Please fill in the form below to subscribe to our blog

The Week in Breach: 02/19/20 – 02/25/20

February 27, 2020
  • Top Source Hits: ID Theft Forums
  • Top Compromise Type: Domain
  • Top Industry: Media & Entertainment
  • Top Employee Count: 251-500

United States – Idaho Central Credit Union

Exploit: Unauthorized data access

Idaho Central Credit Union: Financial institution

1.51 – 2.49 = Severe Risk

Risk to Small Business: 1.555 = Severe:

The Idaho Central Credit Union has reported two data breaches that compromised personally identifiable customer information. The first incident occurred in November 2019 when a third-party mortgage portal was victimized by hackers. While investigating the first breach, cybersecurity experts identified a second incident stemming from several compromised employee email accounts. In today’s digital economy, a company’s competitive advantage is predicated on its ability to protect customer data. Two consecutive data breaches will have far-reaching repercussions for the credit union.

1.51 – 2.49 = Severe Risk

Individual Risk: 2.142 = Severe:

In both incidents, the personally identifiable information of the bank’s customers was compromised. This included names, dates of birth, Social Security numbers, financial account information, tax identification numbers, and other sensitive financial details. Cybercriminals can redeploy this information in a host of harmful ways.Those impacted by the breach should enroll in identity and credit monitoring services as soon as possible.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Email accounts are serious vulnerabilities for every company, as there are many ways by which cybercriminals can exploit social engineering and malware to find their way in. However, every company can lock down their email accounts by implementing two-factor authentication to prevent unauthorized access, even if login credentials are compromised.

ID Agent to the Rescue: With Passly, you can protect your employees’ password integrity. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your credentials and your data. Find out more at

United States – Monroe County Hospital & Clinics

Exploit: Phishing scam

Monroe County Hospital & Clinics: Public medical practice

1.51 – 2.49 = Severe Risk

Risk to Small Business: 1.666 = Severe:

Hackers gained access to the clinic’s email system, which contained patients’ protected health information. The breach, which was discovered in December 2019, spanned several months and gave bad actors plenty of time to misuse patient data. Now Monroe County Hospital and Clinics faces intense regulatory scrutiny due to the sensitive nature of the breach, and their reputation has been badly damaged in an industry that is especially sensitive to privacy concerns. In addition to other recovery expenses, they will bear the cost burden of providing credit and identity monitoring services for the thousands of patients impacted by the breach.

1.51 – 2.49 = Severe Risk

Individual Risk: 2.428 = Severe:

Personal data was compromised in the breach. This includes names, dates of birth, addresses, insurance information, and treatment information. In some cases, patients’ Social Security numbers were also exposed. Those impacted by the breach are encouraged to enroll in the credit monitoring service provided by the company and monitor their accounts and digital communications for potential instances of fraud.

Customers Impacted: 7,500

How it Could Affect Your Customers’ Business: Despite incredible advancements in fraud detection technology, phishing scams will inevitably make their way into employees’ inboxes. When employees engage with malicious content, it can have enormous consequences for your organization. Nobody wants to endure the rising costs associated with a data breach, and comprehensive employee awareness training can ensure that those phishing scams don’t impact your bottom line.

ID Agent to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started:

Canada – University of Saskatchewan

Exploit: Denial of Service (DoS) attack

University of Saskatchewan: Public academic institution

1.51 – 2.49 = Severe Risk

Risk to Small Business: 1.555 = Severe:

The University of Saskatchewan was targeted by a DoS attack that attempted to overload the school’s network. The institution took steps to mitigate the consequences of potential DoS attacks and prevent data exfiltration. Currently, the school believes that it successfully protected its data, but a similar attack on a Canadian institution, which we reported last week, ultimately compromised user data.

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Today’s organizations face risks on many fronts. Given the increasing costs and serious consequences of a potential breach, data security needs to be a top priority at every company. A company’s ability to protect sensitive information is quickly becoming the difference between long-term success and failure in the marketplace, especially for small-to-medium sized businesses.

