Please fill in the form below to subscribe to our blog

The Week in Breach: 05/06/20 – 05/12/20

May 13, 2020
Six images are shown on a computer screen having a video conference, but one of them is a burglar!

This week, the hits just keep coming for GoDaddy and the Toll Group, cybercriminals haven’t given up on targeting healthcare, and consumers are more ready than ever to walk away from companies that experience a data breach.  

  • Top Source Hits: ID Theft Forums
  • Top Compromise Type: Domain
  • Top Industry: Education & Research
  • Top Employee Count: 11-50

United States – Management and Network Service, LLC.  

https://enterprisetalk.com/news/management-and-network-services-llc-notifies-patients-of-data-security-incident/

Exploit: Phishing scam  

Management and Network Services, LLC.: Managed care provider 

gauge indicating extreme risk

Risk to Small Business: 1.479 = Extreme

Hackers accessed several employee email accounts containing patients’ personally identifiable information (PII) and protected health information (PHI). The breach, which occurred between April and July of 2019, wasn’t discovered until August 21, 2019. Although they haven’t detected data misuse, this extended duration could make it more difficult for victims to recover. In response, the company is updating its email security practices and implementing two-factor authentication to prevent a future incident.  

gauge showing severe risk

Individual Risk: 1.716 = Severe

Patients’ personal information was compromised in the breach. This includes names, medical treatment information, diagnosis and medical details, insurance credentials, dates of birth, and Social Security numbers. In some cases, the breach also exposed driver’s license numbers, state identification card numbers, and financial details. Those impacted by the breach should immediately notify their financial institutions of the event while taking steps to ensure that their data isn’t used in other nefarious ways.    

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Cybercriminals are capitalizing on the chaos of COVID-19 to send millions of phishing scams each day. Even one malicious message can have cascading consequences for your business, making employee awareness training a top priority for companies looking to keep their data secure. 

ID Agent to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.  


United States – GoDaddy 

https://www.zdnet.com/google-amp/article/godaddy-reports-data-breach-involving-ssh-access-on-hosting-accounts/

Exploit:  Unauthorized database access

GoDaddy: Domain service provider

gauge showing severe risk

Risk to Small Business: 1.805 = Severe

GoDaddy has reported an October data breach to California authorities after it identified an unauthorized individual operating within their platform. Although the company believes that files were not altered or modified, the company was forced to reset user account passwords and to provide a free year of its website security and malware service. It’s possible that the intruder is related to an earlier cybersecurity incident stemming from an employee who engaged with a phishing scam. The hosting platform often touts its small business services, and these organizations will now have to decide if a platform with multiple cybersecurity lapses is the best place for their digital services to reside.  

Individual Risk: GoDaddy asserts that personal data was not compromised in this breach, but customers should carefully monitor their accounts for possible misuse.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: This incident highlights the growing cybersecurity threat posed by third-party partnerships, which SMBs often rely on to power their platforms and services. To protect account security, even in the event of a third-party cybersecurity incident, companies should enact simple but effective data security standards, like enabling two-factor authentication and requiring employees to use strong, unique passwords on all accounts.

ID Agent to the Rescue: Passly protects your data and business systems without breaking the bank. This integrated, all-in-one secure identity and access management solution includes multi-factor authentication, single sign-on, and secure shared password vaults. Find out more at https://www.idagent.com/passly


United States – Storenvy  

https://www.hackread.com/e-commerce-firm-storenvy-hacked-accounts-leaked/  

Exploit: Unauthorized database access

Storenvy: Online retailer 

gauge showing severe risk

Risk to Small Business: 2.281 = Severe

Hackers gained access to a company database containing customer information. This database was subsequently downloaded and posted online as a free resource. Making matters worse, the database contained plaintext passwords and other personal data that can quickly be used by bad actors to execute cybercrimes ranging from spear phishing scams to malware attacks. This is the company’s second data breach in two years, undermining its credibility at a critical time. Online shopping is experiencing a boon because of the COVID-19 pandemic, but customers are increasingly unwilling to do business with platforms that can’t protect their information.

gauge indicating moderate risk

Individual Risk: 2.779 = Moderate

The compromised data includes shoppers’ account passwords, order details, and payment methods. However, shipping and card information were not impacted. Victims should immediately update their account passwords, and they need to be mindful that the compromised data could be used against them in future cyberattacks.  

Customers Impacted: 1,500,000

How it Could Affect Your Customers’ Business: Both now and in the future, online retail is becoming the preferred shopping experience. This is a significant opportunity for many companies, enabling them to reach a bigger and broader audience than ever before. Unfortunately, for companies that can’t protect their platforms, many customers will take their business elsewhere.

ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID is the leading Dark Web monitoring platform in the channel. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact.


