Please fill in the form below to subscribe to our blog

The Week in Breach: 01/26/19 – 02/01/19

February 06, 2019

This week, employees snoop on taxpayers in Canada, web hosting services in Australia come under attack, and a New Zealand cryptocurrency exchange continues to get hacked.

Dark Web ID Trends:

Top Source Hits: ID Theft Forums (99%) 
Top Compromise Type: 
Domains
Top Industry: 
Legal
Top Employee Count: 
11 – 50 Employees (53%)



United States – Houzz
https://threatpost.com/houzz-data-breach/141426/

Exploit: User data exposure
Houzz: Home improvement and interior decorating startup

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.555 = Severe: On Friday, the company issued a notice to customers stating that an “unauthorized third party” had accessed user data including usernames, passwords, and IP addresses. Although financial information was not exposed, Houzz became aware of the breach in in late December of 2018, yet the investigation is still ongoing and it is still not clear how many users were impacted.
1.51 – 2.49 = Severe Risk Individual Risk: 2.258 = Severe: When combined with the internal data that was compromised, public information such as first and last name, city, state, country, profile description, can be packaged together to sell on the Dark Web and commit cyber fraud. Additionally, users who logged into the app via Facebook would have their IDs exposed as well.

Customers Impacted: To be determined
How it Could Affect Your Customers’ Business: In the event that an organization has to disclose a breach to its users, it is essential to be clear on “who, what, when, and where”. Even though Houzz discovered the leak in late December of 2018 and was compelled to disclose in a timely manner in accordance with new GDPR laws, they are still unsure on the number of users impacted or the origin of the cyberattack. Aside from dispelling vigilant customers who want to protect their data going forward, the incident may trigger fines to be levied.
ID Agent to the Rescue:  Dark Web ID™ can monitor the Dark Web and find out if your customers’ data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United States – Colorado CCPSA
https://healthitsecurity.com/news/phishing-hack-breaches-phi-of-23000-colorado-patients-for-3-months

Exploit: Employee phishing attack.
Colorado CCPSA: Private physician practice in Lakewood, CO

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.333 = Severe: The Colorado-based clinic recently discovered a phishing attack affecting 23,377 patients between August 14th and November 23rd of 2018. A hacker gained access to an employee email account and sent phishing emails via contact list to steal payment data. Officials could not determine exactly what was viewed or copied, but it’s quite possible that personal and protected health information was compromised. Along with being forced to offer one year of free credit monitoring services and install mandatory cybersecurity awareness training for employees, further investigations will ensue.
1.51 – 2.49 = Severe Risk Individual Risk: 2.000 = Severe: A wide spectrum of data could have been compromised, ranging from names, addresses, dates of birth, social security numbers, and license numbers to diagnoses, conditions, medications, and more. Payment information was not involved, but the compromised details can be leveraged for far more nefarious schemes such as insurance fraud.

Customers Impacted: 23,377 patients.
How it Could Affect Your Customers’ BusinessIt’s not secret that phishing attacks originating from employee email accounts are becoming more and more prevalent. Companies must prioritize security by partnering up with service providers that can prevent, detect, and mitigate data breaches. Without proper detection solutions in place, the resources and time allocated to containing a breach grow exponentially and detract from the bottom line.
ID Agent to the Rescue:  SpotLight ID™ by ID Agent can help monitor stolen employee data, detecting early compromises before they turn into damaging cyber-attacks. Learn more at: https://www.idagent.com/identity-monitoring-programs.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Canada – Quinte Health Care
https://www.intelligencer.ca/news/local-news/nurse-fired-for-huge-privacy-breach-at-bgh

Exploit: Privacy breach by rogue employee
Quinte Health Care: Health care services provider for Prince Edward and Hastings Counties as well as the southeast portion of Northumberland County 

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.555 = Severe: A privacy breach was recently reported by Belleville General Hospital, part of the Quinte Health “system of care”. This past September, a routine check on staff browsing history uncovered that a nurse had been accessing hundreds of patient records unrelated to her work. Although the investigation is currently in progress, the company maintains that the breach was an isolated incident and has fired the employee in question.
1.51 – 2.49 = Severe Risk Individual Risk: 2.285 = Severe: Information that was exposed may have contained names, home addresses, birth dates, health card numbers, and other protected health information. Even more concerning is the fact that the exact number and identities of the patients compromised is yet to be understood.

