Inside the Ink

July 31, 2019

Capital One Suffers Massive Data Breach

There was a time when bank robbers resembled the stereotype of a bandit or a pirate. In reality, modern bank robberies are much less like an Ocean’s Eleven movie and more of a person sitting behind their desk eating yogurt and probing networks for vulnerabilities. While we can’t verify the type of food that was eaten during the recent Capital One Financial Corporation breach, we do know what was taken and how. Paige Thompson, AKA “erratic,” a former software engineer, stole more than 100 million Americans’ information and another 6 million Canadians’ sensitive information in the breach. Capital One was made aware of a configuration vulnerability on July 17th when an ethical hacker discovered the data on Github and reported it to the bank. While investigating and fixing the vulnerability, the bank revealed that a third party had gained access to their system in March of this year. Capital One immediately fixed the vulnerability and contacted the FBI to conduct a criminal investigation. The list of information stolen is not pretty and is quite long. Compromised data includes: Names, dates of birth, phone numbers, email addresses, home addresses, zip codes/postal codes, self-reported income, credit card application data, credit scores, credit limits, balances, payment history, transaction data, US Social Security Numbers, bank account numbers, and Canadian Social Insurance Numbers, It should be noted that Capital One responded immediately to this breach and has since strengthened its cybersecurity defenses, but one cannot help but wonder how that much sensitive data was exposed on a popular public website from March to July without the bank realizing it was missing. Not only that, but what if the hacker decided to sell the information in a more secure location such as the Dark Web. Fortunately, the main suspect behind this digital bank heist was apprehended quickly. Today’s robberies may use less dynamite and guns, but the catastrophic effects are typically long-lasting and far-reaching. Now more than ever, individuals and businesses need to take responsibility for proactively protecting their digital credentials and assets. ID Agent provides monitoring and alerting for businesses when their employees’ credentials have become exposed on the Dark Web by offering Dark Web ID™ through the MSP channel. We also offer personal identity monitoring through our MSP Partners so that individuals can have peace of mind that they are covered when data breach occurs. SpotLight ID™ can be purchased directly from MSPs by individuals, or by business owners as a tax-free employee benefit. Contact [email protected] to learn more.

Read More
July 24, 2019

The Week in Breach: 07/17/19 – 07/23/19

This week, hackers send a message to government agencies, employee errors compromise thousands of people’s data, and Australians demand data security before making purchases.

Read More
July 17, 2019

The Week in Breach: 07/10/19 – 07/16/19

This week, ransomware stops the music at a local radio station, employees fall for phishing scams, and U.S. mayors promise not to pay any more ransom demands.

Read More
July 10, 2019

The Week in Breach: 07/03/19 – 07/09/19

This week, ransomware affects organizations of all shapes and sizes, third-party data breaches are back in the spotlight, and a Canadian mutual fund sidesteps hackers.

Read More
July 03, 2019

The Week in Breach: 06/26/19 – 07/02/19

Happy US Independence Day! This week, a healthcare insurer discovers breach after almost a decade, internet scams cost Australians millions, and a new report indicates that UK businesses are slow to adopt cybersecurity defenses.

Read More
June 27, 2019

How to Spot a Phishing Attempt

Phishing is one of the most common, yet dangerous methods of cybercrime. Despite cybersecurity experts’ warnings over the years, it seems that internet users still consistently fall prey to these simple but effective attacks.

Read More
June 17, 2019

CISA Issues Official Activity Alert for BlueKeep

A security flaw has caused CISA to raise a red flag to alert users to possible trouble. Here’ what you need to know.

Read More
June 13, 2019

The Week in Breach: 06/05/19 – 06/11/19

This week, medical information continues to be an easy target for hackers, a major Australian university loses control of student data, and phishing scams become increasingly difficult to defend.

Read More
June 05, 2019

The Week in Breach: 05/28/19 – 06/04/19

This week, malware infects POS systems of US fast-food chain, ransomware continues to impact local governments, and a phishing scam tricks Office 365 users.

Read More
May 30, 2019

You’ve Been Breached: Now What?

So you’ve been breached. Now what? Once the dust has settled use it as a learning opportunity & tune up your cybersecurity plan. We can help.

Read More

Please fill in the form below to subscribe to our blog