Friday, April 3, 2020

Breached Companies!

Switzerland – World Health Organization

Exploit: Phishing scam
World Health Organization: United Nations agency responsible for international public health   
Risk to Small Business: 1.888= Severe
Hospital workers are receiving an email purportedly from Dr. Tedros Adhanom Ghebreyesus, director of the World Health Organization (WHO). The email contains a personalized message using the recipients’ valid username and an innocuous-looking attachment. Unfortunately, it’s a phishing attack –  when the attachment is opened, it installs malware capable of stealing credentials from the computer. According to cybersecurity researchers, the messages specifically prey on the altruism of recipients, by purporting to include information about novel, preventative drugs and COVD-19 cures.
Individual Risk: 2.571 = Moderate
At this time, there are no reports of recipients falling for this scam. However, anyone who does click on the attachment has likely allowed malware to compromise their credentials. In that case, they should immediately take steps to remove the malware, reset account passwords, and notify their employers of the incident.   
Customers Impacted: Unknown 
How it Could Affect Your Customers’ Business: In 2020, clever spear phishing emails are par for the course when it comes to anticipated attack vectors, and the bad guys are making them look more authentic all the time. Rather than allowing employees to fall for these scams, possibly compromising company and customer data along the way, keep them alert for trouble by providing regular phishing scam awareness training that accounts for the latest trends and encompasses all of the possible vulnerabilities. 
ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal AssistTM, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.
As we finished compiling The Week in Breach, we learned that even more cyberattacks have been mounted against WHO during this crisis, easily double the usual number. A group of hackers known as DarkHotel is suspected in one of the most major recent live attacks. More than 2000 Corona-virus themed websites are being created each day as cybercriminals rush to take advantage of the opportunity to breach data and steal passwords that is presented to them by the chaos of this pandemic. Stay alert to what they’re up to by reading our blog.

United States –  Open Exchange Rates

Exploit: Unauthorized database access
Open Exchange Rates: Currency data provider 
Risk to Small Business: 1.777= Severe
While investigating a network misconfiguration, Open Exchange Rates discovered that an unauthorized user was accessing their network. Ultimately, it was determined that the hacker had been accessing their database for nearly a month, beginning on February 9, 2020, and ending on March 2, 2020. The company believes that hackers extracted sensitive user information. In response, Open Exchange Rates has disabled the passwords for all accounts created before March 2, 2020. 
Individual Risk: 2.285= Severe
A copious amount of personal data was compromised in the attack, including user names, addresses, encrypted and hashed passwords, IP addresses, country of residence details, and website addresses. In addition to resetting their account passwords and updating their credentials on any other website using the same information, Open Exchange Rates is warning customers that this information can be used to execute targeted spear phishing attacks. Therefore, those impacted by the breach should carefully monitor their online accounts for suspicious activity. 
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Although it’s a relatively small operation, Open Exchange Rates provides an API that is used by several prominent financial service providers. As a result, the costs of repairing this breach will be compounded by reputational damage that could impact its relationship with these critical partners. 
ID Agent to the Rescue: BullPhish IDTM simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.       

United States – TrueFire  

Exploit: Malware attack
TrueFire: Online music school
Risk to Small Business: 1.555= Severe
On January 10th, TrueFire identified unauthorized access to its database by a mysterious user who was active for more than six months. It’s unclear why the company waited until March to disclose the incident to its customers. The breach compromised users who made online purchases between August 3, 2019, and January 14, 2020. Although the company didn’t explicitly categorize the breach, payment skimming malware is likely responsible for the theft, which included users’ personal and financial data from their online purchases of classes and services.      
Individual Risk: 2.571= Severe
The breach compromised customers’ personal and financial data, including names, addresses, payment card numbers, card expiration dates, and security codes. TrueFire is encouraging victims to monitor their financial statements for unusual activity, but they should do much more. Those impacted by the breach should immediately notify their financial institutions of the incident, and they should strongly consider enrolling in a credit and identity monitoring service to provide long-term oversight of this critical information.  
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Customers increasingly prefer shopping online rather than going to physical stores. Especially now, as the COVID-19 pandemic forces people to stay home, online stores are a vital lifeline for SMBs to continue generating revenue while people stay off the streets. Therefore, protecting the checkout process must be a top priority, as many customers will be gone for good if their personal or financial data is compromised through mishandled data on the merchant’s end when they make online purchases. 
ID Agent to the Rescue: Dark Web IDTM can find out how payment data is being used on the Dark Web, even in the case of a malware attack. We work with MSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/.   