Customers Impacted: To be determined
How it Could Affect Your Customers’ Business: In the emerging era of cyber vigilance, companies are held more accountable for the behaviors of their employees than ever. So far, the QHC privacy breach is being considered as one of mere “curiosity”, yet the company may still lose loyal patients and face hefty fines. Companies that store consumer, patient, or employee data must focus on modern solutions that offer detection and meet hackers where they live: in the Dark Web.
ID Agent to the Rescue: Dark Web ID combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze and proactively monitor for your organization’s compromised patient or customer data. Find out how you can work with us here: https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Canada – Canada Revenue Agency
https://www.ctvnews.ca/canada/thousands-affected-by-cra-employees-snooping-1.4279916

Exploit: Privacy breach by rogue tax workers
Canada Revenue Agency (CRA): Tax law administrator for the government of Canada

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.777 = SevereThousands of Canadians had their personal incomes and other tax information compromised by employees working at the CRA. Of the 264 workers who inappropriately accessed information, 182 were disciplined, 36 face a pending decision, and 46 have left the organization. Along with having to augment on their preexisting investment of $10M on prevention from 2017, CRA will remain under fire and must answer to disgruntled citizens.
1.51 – 2.49 = Severe Risk Individual Risk: 2.428=Severe: As conservative national revenue critic Pat Kelly commented, “it’s unacceptable that information like a person’s information was accessed inappropriately”. Given that 264 of these privacy breaches occurred between a span of 4 years (November 4th, 2015 to November 27th, 2018), it is safe to say that no one’s tax data is safe.

Customers Impacted: 41,631 Canadian tax payers
How it Could Affect Your Customers’ Business
With tax information in hand, hackers can sell information on the Dark Web for lucrative profits or conduct fraud that is difficult to trace. Additionally, this breach can be leveraged to orchestrate further cyber-attacks on different companies, which means that companies doing business in Canada should be on high alert.
ID Agent to the Rescue: 
Dark Web ID offers industry-leading detection by monitoring the Dark Web for exposed data. Learn how you can partner with us here: https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United Kingdom – Kwik Fit
https://www.scmagazine.com/home/security-news/u-k-home-supply-giant-leaves-offender-database-open/

Exploit: Malware attack
Kwik Fit: Car service specialist

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.777 = Severe: Over the weekend, the car garage chain confirmed that its IT network had been compromised with malware, causing continued disruptions in customer service. After going offline and initially believing that the problem was fixed, issues persisted for days after. The company has been dealing with numerous customer complaints that will inflict reputational damage but has reassured customers that no financial information or customer data was exposed.
2.5 – 3 = Moderate Risk Individual Risk: 2.714 = ModerateThis situation highlights how important it is to use unique passwords for different websites. Since the malware brought systems down, users were not able to reset or protect their passwords on their own. A cybercriminal could potentially use the infected back-end repository to track down login credentials and test them on other platforms until they strike gold..

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business:  In many cases, it is difficult to determine whether malware resulted in a data breach. With hackers growing in sophistication, it’s completely possible for them to infiltrate systems without leaving a trace of a breach. Companies must deploy advanced password encryption, and work with detection solutions to immediately understand if malware is being used to breach customer data and sell to the highest bidder on the Dark Web.
ID Agent to the Rescue: SpotLight ID allows MSPs, Resellers and Channel Partners to deliver comprehensive personal identity protection for clients’ employees and customers, ultimately safeguarding corporate systems. Get started here: https://www.idagent.com/identity-monitoring-programs.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

France – Airbus
https://www.forbes.com/sites/soorajshah/2019/01/31/airbus-has-been-hit-by-a-data-breach-heres-what-it-could-mean/#26b80ef570fd

Exploit: Breach of business information systems
Airbus: Aircraft manufacturer and world’s second largest aerospace group

1.51 – 2.49 = Severe Risk Risk to Small Business: 2.111 = Severe: On January 30th, the company detected a cyber-attack impacting business information systems, resulting in unauthorized access to data. They claim that most of the data was professional contact and IT identification details of employees in Europe, but experts are saying that threat actors may have actually been after intellectual property.
2.5 – 3 = Moderate Risk Individual Risk: 3.000=Moderate: With an investigation underway, it remains to be seen if customer information or other valuable data was exposed. The manufacturer has consulted its own experts to determine its origins and overall impact, but thus far there is limited risk for customers.

Customers Impacted: To be determined.
How it Could Affect Your Customers’ Business: If we examine data breaches from a bird’s-eye view, the shift from consumer data to employee and intellectual property becomes very clear. Hackers have their eyes on the prize, and they are targeting information that can be sold on the Dark Web for profit. Businesses must take precautions by installing safeguards and working with security providers to ensure that their priceless assets are not being put in the wrong hands.
ID Agent to the RescueDarkWeb ID can help you proactively monitor if customer data is being leaked on the Dark Web, helping reduce the losses incurred from such a breach. See how you can benefit here:  https://www.idagent.com/dark-web/.

