Please fill in the form below to subscribe to our blog

The Week in Breach: 04/01/20 – 04/07/20

April 08, 2020
The words "The WeekinBreach" in red on a gray background next to adouble helix in red and blue.

This week, we’re proud to introduce you to Passly, our new, state-of-the-art Secure Identity and Access Management solution!

Plus: ransomware slows COVID-19 treatment development, malware targets online shoppers, and phishing scams jump by 667% in a month.  

  • Top Source Hits: ID Theft Forums
  • Top Compromise Type: Domain
  • Top Industry: Medical & Healthcare
  • Top Employee Count: 11-50

United States – Social Bluebook    

Exploit: Unauthorized database access 

Social Bluebook: Social media platform  

Risk to Small Business: 2.117 = Severe

Cybercriminals exfiltrated a company database containing personal information from thousands of internet influencers. Embarrassingly, the breach, which occurred in October 2019, was identified by TechCrunch reporters who were sent a copy of the stolen database. In a statement, the company claimed to be ignorant of the breach, raising serious questions about the efficacy of its cybersecurity strategy. This incident is likely to have significant blowback from well-connected influencers on social media and invite regulatory scrutiny on many fronts.

Individual Risk: 2.122 = Severe

The stolen database contains account information for 217,000 users. This includes names, email addresses, and hashed and scrambled passwords. Those impacted by the breach should immediately update their login credentials for this website and any other service using the same information, plus closely monitor their accounts for unusual or suspicious activity.  

Customers Impacted: 217,000

How it Could Affect Your Customers’ Business: Hackers frequently target social media influencers because of their large public following. Therefore, companies catering to this clientele need to be prepared to protect their users’ valuable personal data. If they can’t, these influencers will almost certainly tell their followers all about it, a principle that applies to a growing number of consumers in every sector.

ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal AssistTM, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here:  

United States – Ozark Orthopaedics  

Exploit: Phishing scam

Ozark Orthopaedics: Orthopedic healthcare practice

Risk to Small Business: 2.113 = Severe

Four employees fell for a phishing scam and gave hackers access to email accounts containing patient data. The scope of the data breach that occurred in late 2019 was just released by the healthcare provider, creating questions about the practice’s cybersecurity practices. As a result, patients were unable to quickly take steps to protect their identities and Ozark Orthopaedics has opened itself up to regulatory scrutiny that could result in substantial financial penalties.

Individual Risk: 1.775 = Severe

Patients’ personally identifiable information was exposed in the breach, including their names, treatment information, Medicare or Medicaid identification numbers, Social Security numbers, and financial account information. In the wrong hands, this information can be used in a litany of financial or identity-related crimes. Those impacted by the breach should immediately enroll in credit and identity monitoring services to secure their personal information.    

Customers Impacted: 15,240

How it Could Affect Your Customers’ Business: More than a trillion phishing emails are sent each year, some of which will inevitably make their way into your employees’ inboxes. Training employees to spot these scams is especially important to protect your company from a devastating data breach.

ID Agent to the Rescue: BullPhish IDTM simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started:

United States – 10x Genomics Inc.

Exploit: Ransomware

10x Genomics Inc.: Biotechnology company

Risk to Small Business: 2.206 = Severe

A ransomware attack disrupted operations at the biotechnology company, which is currently acting as part of a consortium working to quickly develop a treatment for COVID-19. Before encrypting IT, hackers exfiltrated company data. Although the company reports “no material day-to-day impact,” it’s unclear what the implications are for the stolen data or how this could impact its development of a COVID-19 treatment.  

Individual Risk: At this time, no personal information was compromised in the breach.  

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Companies in every sector have seen an uptick in cybersecurity threats as COVID-19 disrupts business-as-usual and puts many people on edge. This is especially true for the healthcare industry, which is experiencing a deluge of ransomware attacks, phishing scams, and other threats at a critical time.

ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here:

United States – GoDaddy

Exploit: Phishing scam  

GoDaddy: Internet domain registrar

Risk to Small Business: 2.313 = Severe

A spear phishing attack tricked a customer service employee into providing information that ultimately allowed hackers to view and modify customer records. As a result, several GoDaddy clients, including, which provides escrow services for several prominent websites, were impacted. The breach will have costly implications for both GoDaddy and its customers, who will have to decide if they want to continue partnering with a company that puts their sensitive data at risk.  