United States – College of Dupage   

Exploit: Accidental data exposure  
College of Dupage: Academic institution  
Risk to Small Business: 1.555= Severe
The College of Dupage accidentally exposed the 2018 W-2 forms of current and former employees. In a statement, the school identified the risk of data misuse as low. In reality, even one cybercriminal misusing this information could pose significant consequences for a potential victim. The breach occurred as the College of Dupage is preparing to move its services online due to the spread of COVID-19, forcing the cancellation of in-person classes – a  timely reminder that in uncertain times information security will still be top-of-mind for end-users, whether they are consumers, staffers, patients, or students.  
1.51 – 2.49 = Severe Risk
Individual Risk: 2.142= Severe
W-2 forms contain personally identifiable information, including names, addresses, and Social Security numbers. College of Dupage is offering free identity monitoring services to those impacted by the breach, and victims should take advantage of it to ensure that their information remains secure both now and in the future.   
Customers Impacted: 1,775
How it Could Affect Your Customers’ Business: In response to the incident, the College of Dupage is updating its data management standards to prevent a similar incident from occurring in the future. Unfortunately, these updated protocols will not undo the damage for the nearly 2,000 victims of this data breach. Rather than waiting until a cybersecurity incident occurs, companies should prioritize a reevaluation of their practices to ensure that customer and company data is secure before a breach occurs. 
ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task, especially in uncertain times. With Goal AssistTM we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make your case. Learn more here: https://www.idagent.com/goal-assist.       

Canada – Rogers Communications

Exploit: Unsecured database  
Rogers Communications: Internet service provider
Risk to Small Business: 2.111= Severe
A third-party vendor left an unprotected database exposed to the internet compromising customers’ personal information. The breach was discovered on February 26th, and it’s unclear why it took the company nearly a month to make a public statement about the incident. Although the company acted quickly to secure the data, its reactive measures will not undo the damage to victims, nor will it mitigate the reputational damage that will inevitably follow the breach. 
Individual Risk: 2.142= Severe
The exposed data includes customer addresses, account numbers, email addresses, and telephone numbers. Fortunately, financial information was not included in the breach. To support the victims, Rogers Communications is offering a free year of credit monitoring. In addition, those impacted by the breach are being should closely monitor their accounts for targeted phishing scams that could compromise additional data.  
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: There are many ways that bad actors gain access to company IT. Whether they exploit a third-party vulnerability or acquire credentials in a phishing scam, every organization needs to be prepared to restrict access to critical account access. With simple security steps, like requiring strong, unique passwords and two-factor authentication across all accounts, you can keep cybercriminals away from user and employee information.    
ID Agent to the Rescue: With AuthAnvilTM, user credentials and passwords are protected. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your systems and your data. Find out more at https://www.idagent.com/authanvil-multi-factor-authentication

Germany – Takeaway  

Exploit: DDoS attack  
Takeaway: Food delivery service  
Risk to Small Business: = 1.888 Severe
As the spread of COVID-19 forces many restaurants to close or alter their offerings, Takeaway, a food delivery service that’s uniquely well-suited to assist during these times, experienced a DDoS attack that forced its website offline. Cybercriminals demanded a ransom payment of $11,000 in Bitcoin to stop the attacks to restore services. Some customers took to the internet to complain about slow website activity, and the service had to provide refunds for orders placed online that couldn’t be fulfilled due to the attack.  
Individual Risk: At this time, no personal information was compromised in the breach.   
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Cybercriminals often strive to take advantage of a crisis. As COVID-19 makes home delivery an especially prescient product, it’s unsurprising that bad actors would exploit the crisis in an attempt to make a profit. It’s clear that the COVID-19 pandemic will have long-lasting implications for businesses, but that can’t deter organizations to continue being proactive about protecting their critical data and digital platforms. 
ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id

Estonia – Blisk    

Exploit: Unprotected database 
Blisk: Web browser vendor
Risk to Small Business: 2.111 = Severe
Blisk developers carelessly left a database exposed to the internet without a password. The database contained personal information for developers with registered Blisk profiles. This is the company’s second accidental data breach in a short time, which could undermine its credibility with the tech-savvy community that frequents its platform. Moreover, the incident could harm the browser’s adoption. Currently, it’s used by some of the most notable companies in tech, but those relationships can quickly change after repeated cybersecurity failures.     
Individual Risk: 2.285= Severe
The breach impacts developers using Blisk services and includes email addresses and user-agent strings. While personal or financial information wasn’t included in the breach, the available information could be used by hackers to create specialized malware using their user-agent strings.    
Customers Impacted: Unknown. 
How it Could Affect Your Customers’ Business: In today’s regulatory environment, leaving a database unprotected is a foolish and costly mistake, often compromising thousands of records without any help from hackers – and it’s completely avoidable. To avoid hefty regulatory fines, less-quantifiable reputational damage, and burdensome recovery costs, every organization needs to develop workflow best practices that ensure that systems are password protected. It’s a simple step with outsized implications.  
ID Agent to the Rescue: Compliance ManagerTM automates data privacy standards, eliminating guesswork and ensuring efficiency at every stage. Learn more at https://www.idagent.com/compliance-manager.  

France – Marseille  

Exploit: Ransomware
Marseille: Local municipality    
Risk to Small Business: 2.111= Severe
On March 15, a ransomware attack crippled more than 300 computers and left significant swathes of data inaccessible. In addition to the usual implications of a ransomware attack, this incident is particularly problematic because it took place just before a local election and as the government is orchestrating its response to the COVID-19 pandemic. What’s more, even though the government is able to restore systems from backups rather than paying the ransom, this attack will still be incredibly costly as the recovery and restoration expenses will quickly add up to a significant sum. 
Individual Risk: At this time, no personal data was compromised in the breach. 
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware attacks are uniquely disruptive costing companies time, resources, and money.  They’re especially problematic when business is disrupted by an emergency. What’s more, the opportunity cost and reputational damage are difficult to overcome, making the cost of a robust defensive posture look like a relative bargain.  Using smart practices, companies can protect their data in a quickly-shifting threat environment.    
ID Agent to the Rescue: With Compliance Manager, any company can automate data privacy standards and documentation responsibilities, making compliance a simple, intuitive process for everyone. Get started today: https://www.idagent.com/compliance-manager.  

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

3 GDPR-Covered Countries Experience 100,000 Breaches


It’s been nearly two years since GDPR changed the data privacy landscape by bringing regulatory oversight to the digital Wild West. According to the latest reports, more than 160,000 data breaches have been reported in that span. Incredibly three countries account for 100,00 breaches – The Netherlands, Germany, and the United Kingdom.
These numbers reflect both the undeniable value of stealing sensitive personal data and the difficulty that many organizations experience when trying to protect that information. As a result, GDPR fines are becoming increasingly common for companies under the regulations’ purview. The ten most significant GDPR breaches have resulted in hefty financial penalties totaling an eye-popping sum of nearly $500 million.
Europe isn’t the only country implementing regulatory standards for data security. In the US, California’s Consumer Privacy Act and New York’s SHIELD Act both reinforce and extend GDPR’s expectations. At ID Agent, our comprehensive Compliance Manager is ready to help your organization achieve, maintain, and document compliance.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Thursday, April 2, 2020

Peerless Event and Tents help with the Covid outbreak!


this is why I like what I do. I get to see my clients innovate and adapt in unique ways! 


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Dark Web ID Trends:

cybercrime makes COVID-19 recovery more difficult, unsecured databases give away millions of records, and resources you need to protect data during this challenging time.   


  • Top Source Hits: ID Theft Forums
  • Top Compromise Type: Domain
  • Top Industry: Media & Entertainment
  • Top Employee Count: 251 – 500


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Dark Web Trends

small businesses fail to prevent phishing attacks, online shoppers have their data snatched, and a new study reveals the prominent role of human error in data breaches.
Dark Web ID Trends:Top Source Hits: ID Theft Forums
Top Compromise Type: Domain 
Top Industry: Media & Entertainment
Top Employee Count: 251-500 

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Wednesday, April 1, 2020

Example of a common spoof, don't fall for this..

Double check that it did not come from your account by checking your sent folder..

Remember, don't respond if you don't know. They get you with FUD.. Fear, Uncertainty and Doubt!




Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Tuesday, March 31, 2020

Essential Workers




Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Breached!