ID Agent to the Rescue: Helping your SMB customers understand the importance of security can be a challenge. With Goal Assist, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here:

Canada – Public Services and Procurement Canada

Exploit: Accidental data sharing

Public Services and Procurement Canada: Government department for administration

1.51 – 2.49 = Severe Risk

Risk to Small Business: 1.666 = Severe:

An administrative oversight compromised the personal information of thousands of Canadians. Unfortunately, the victims are public servants already impacted by the Phoenix pay systems problem, which resulted in employees being overpaid or receiving little income for months. As part of the department’s efforts to fix this mistake, employee information was inadvertently emailed to the wrong recipients.

1.51 – 2.49 = Severe Risk

Individual Risk: 2.142 = Severe:

The email contained employees’ personally identifiable information, including their names, addresses, personal record identifiers, and overpayment amounts. This information could make victims especially susceptible to phishing scams that could extract even more damaging information. Those impacted by the breach should carefully evaluate online communications to ensure their veracity, while also monitoring their other accounts for unusual or suspicious activity.

Customers Impacted: 69,000

How it Could Affect Your Customers’ Business:  An external data breach is a priority risk for any company handling sensitive data – making a preventable internal data breach especially egregious. Employee errors are bound to happen but those errors can have far-reaching negative consequences for any business. In this case, one missent email led to financial, reputational, and practical damage.

ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at

United Kingdom – ISS

Exploit: Ransomware

ISS: Cleaning, catering, and security services provider

1.51 – 2.49 = Severe Risk

Risk to Small Business: 2.333 = Severe:

A ransomware attack has caused an extensive and elongated network outage at ISS. The attack brought down the company’s network on February 17th and (at the time of writing) many services are still disrupted. Forty-three thousand staff members are without email. An email outage can cause a serious business disruption leading to project delays and missed opportunities that can’t be recovered. ISS now faces an uphill and expensive battle to restore its damaged IT infrastructure, while navigating the consequences of reduced employee productivity.

Individual Risk: At this time, no personal information was compromised in the breach.

 Customers Impacted: 43,000

How it Could Affect Your Customers’ Business: Although this incident has not immediately resulted in data loss, the loss of business advancement caused by the breach can never be recovered. Cybercriminals often steal company data before encrypting IT infrastructure. This compounds the consequences of a ransomware attack, especially for companies governed by data privacy regulations that can cause them to run afoul of the latest guidelines. When it comes to ransomware attacks, the only adequate response is a proactive one that prevents the malware from taking root in the first place.

ID Agent to the Rescue: Compliance Manager automates data privacy standards, eliminating guesswork and ensuring efficiency at every stage. Learn more at

United Kingdom – Redcar and Cleveland Borough Council

Exploit: Ransomware

Redcar and Cleveland Borough Council: Local municipality and resort town government

1.51 – 2.49 = Severe Risk

Risk to Small Business: 2.111 = Severe:

A ransomware attack has disabled nearly all online services for this UK-based resort town government. Employees are unable to access appointment software, planning documents, citizen complaint systems, and other critical functions – causing delays in municipal services and distress to the public. Even if it avoids paying the ransom, this municipality will still be plagued by productivity losses and other expenses that promise to make this attack a costly cybersecurity incident.

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: 135,000

How it Could Affect Your Customers’ Business: Cybercriminals are increasingly using ransomware attacks to target vulnerable organizations, especially systems with outdated technology or lax cybersecurity standards. These attacks were already incredibly costly, but many criminals have begun stealing and releasing company data before encrypting a network. This compounds the cost and raises the stakes for achieving a robust defensive posture that can address these attacks.

ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us give you the support that you need to maximize your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here:

Australia – Manheim

Exploit: Ransomware

Manheim: Wholesale automotive retailer

1.51 – 2.49 = Severe Risk

Risk to Small Business: 1.333 = Severe:

A ransomware attack has disrupted Manheim’s computer systems and workflows. Although the company can operate in a limited capacity, the company will still incur high costs to decrypt their hardware and update their cybersecurity standards plus unrecoverable productivity losses. At the same time, ransomware attacks can cause significant reputational damage, ensuring that the company will grapple with the fallout for much longer than hackers hold their systems hostage.

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware attacks are not only becoming more costly, they are also becoming frighteningly familiar. Unfortunately, there are no good response methodologies once an attack happens. The best defense is for every company to take meaningful steps to prevent ransomware from worming its way into their systems. The cost of assessing your organization’s readiness and enacting preventative measures is a small price to pay in order to repel these potentially devastating attacks.

ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here:

Australia – Natonic

Exploit: Malware attack

Natonic: Health and beauty product retailer

1.51 – 2.49 = Severe Risk

Risk to Small Business: 1.777 = Severe:

Security researchers have identified payment skimming malware on Natonic’s online store. The script appears to be related to MageCart, a prominent hacking group that steals customers’ personal and financial data by injecting malware into online stores. Although security researchers confirmed that the script is no longer active on Natonic’s webstore, the attack could have costly implications for the retailer – consumers may be less likely to shop with an online retailer with a history of data security issues.

1.51 – 2.49 = Severe Risk

Individual Risk: 2 = Severe:

Payment skimming malware tricks customers into entering their payment information at checkout then sends that information to the cybercriminals instead of the retailer. While it’s unclear what information was compromised in this breach, shoppers should assume that any information entered on the webstore could be impacted. Users should notify their financial institutions of the breach while taking additional steps to secure their accounts and personal details.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Customers are aware that online transactions can be risky. They count on the companies that they do business with to help keep their personal and financial data secure. For companies that rely on online sales to drive revenue, data security has to be a top priority. The fallout from customer dissatisfaction caused by a data breach can badly damage a company’s reputation and significantly harm their ability to compete in today’s digital environment.

ID Agent to the Rescue: Dark Web ID can find out how payment data is being used on the Dark Web, even in the case of a malware attack. We work with MSPs to strengthen their security suite by offering industry-leading detection. Find out more here:

Risk Levels:

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

In Other News

3 GDPR-Covered Countries Experience 100,000 Breaches

It’s been nearly two years since GDPR changed the data privacy landscape by bringing regulatory oversight to the digital Wild West. According to the latest reports, more than 160,000 data breaches have been reported in that span. Incredibly three countries account for 100,00 breaches – The Netherlands, Germany, and the United Kingdom.

These numbers reflect both the undeniable value of stealing sensitive personal data and the difficulty that many organizations experience when trying to protect that information. As a result, GDPR fines are becoming increasingly common for companies under the regulations’ purview. The ten most significant GDPR breaches have resulted in hefty financial penalties totaling an eye-popping sum of nearly $500 million.

Europe isn’t the only country implementing regulatory standards for data security. In the US, California’s Consumer Privacy Act and New York’s SHIELD Act both reinforce and extend GDPR’s expectations. At ID Agent, our comprehensive Compliance Manager is ready to help your organization achieve, maintain, and document compliance.

What in the World

Feb 27  MSP Growth Summit 2020
Feb 27 – 28 
Mar 1 – 3 
CRN Xchange
Mar 4
  Kaseya Connect IT Local
Mar 5 
ChannelPro SMBForum
Mar 10 
Kaseya Connect IT Local
Mar 11 
ID Agent Roadshow
Mar 11 
Kaseya Connect IT Local
Mar 11 
Kaseya Connect IT Local
Mar 11 – 13 
CharTec Quarterly

A note for your customers:

Human Error is a Top Cause of Data Breaches

Companies face cybersecurity threats on many fronts every day, but human error may be the most pervasive – and the most preventable. A 2019 study analyzing data from the UK’s Information Commissioner’s Office found that human error played a role in 90% of data breaches last year. This represents a significant increase from just two years ago, when only 61% of breaches were attributed to human error.

The study concluded that phishing scams were the primary cause of breaches with unauthorized access to systems ranking a close second. However, the study’s authors were also quick to point out that while employees represent a noteworthy data privacy risk, they can also serve as a critical defense against cybercriminals. When equipped with the right tools, like phishing scam awareness training, employees can be transformed from a potential weak point into a crucial asset in the fight against cybercriminals and fraud.

Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in entirety) for your own social media and marketing efforts! Just send an email to [email protected] to let us know!

Not a Partner? Learn more about Dark Web ID™ and the benefits it holds for your Business. Contact us today!