions to notify them of the breach, and they should carefully monitor their accounts for unusual activity both now and during the period when accounts were compromised.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Third-party partnerships are important business initiatives in today’s digital environment, but when they result in a cybersecurity incident, the repercussions often far outweigh the opportunities. Moreover, vendors with a track record for lax cybersecurity standards will likely find it difficult to find customers willing to work with them, making data security a critical component of any successful business model.

ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID is the leading Dark Web monitoring platform in the Channel. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact.

United States - Nexus Modshttps://www.bleepingcomputer.com/news/security/nexus-mods-game-modding-site-discloses-data-breach/

Exploit: Unauthorized database accessNexus Mods: Game modification website
twib-severe

Risk to Small Business: 2.111 = Severe: Hackers exploited a legacy codebase on the platform to access user credentials. Although the company discovered the breach in November, they just revealed it this week, a move that will likely increase the customer blowback from the incident. While Nexus Mods moved up the development of new software and worked to mitigate the risks posed by their outdated code base, the incident reflects a lack of attention to detail and breach response plan.
twib-severe

Individual Risk: 2.428 = Severe: A subset of users had their account information accessed, including names, email addresses, usernames, and passwords. The platform recommends that victims carefully scrutinize digital communications, as this data is often used to create authentic-looking phishing scams that can further compromise customers’ information.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Exposed user account details can be a serious vulnerability to your customer and company data. Even if your platform isn’t breached, many customers reuse their credentials, allowing hackers to easily deploy phishing scams and gain front-door access to user accounts. However, when equipped with security features like two-factor authentication, customer accounts remain secure even when credentials fall into the wrong hands.


ID Agent to the Rescue: With AuthAnvil, you can promote account security. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your credentials and your data. Find out more at: https://www.idagent.com/authanvil-multi-factor-authentication.

Canada - Life Labs 
https://www.zdnet.com/article/lifelabs-pays-hackers-to-recover-data-of-15-million-customers/

Exploit: Ransomware
Life Labs: Laboratory diagnostics and testing service
twib-severe

Risk to Small Business: 2.222 = Severe: Hackers accessed Life Labs’ IT, stealing copious amounts of customer information and demanding a ransom for the data’s return. In a notice to customers, Life Labs notes that it identified the breach in October, but waited until December to notify customers, a concerning timeframe that will make it more difficult for victims to protect their credentials against misuse. According to the company, they paid the ransom and their data was returned. Now they are declaring the incident a “low risk” to customers”, but given their poor communication so far, this is unlikely to assuage anyone’s concerns anytime soon.
twib-severe

Individual Risk: 2.285 = Severe: Hackers stole customers’ personally identifiable information, including their names, home addresses, email addresses, usernames, passwords, and health card numbers. Those impacted by the breach should monitor their accounts for unusual or suspicious activity, while being mindful that this information is often reused to commit other cybercrimes, including phishing attacks, that attempt to extract even more sensitive personal information.
Customers Impacted: 15,000,000
How it Could Affect Your Customers’ Business: Life Labs had a number of missteps in their handling of this data breach. However, the company did deploy Dark Web monitoring to ensure that their customers’ information wasn’t for sale to the highest bidder. These services can provide peace-of-mind to customers while also helping companies mitigate the often cascading consequences of a data breach.


ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at: https://www.idagent.com/dark-web.

Canada - Andrew Agencies https://www.bleepingcomputer.com/news/security/canadian-insurance-firm-hit-by-maze-ransomware-denies-data-theft/

Exploit: Ransomware
Andrew Agencies: Insurance and financial services provider
twib-severe

Risk to Small Business: 2.222 = Severe: A ransomware attack has encrypted hundreds of the agency’s computers, rendering them unusable and leaving the company searching for a solution. The company first discovered the attack back in October but has declined to pay the ransom. However, the hackers are continuing to set new payment deadlines with promises to publish the company’s data if they don't comply. The group claims to have 1.5GB of customer data, but that claim has gone unverified by hackers and the media.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: 876
How it Could Affect Your Customers’ BusinessWhile ransomware attacks are incredibly expensive, they often don’t result in a data breach, as hackers merely encrypt a company’s IT while trying to extract a payment. However, this event illustrates the potential for ransomware attacks to become data breaches, a progression that will become more costly and concerning as it inevitably becomes more widespread.


ID Agent to the RescueIt’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help to ensure you are getting the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.

United Kingdom - Missomahttps://www.jewelleryfocus.co.uk/27034-missoma-victim-of-data-breach

Exploit: Malware attack
Missoma: Jewelry retailer

extreme gauge

Risk to Small Business: 1.888 = Severe: An attack on the company’s online store has compromised customers’ payment details. The heist, which was quickly resolved by the jeweler, allowed hackers to make off with customer data. The breach is likely to negatively impact the company's online sales during the holiday shopping season. Moreover, the company may face regulatory fines or penalties under Europe’s privacy regulation, GDPR.
twib-severe

Individual Risk: 2 = Severe: Customers impacted by the breach had personally identifiable information and financial data compromised. This includes names, addresses, payment card numbers, and CVVs. Those impacted by the breach should immediately notify their financial institutions of the incident, and they should take every necessary step to ensure that this information isn’t misused now or in the future.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessAny company expecting to thrive in today’s digital-first shopping experience has to have their cybersecurity standards locked down. Today’s customers will not put up with retailers that can’t protect their personal or payment data, which could have serious implications for the company’s viability.

ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.

Germany - Justus Liebig University https://www.zdnet.com/article/more-than-38000-people-will-stand-in-line-this-week-to-get-a-new-password/

Exploit: Ransomware
Justus Liebig University: Public university

twib-severe

Risk to Small Business: 1.777 = Severe: A ransomware attack on the university has crippled their digital operations and instigated several time-intensive recovery procedures. Notably, 38,000 students were asked to stand in line with their ID cards and a piece of paper to receive new email account passwords. At the same time, university staff was individually scanning every computer for malware, using more than 1,200 USB flash drives equipped with scanners to complete the job. The bizarre image of thousands of students standing in line for passwords created a buzz on social media, which placed a spotlight on the university’s cybersecurity incident.
Individual Risk: No personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessThis ransomware attack is complete with absurd images and time-consuming recovery initiatives. However, such peculiarities underscore the opportunity cost that always accompanies a ransomware attack. These attacks extract concessions from their victims on many fronts, and they are a scourge on a brand’s bottom line and reputation. Often, ransomware attacks are instigated through open vectors like compromised employee accounts, and companies can readily address these avenues by putting proper account security protocols in place.

ID Agent to the Rescue: With AuthAnvil, you can protect your employees’ password integrity. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your credentials and your data. Find out more at: https://www.idagent.com/authanvil-multi-factor-authentication.

Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas