The Week in Breach: 07/24/19 – 07/30/19
This week, credentials from the Dark Web compromise a company’s network, healthcare records are held for ransom, and data breaches become more expensive.
Read MoreThis week, credentials from the Dark Web compromise a company’s network, healthcare records are held for ransom, and data breaches become more expensive.
Read MoreThere was a time when bank robbers resembled the stereotype of a bandit or a pirate. In reality, modern bank robberies are much less like an Ocean’s Eleven movie and more of a person sitting behind their desk eating yogurt and probing networks for vulnerabilities. While we can’t verify the type of food that was eaten during the recent Capital One Financial Corporation breach, we do know what was taken and how. Paige Thompson, AKA “erratic,” a former software engineer, stole more than 100 million Americans’ information and another 6 million Canadians’ sensitive information in the breach. Capital One was made aware of a configuration vulnerability on July 17th when an ethical hacker discovered the data on Github and reported it to the bank. While investigating and fixing the vulnerability, the bank revealed that a third party had gained access to their system in March of this year. Capital One immediately fixed the vulnerability and contacted the FBI to conduct a criminal investigation. The list of information stolen is not pretty and is quite long. Compromised data includes: Names, dates of birth, phone numbers, email addresses, home addresses, zip codes/postal codes, self-reported income, credit card application data, credit scores, credit limits, balances, payment history, transaction data, US Social Security Numbers, bank account numbers, and Canadian Social Insurance Numbers, It should be noted that Capital One responded immediately to this breach and has since strengthened its cybersecurity defenses, but one cannot help but wonder how that much sensitive data was exposed on a popular public website from March to July without the bank realizing it was missing. Not only that, but what if the hacker decided to sell the information in a more secure location such as the Dark Web. Fortunately, the main suspect behind this digital bank heist was apprehended quickly. Today’s robberies may use less dynamite and guns, but the catastrophic effects are typically long-lasting and far-reaching. Now more than ever, individuals and businesses need to take responsibility for proactively protecting their digital credentials and assets. ID Agent provides monitoring and alerting for businesses when their employees’ credentials have become exposed on the Dark Web by offering Dark Web ID™ through the MSP channel. We also offer personal identity monitoring through our MSP Partners so that individuals can have peace of mind that they are covered when data breach occurs. SpotLight ID™ can be purchased directly from MSPs by individuals, or by business owners as a tax-free employee benefit. Contact [email protected] to learn more.
Read MoreThis week, hackers send a message to government agencies, employee errors compromise thousands of people’s data, and Australians demand data security before making purchases.
Read MoreThis week, ransomware stops the music at a local radio station, employees fall for phishing scams, and U.S. mayors promise not to pay any more ransom demands.
Read MoreThis week, ransomware affects organizations of all shapes and sizes, third-party data breaches are back in the spotlight, and a Canadian mutual fund sidesteps hackers.
Read MoreHappy US Independence Day! This week, a healthcare insurer discovers breach after almost a decade, internet scams cost Australians millions, and a new report indicates that UK businesses are slow to adopt cybersecurity defenses.
Read MorePhishing is one of the most common, yet dangerous methods of cybercrime. Despite cybersecurity experts’ warnings over the years, it seems that internet users still consistently fall prey to these simple but effective attacks.
Read MoreA security flaw has caused CISA to raise a red flag to alert users to possible trouble. Here’ what you need to know.
Read MoreThis week, medical information continues to be an easy target for hackers, a major Australian university loses control of student data, and phishing scams become increasingly difficult to defend.
Read MoreThis week, malware infects POS systems of US fast-food chain, ransomware continues to impact local governments, and a phishing scam tricks Office 365 users.
Read More