United States – Idaho Central Credit Union

Exploit: Unauthorized data access
Idaho Central Credit Union: Financial institution
1.51 – 2.49 = Severe Risk
Risk to Small Business: 1.555 = Severe:
The Idaho Central Credit Union has reported two data breaches that compromised personally identifiable customer information. The first incident occurred in November 2019 when a third-party mortgage portal was victimized by hackers. While investigating the first breach, cybersecurity experts identified a second incident stemming from several compromised employee email accounts. In today’s digital economy, a company’s competitive advantage is predicated on its ability to protect customer data. Two consecutive data breaches will have far-reaching repercussions for the credit union.
1.51 – 2.49 = Severe Risk
Individual Risk: 2.142 = Severe:
In both incidents, the personally identifiable information of the bank’s customers was compromised. This included names, dates of birth, Social Security numbers, financial account information, tax identification numbers, and other sensitive financial details. Cybercriminals can redeploy this information in a host of harmful ways.Those impacted by the breach should enroll in identity and credit monitoring services as soon as possible.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Email accounts are serious vulnerabilities for every company, as there are many ways by which cybercriminals can exploit social engineering and malware to find their way in. However, every company can lock down their email accounts by implementing two-factor authentication to prevent unauthorized access, even if login credentials are compromised.
ID Agent to the Rescue: With AuthAnvil, you can protect your employees’ password integrity. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your credentials and your data. Find out more at https://www.idagent.com/authanvil-multi-factor-authentication.

United States – Monroe County Hospital & Clinics

Exploit: Phishing scam
Monroe County Hospital & Clinics: Public medical practice
1.51 – 2.49 = Severe Risk
Risk to Small Business: 1.666 = Severe:
Hackers gained access to the clinic’s email system, which contained patients’ protected health information. The breach, which was discovered in December 2019, spanned several months and gave bad actors plenty of time to misuse patient data. Now Monroe County Hospital and Clinics faces intense regulatory scrutiny due to the sensitive nature of the breach, and their reputation has been badly damaged in an industry that is especially sensitive to privacy concerns. In addition to other recovery expenses, they will bear the cost burden of providing credit and identity monitoring services for the thousands of patients impacted by the breach.
1.51 – 2.49 = Severe Risk
Individual Risk: 2.428 = Severe:
Personal data was compromised in the breach. This includes names, dates of birth, addresses, insurance information, and treatment information. In some cases, patients’ Social Security numbers were also exposed. Those impacted by the breach are encouraged to enroll in the credit monitoring service provided by the company and monitor their accounts and digital communications for potential instances of fraud.
Customers Impacted: 7,500
How it Could Affect Your Customers’ Business: Despite incredible advancements in fraud detection technology, phishing scams will inevitably make their way into employees’ inboxes. When employees engage with malicious content, it can have enormous consequences for your organization. Nobody wants to endure the rising costs associated with a data breach, and comprehensive employee awareness training can ensure that those phishing scams don’t impact your bottom line.
ID Agent to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.

Canada – University of Saskatchewan 

Exploit: Denial of Service (DoS) attack
University of Saskatchewan: Public academic institution
1.51 – 2.49 = Severe Risk
Risk to Small Business: 1.555 = Severe:
The University of Saskatchewan was targeted by a DoS attack that attempted to overload the school’s network. The institution took steps to mitigate the consequences of potential DoS attacks and prevent data exfiltration. Currently, the school believes that it successfully protected its data, but a similar attack on a Canadian institution, which we reported last week, ultimately compromised user data.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Today’s organizations face risks on many fronts. Given the increasing costs and serious consequences of a potential breach, data security needs to be a top priority at every company. A company’s ability to protect sensitive information is quickly becoming the difference between long-term success and failure in the marketplace, especially for small-to-medium sized businesses.
ID Agent to the Rescue: Helping your SMB customers understand the importance of security can be a challenge. With Goal Assist, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.

Canada – Public Services and Procurement Canada

Exploit: Accidental data sharing
Public Services and Procurement Canada: Government department for administration
1.51 – 2.49 = Severe Risk
Risk to Small Business: 1.666 = Severe:
An administrative oversight compromised the personal information of thousands of Canadians. Unfortunately, the victims are public servants already impacted by the Phoenix pay systems problem, which resulted in employees being overpaid or receiving little income for months. As part of the department’s efforts to fix this mistake, employee information was inadvertently emailed to the wrong recipients.
1.51 – 2.49 = Severe Risk
Individual Risk: 2.142 = Severe:
The email contained employees’ personally identifiable information, including their names, addresses, personal record identifiers, and overpayment amounts. This information could make victims especially susceptible to phishing scams that could extract even more damaging information. Those impacted by the breach should carefully evaluate online communications to ensure their veracity, while also monitoring their other accounts for unusual or suspicious activity.
Customers Impacted: 69,000
How it Could Affect Your Customers’ Business:  An external data breach is a priority risk for any company handling sensitive data – making a preventable internal data breach especially egregious. Employee errors are bound to happen but those errors can have far-reaching negative consequences for any business. In this case, one missent email led to financial, reputational, and practical damage.
ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at https://www.idagent.com/dark-web/.