Canada – York University

https://www.cbc.ca/amp/1.5555106

Exploit: Malware attack

York University: Academic institution

gauge indicating moderate risk

Risk to Small Business: 2.670 = Moderate

A cyberattack corrupted several of York University’s servers and workstations, forcing the school to take its remaining network offline to stop the spread. As a result, students and staff were unable to access remote learning applications and other digital resources. In addition, students who are upset by a lack of communication from the university are complaining to the media, inviting brand erosion and other long-term consequences.    

Individual Risk: At this time, there is no evidence that personal information was compromised in the breach. However, users should carefully monitor their accounts and credentials for misuse or abuse.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: As many organizations move their operations online, testing the integrity of IT infrastructure is a critical component of ensuring a smooth transition. Of course, cybersecurity isn’t just a matter of convenience. In today’s regulatory environment, the risks of remote work make compliance a critical issue during this unprecedented time.

ID Agent to the Rescue: With Compliance Manager, any company can automate data privacy standards and documentation responsibilities, making compliance a simple, intuitive process for everyone. Click the link to get started today: https://www.idagent.com/compliance-manager.  


France – Tarkett 

https://in.reuters.com/article/tarkett-cyber/french-company-tarkett-hit-by-cyberattack-shares-fall-idINKBN22G0KR?&web_view=true

Exploit: Ransomware 

Tarkett: Floor and wall covering producer  

gauge indicating severe risk

Risk to Small Business: 2.117 = Severe

A cyberattack has disrupted Tarkett’s operations, causing its shares to plummet. The attack, which occurred on April 29th, forced the company to disable its information technology systems and to implement other defensive measures to protect employee, company, and customer data. In response, the company has hired a third-party cybersecurity team to restore operations, but the expense triumvirate, including recovery, reputation, and share costs, could be significant.    

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Tarkett has hired cybersecurity experts and has notified its cyber-insurance provider, but these measures won’t make their problems go away. Shareholders are recognizing the immense negative impact of a ransomware attack and bailing on the company, which has a long, arduous recovery ahead. Rather than waiting to respond to an attack, this incident, and hundreds like it, should encourage every organization to re-examine their defensive capabilities with this threat in mind.

ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal Assist, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.


Germany – Fresenius         

 https://krebsonsecurity.com/2020/05/europes-largest-private-hospital-operator-fresenius-hit-by-ransomware/

Exploit: Ransomware 

Fresenius: Private hospital operator

gauge showing severe risk

Risk to Small Business: 1.751 = Severe

A ransomware attack has disrupted many of the company’s operations. Although patient care continues, this attack is especially problematic as the healthcare provider is playing a crucial role in the COVID-19 pandemic with a deluge of patients presenting with the virus. The incident is emblematic of a broad uptick in healthcare-related cyberattacks, and it serves as a reminder that, in 2020, quality patient care includes comprehensive cyber-readiness. 

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware attacks are a persistent and expensive threat to every organization. Ensuring that your defensive posture is equipped to handle this problem is critical to thriving in our current digital environment.

ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id


Australia – Home Affairs        

https://www.infosecurity-magazine.com/news/breach-exposes-data-of-774k/

Exploit: Unsecured database

Home Affairs: National government agency regulating homeland security and immigration

gauge showing severe risk

Risk to Small Business: 2.157 = Severe

An unsecured database exposed the information for hundreds of thousands of users who uploaded their information to a department form for skilled workers looking to migrate to Australia. The breach compromised peoples’ personally identifiable information for an at-risk population. The breach is especially untimely because the Australian government is asking people to trust its cybersecurity and data privacy acumen by downloading a COVID-19 tracing app that relies on peoples’ sensitive personal data. It’s a reminder that brand reputation and cybersecurity are inextricably linked, and companies that care about the former will prioritize the latter.  

gauge showing severe risk

Individual Risk: 2.285 = Severe

The exposed database included users’ partial names, ADUserIDs, age, country of birth, marital status, and desired application outcomes. It applies to applicants as far back as 2014, and it could be used to execute additional cybercrimes or instances of fraud. Those impacted by the breach should carefully scrutinize incoming messages while also being aware that their data could quickly spread on the Dark Web where cybercriminals use that information for a variety of malicious purposes.   

Customers Impacted: 774,326

How it Could Affect Your Customers’ Business: This week, the Australian government is asking citizens to download the CovidSafe app, a contact tracing app that can help deter the spread of the novel Coronavirus. Unfortunately, as we detail at the end of the newsletter, consumers are increasingly unwilling to work with platforms that can’t protect data. In this case, preserving consumer trust may be an actual matter of life or death, and, for many organizations, their survival in today’s digital landscape is likely predicated on their ability to protect their data

ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at https://www.idagent.com/dark-web/.  