Individual Risk: At this time, no personal information was compromised in the breach. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business:  Today’s online ecosystem is vast and interconnected. This incident is a reminder that failures at other companies can have significant implications for your own, which increases the importance of securing accounts to buttress your IT infrastructure against potential failure at third-party contractors. With simple cybersecurity features, like two-factor authentication, company accounts remain secure even when credentials or login information is exposed.

ID Agent to the Rescue: With Passly, get the secure identity and access management solutions that you need to protect your systems and data in today’s remote work landscape at a price that you can afford, including multi-factor authentication, single sign-on, and secure password storage. Find out more at         

Canada – The Beer Store 

Exploit: Malware attack

Data Deposit Box: Retail outlet

Risk to Small Business: 2.187 = Severe

Cybercriminals infiltrated The Beer Store’s website and injected payment skimming malware into its online store. The online store allowed customers to place orders for pickup or delivery, two critical features as social distancing measures keep shoppers at home. This breach removed The Beer Store’s ability to accept payments via credit card, which could significantly impact its bottom line during this already challenging time.

Individual Risk: 2.311 = Severe

Although the company quickly detected the intrusion and closed its online store, anyone who made an online purchase before the threat was identified likely had their payment credential compromised – including all sensitive identification and financial information entered during the checkout process. Those impacted should notify their financial institutions of the breach while also taking steps to secure their accounts and personal details from misuse.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Customers are increasingly unwilling to do business with companies that can’t protect their personal information. At the same time, privacy regulators are backing them up, collectively ensuring that companies have millions of reasons to execute on this mission critical priority.

ID Agent to the Rescue: Compliance Manager automates data privacy standards, eliminating guesswork and ensuring efficiency at every stage. Learn more at

United Kingdom – SOS Online Backup

Exploit: Unprotected database

SOS Online Backup: Cloud storage provider   

Risk to Small Business: 2.472 = Severe

Cybersecurity researchers identified an exposed database containing nearly 70 GB of sensitive data. The database was discovered in November 2019, but it wasn’t examined until December 9, 2019. Although SOS Online Backup was notified of the breach the next day, it took ten days to have the vulnerability secured – and the company waited several months before informing customers of the event. The company has databases around the world, including in the United States and the United Kingdom, and will undoubtedly face intense regulatory scrutiny for the incident.

Individual Risk: 2.630 = Moderate

The exposed database includes users’ personally identifiable information, including names, email addresses, phone numbers, internal company details, and account usernames. This information is often redeployed in spear phishing campaigns that trick unsuspecting recipients into disclosing even more sensitive data. Therefore, victims should carefully monitor their accounts and digital communications for suspicious or unusual messages.

Customers Impacted: 135,000,000

How it Could Affect Your Customers’ Business: Data privacy regulation is the new norm, as countries around the world enact regulations to support the public’s growing desire for online privacy. Consequently, companies that endure a data breach can expect that increased regulatory scrutiny of the way that information is stored will incur substantial financial penalties as well as other negative legal consequences.

ID Agent to the Rescue: With Compliance ManagerTM, any company can automate data privacy standards and documentation responsibilities, making compliance a simple, intuitive process for everyone. Click the link to get started today: 

Australia – iStaySafe Pty  

Exploit: Unauthorized database access

iStaySafe Pty: GPS smartwatch for children

Risk to Small Business: 2.434 = Severe

This product lets parents track their child’s location and alerts them if the child leaves their designated safe location – but a coding error allowed hackers to download users’ personal data and mimic their location on the service. This dangerous vulnerability not only disrupted that functionality, it also gave hackers access to minors’ location and personally identifiable information. To make matters worse, this is the second time that the watchmaker has experienced this flaw. The same problem was discovered and repaired in 2019, raising serious questions about the platform’s commitment to cybersecurity.    

Individual Risk: 1.899 = Severe

The breach allowed hackers to access users’ names, email addresses, phone numbers, and profile photos. In addition, bad actors could modify minor children’s location data. This information could be used to craft spear phishing campaigns or for exploitative criminal purposes, so users should be especially vigilant to assess their use of the product.    

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Customers are increasingly unwilling to do business with companies that can’t protect their personal information. At the same time, privacy regulators are backing them up, collectively ensuring that companies have millions of reasons to execute on this mission critical priority. 