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Australia – 8 Anonymous Web Hosting Providers
https://www.zdnet.com/article/australian-web-hosts-hit-with-a-manic-menagerie-of-malware/

Exploit: “Manic Menagerie” malware attack
Web Hosting Providers: Australian companies that provide web hosting services

1.51 – 2.49 = Severe Risk Risk to Small Business: 2.000 = SevereA recent report by the Australian Cyber Security Center (ACSC) revealed that eight different web hosting companies in Australia had been hacked in 2018. By abusing security flaws within web applications, cyber criminals deployed malware techniques that were able to steal passwords, monitor activity, and even take over via remote access when desired. Two of the providers also hosted cryptocurrency, resulting in losses of 3,868 Australian dollars. Additionally, the hackers were able to use Blackhat SEO to redirect legitimate sites to their fraudulent ones.
1.51 – 2.49 = Severe Risk Individual Risk: 2.142 = Severe: Given that hackers were able to gain complete control of these web hosting companies, it is safe to say that any associated data was completely compromised. Websites that worked with any of the providers are likely affected, with credentials ranging from usernames and passwords to authentication certificates.

 

Customers Impacted: Unknown 
How it Could Affect Your Customers’ Business: Many businesses rely on web hosting services to build websites that accept payments, inadvertently placing themselves and their customers at risk. However, what’s worse is that a full-scale takeover using sophisticated malware can make it difficult to pinpoint what information was stolen and how it will be used. B2B platforms must take added precautions since they are the gatekeepers to invaluable data for multiple stakeholders.
ID Agent to the Rescue:  Backed by ID Agent’s $1 million identity theft restoration policy, SpotLight ID allows MSPs clients to protect customers while enhancing their overall cybersecurity awareness. Learn more: https://www.idagent.com/identity-monitoring-programs.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

New Zealand – Cryptopia
https://finance.yahoo.com/news/report-zealand-cryptopia-exchange-hack-021500238.html

Exploit: Payment fraud
Cryptopia: Online cryptocurrency exchange

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.555 = Severe: After initially reporting the cyberattack over two weeks ago, the Cryptopia exchange is still being hacked. According to Elementus, hackers have stolen another 1,675 ETH ($175,875) from 17,000 wallets, siphoning and transferring the funds to a private address. 5,000 of these wallets were already emptied out and then “auto-refilled” by mining pools, which means that users are continuing to deposit funds despite the hack announcement.
1.51 – 2.49 = Severe Risk Individual Risk: 1.857 = Severe: User wallets continue to become compromised, signaling that the cyber criminals have access to the private keys of the exchange and can withdraw funds from any Cryptopia account of their choosing.

Customers Impacted: 17,000 cryptocurrency wallets
How it Could Affect Your Customers’ Business: The only incident that is scarier than a compromise is a subsequent attack or inability to contain the breach. Companies should take notice and fortify their security solutions to prevent, detect, and mitigate breaches. Even more importantly, they must create protocols and manual controls in the event of such a widespread hack
.
ID Agent to the Rescue: Find out why the largest private and public sector organizations globally rely on Dark Web ID to provide actionable stolen credential data and make informed decisions here: https://www.idagent.com/dark-web/.
.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:

The long-term consequences of data breaches on consumer trust

Most news coverage surrounding data breaches will hint at the erosion of customer loyalty, but what does it truly look like? With industries being disrupted at unprecedented rates, companies that are caught in the cross-hairs of highly publicized breaches must face the reality of losing customers to their competitors.

Additionally, an emphasis on post-breach damage control can impede an organization’s marketing and communication efforts to regain trust with their customers. The involvement of legal teams usually results in radio silence that can span months or years, causing brands to gradually diminish from the minds of their audiences.

As cyber-attacks continue to become more commonplace, marketers will begin to assume a role in shaping security efforts. Third-party marketing technologies are rife with vulnerabilities that hackers are waiting to explore, and everyone will be responsible for prioritizing privacy over data management.

https://www.thedrum.com/opinion/2019/01/28/the-effects-data-breaches-consumer-trust-run-deeper-you-think

What We’re Listening To:

Know Tech Talks
The Continuum Podcast
Security Now
Defensive Security Podcast
Small Business, Big Marketing – Australia’s #1 Marketing Show!
TubbTalk – The Podcast for IT Consultants
Risky Business
Frankly MSP
CHANNELe2e


A note for your customers:

Receiving endless robocalls on your cell phone? You’re not alone.

According to Hiya, US consumers received 26.3 billion robocalls in 2018, a 46% year-over-year increase. Estimates show that the average person receives 10 unwanted calls per month, with 25% of them being scams. Most consumer complaints can be categorized into general spam, fraud, and telemarketing.

However, this year holds the promise of significantly reducing robocalls, with the Federal Communications Commission (FCC) calling for the implementation of a call-authentication system by the end of the year. This approach would combat caller ID spoofing by requiring carriers to author a signature on calls from their network that would then be validated by other carriers.

Currently, robocalls are the leading source of consumer complaints according to both the FCC and Federal Trade Commission (FTC). In 2017, the FTC received 71 million unique grievances even though 200 million US consumers were registered to a Do Not Call list.

https://www.zdnet.com/article/plagued-by-robocalls-26-billion-spam-calls-in-2018-quarter-from-scammers/


 Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in entirety) for your own social media and marketing efforts! Just send an email to [email protected] to let us know!

Not a Partner? Learn more about Dark Web ID™ and the benefits it holds for your Business. Contact us today!