United Kingdom – ISS

Exploit: Ransomware
ISS: Cleaning, catering, and security services provider
1.51 – 2.49 = Severe Risk
Risk to Small Business: 2.333 = Severe:
A ransomware attack has caused an extensive and elongated network outage at ISS. The attack brought down the company’s network on February 17th and (at the time of writing) many services are still disrupted. Forty-three thousand staff members are without email. An email outage can cause a serious business disruption leading to project delays and missed opportunities that can’t be recovered. ISS now faces an uphill and expensive battle to restore its damaged IT infrastructure, while navigating the consequences of reduced employee productivity.
Individual Risk: At this time, no personal information was compromised in the breach.
 Customers Impacted: 43,000
How it Could Affect Your Customers’ Business: Although this incident has not immediately resulted in data loss, the loss of business advancement caused by the breach can never be recovered. Cybercriminals often steal company data before encrypting IT infrastructure. This compounds the consequences of a ransomware attack, especially for companies governed by data privacy regulations that can cause them to run afoul of the latest guidelines. When it comes to ransomware attacks, the only adequate response is a proactive one that prevents the malware from taking root in the first place.
ID Agent to the Rescue: Compliance Manager automates data privacy standards, eliminating guesswork and ensuring efficiency at every stage. Learn more at https://www.idagent.com/compliance-manager

United Kingdom – Redcar and Cleveland Borough Council

Exploit: Ransomware
Redcar and Cleveland Borough Council: Local municipality and resort town government
1.51 – 2.49 = Severe Risk
Risk to Small Business: 2.111 = Severe:
A ransomware attack has disabled nearly all online services for this UK-based resort town government. Employees are unable to access appointment software, planning documents, citizen complaint systems, and other critical functions – causing delays in municipal services and distress to the public. Even if it avoids paying the ransom, this municipality will still be plagued by productivity losses and other expenses that promise to make this attack a costly cybersecurity incident.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: 135,000
How it Could Affect Your Customers’ Business: Cybercriminals are increasingly using ransomware attacks to target vulnerable organizations, especially systems with outdated technology or lax cybersecurity standards. These attacks were already incredibly costly, but many criminals have begun stealing and releasing company data before encrypting a network. This compounds the cost and raises the stakes for achieving a robust defensive posture that can address these attacks.
ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us give you the support that you need to maximize your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.

Australia – Manheim

Exploit: Ransomware
Manheim: Wholesale automotive retailer
1.51 – 2.49 = Severe Risk
Risk to Small Business: 1.333 = Severe:
A ransomware attack has disrupted Manheim’s computer systems and workflows. Although the company can operate in a limited capacity, the company will still incur high costs to decrypt their hardware and update their cybersecurity standards plus unrecoverable productivity losses. At the same time, ransomware attacks can cause significant reputational damage, ensuring that the company will grapple with the fallout for much longer than hackers hold their systems hostage.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware attacks are not only becoming more costly, they are also becoming frighteningly familiar. Unfortunately, there are no good response methodologies once an attack happens. The best defense is for every company to take meaningful steps to prevent ransomware from worming its way into their systems. The cost of assessing your organization’s readiness and enacting preventative measures is a small price to pay in order to repel these potentially devastating attacks.
ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.

Australia – Natonic

Exploit: Malware attack
Natonic: Health and beauty product retailer
1.51 – 2.49 = Severe Risk
Risk to Small Business: 1.777 = Severe:
Security researchers have identified payment skimming malware on Natonic’s online store. The script appears to be related to MageCart, a prominent hacking group that steals customers’ personal and financial data by injecting malware into online stores. Although security researchers confirmed that the script is no longer active on Natonic’s webstore, the attack could have costly implications for the retailer – consumers may be less likely to shop with an online retailer with a history of data security issues.
1.51 – 2.49 = Severe Risk
Individual Risk: 2 = Severe:
Payment skimming malware tricks customers into entering their payment information at checkout then sends that information to the cybercriminals instead of the retailer. While it’s unclear what information was compromised in this breach, shoppers should assume that any information entered on the webstore could be impacted. Users should notify their financial institutions of the breach while taking additional steps to secure their accounts and personal details.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Customers are aware that online transactions can be risky. They count on the companies that they do business with to help keep their personal and financial data secure. For companies that rely on online sales to drive revenue, data security has to be a top priority. The fallout from customer dissatisfaction caused by a data breach can badly damage a company’s reputation and significantly harm their ability to compete in today’s digital environment.
ID Agent to the Rescue: Dark Web ID can find out how payment data is being used on the Dark Web, even in the case of a malware attack. We work with MSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Breached Companies!