ID Agent to the Rescue: Compliance Manager automates data privacy standards, eliminating guesswork and ensuring efficiency at every stage. Learn more at:   

Australia – Commonwealth Federal Courts     

Exploit: Accidental data exposure 

Commonwealth Federal Courts: Federal Circuit Court of Australia   

Risk to Small Business: 2.805 = Moderate

The Commonwealth Federal Courts have acknowledged a “systemic failure” that resulted in the publication of the personal details of hundreds of asylum seekers. The court system removed the discovery feature that compromised peoples’ information. Still, the court has known about the vulnerability for years, leaving many to question its commitment to privacy, especially as it relates to a uniquely vulnerable group of people. In addition to public blowback for the incident, the court system could face additional scrutiny from lawmakers.

Individual Risk: 2.667 = Moderate

The exposed information included the names, nicknames, and birthdates of hundreds of asylum seekers. This information could put them or their families in danger, which is especially egregious given their already vulnerable position.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Public sentiment and new regulatory standards are working to hold organizations accountable when they fail to protect private data. Consequently, any organization that handles this kind of information needs to account for potential vulnerabilities and take every step possible to ensure that their defensive posture can meet the moment, keeping sensitive information off the Dark Web.

ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID is the leading Dark Web monitoring platform in the Channel. This award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today:

Risk Levels:

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

In Other News

Introducing Next-level Secure Identity & Access Management With Passly   

In today’s remote work world, every company needs a secure identity and access management solution to guard their systems and data against ever-increasing cyberattacks. We’re ready to meet that need with a dynamic solution that is quick to deploy and seamlessly scales to companies of any size. Introducing Passly, our new, comprehensive solution for secure identity and access management.

Ideally suited for a remote workforce, Passly enables techs to give the right people access to the right things in a flash, simply and securely. Passly features Secure Password Management, Single Sign-On, Multi-Factor Authentication, and Dark Web exposure alerting baked right in, making it the ideal secure identity and access management solution to solve the challenges that MSPs and clients face right now – at a fraction of the price of other solutions. 

Learn more about Passly and see how it can benefit you today: 

Healthcare Data Breaches See Significant Increase 

In late 2019, we wrote about the connection between healthcare data and the Dark Web, noting a troubling trend that saw bad actors increasingly targeting patient data. Unfortunately, that trend has only accelerated with the onset of the COVID-19 pandemic that is pushing healthcare providers to their limits.

A study of the Department of Health and Human Services’ HIPAA breach reporting tool found 105 breaches impacting 2.5 million patients. However, before February 19th, only 38 incidents and 1.1 million records were affected. Cybercriminals have upped their game to take advantage of the chaotic situation on the ground, and healthcare organizations need to be prepared.

Notably, the study found that hacking incidents are, by far, the leading cause of data breaches. Many included various forms of email account compromise. Moreover, the report predicts that, as more employees work from home, incidents of phishing attacks will increase because employees are more likely to fall for scams when they are isolated at home. Fortunately, a comprehensive employee awareness campaign can thwart these attacks, helping ensure that healthcare providers are focused on patient care rather than being inundated with cybersecurity threats.

Upcoming Online Events We’re Attending

APRIL 8 & 9 – Remote Reality LIVE REGISTER>>

APRIL 15 – How To Pivot Your MSP Marketing During COVID-19 REGISTER>>

APRIL 16 – Leveraging LinkedIn to Build and Strengthen Relationships During Quarantine REGISTER>>

APRIL 21 – The Bigger Better MSP Summit REGISTER>>

A Note for Your Customers

Phishing Scams Have Spiked by 667% in One Month

The global COVID-19 response has required millions of workers to work from home. When coupled with a general sense of unease and uncertainty, the situation has created a perfect environment for cybercriminals to execute phishing scams. As a result, the number of phishing emails has increased by 667% in the past month.     

According to an assessment of 468,000 phishing emails, 2% were directly related to COVID-19. Meanwhile, 54% were labeled as scams, 34% as brand impersonation attacks, and 11% as blackmail. In addition, many are luring clicks by claiming to sell cures, face masks, and other critical supplies.  

For businesses, the implications are clear. Nobody can afford a data breach in this environment. Now is the right time to update and reemphasize phishing scam awareness training to ensure that employees can repel these damaging cyberattacks.   

What We’re Listening to This Week

The Connecting IT Podcast for MSPs featuring a discussion about the impact of COVID-19 with Gary Pica of TruMethods

Don’t forget to follow us on social media for our latest news, events, product updates and more!

Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in entirety) for your own social media and marketing efforts! Just send an email to [email protected] to let us know!

Not a Partner? Learn more about Dark Web ID™ and the benefits it holds for your Business. Contact us today!