Australia – Toll Group      

https://www.securitymagazine.com/articles/92334-toll-group-suffers-ransomware-attack-again

Exploit: Ransomware

Toll Group: Transportation and logistics company   

1.51 – 2.49 = Severe Risk

Risk to Small Business: 2.105 = Severe

After recovering from a ransomware attack in early 2020, Toll Group has once again been victimized by bad actors. This attack exploited vulnerabilities in a Remote Desktop Protocol to infect the company’s network. To prevent the malware’s spread, Toll Group brought many of its servers offline, compounding the cost by curtailing productivity during an already precarious time.  

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: COVID-19 is reorienting our business practices. Most notably, many employees are now working remotely, which opens organizations up to a litany of cybersecurity threats. Bad actors are exploiting those vulnerabilities, which means that organizations intending to thrive throughout this time will need to account for those risks as part of their evolving defensive posture.

ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help to ensure you are getting the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.  


Risk Levels:

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News

Our Bigger, Better Blog is Buzzworthy   

Have you been reading our blog? We’ve revamped it to offer more news, problem-solving advice, and expert analysis of today’s threats, plus fresh cybersecurity insight that helps you plan for tomorrow. 

Catch up on what you need to know now: 


Watch our new free webinar for an inside look at the real cybercrime market on the Dark Web!

Don’t fall for tall tales, get the facts! Learn the truth about the Dark Web economy from experts in our newest must-see webinar, plus get a free PowerPoint slide deck to explain what you’ve learned to your customers.

 DOWNLOAD “Unveiling Cybercrime Markets on the Dark Web”  NOW 


Consumers Seek New Options After a Cyberattack    

While many organizations are focused on the bottom line during the COVID-19 downturn, cyber-readiness must be considered as a critical piece of the puzzle. According to a recent consumer survey, today’s customers are placing a high priority on cybersecurity, often requiring it as a prerequisite for doing business.

For instance, 90% of those surveyed consider a company’s trustworthiness when deciding to purchase a product, and nearly 60% indicated that they would avoid doing business with a company that experienced a cyberattack in the past year. 

When cyberattacks cause a service disruption, 37% of survey participants indicated that they would switch to a competitor, and 66% were prepared to leave if operations weren’t restored within three days. The survey results were especially problematic for financial service providers and communications products, two industries that consumers are readily prepared to abandon in the event of a cybersecurity incident. 

The global survey that included shoppers in North America, the United Kingdom, France, and Germany found that consumers overwhelmingly feel that businesses aren’t doing enough to protect their information.

80% of respondents noted that they shared negative ransomware-related brand experiences with family, friends, or colleagues, accelerating brand erosion and piling on to the long-lasting implications of a cyberattack. For companies navigating an already harsh business environment, it’s clear that customer retention may be contingent on their ability to defend their networks from an ever-evolving threat landscape.

https://www.helpnetsecurity.com/2020/05/04/ransomware-related-service-disruption/   


Catch Up With Us at These Virtual Events

MAY 19-20: ACES Conference 2020: The Prequel REGISTER>> 

AUG 30-SEPT 1: ITBYDesign BuildIT REGISTER>> 


A Note for Your Customers

Cybercrime Increased by 300% Since COVID-19 Pandemic Began  

By now, many organizations are well aware of the increase in cybercrime since the COVID-19 pandemic began. The number of phishing scams have soared, popular virtual meeting platforms (like Zoom) have endured cybersecurity shortcomings and many more.   

A report by the US Federal Bureau of Investigation (FBI) has quantified the increase in cyberattacks, detailing that the number of reported cybersecurity complaints have increased by more than 4,000 since the pandemic began. The information comes as tech platforms have similarly quantified cyber threats related to their platforms. Google says that it’s blocking 18 million COVID-19 phishing scams each day, and the US Federal Trade Commission (FTC) has recorded 18,257 fraud complaints related to the Coronavirus, collectively causing $13.44 million in losses.y. 

These numbers are a reminder that companies need to remain vigilant about addressing the most pressing threats, especially phishing scams, during the pandemic. However, agencies are also speculating that the significant uptick in cybercrime could be the result of a yet undisclosed data breach, which means that companies need visibility into the Dark Web where stolen credentials or other information could be used in upcoming attacks.  

https://www.imcgrupo.com/covid-19-news-fbi-reports-300-increase-in-reported-cybercrimes/


Do you need high-quality marketing tools to help you connect with your customers? Our marketing team is here to help with free, packaged resources for print, social media, and other applications.


Follow us on social media to get our latest news, events, blog posts, insights, product updates, marketing tools, and so much more!


Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts! Just send an email to [email protected] to let us know!

Not a Partner yet? Let’s talk about how your business can benefit from our remote-ready suite of cybersecurity solutions including the award-winning DarkWeb ID and our newest addition Passly. Contact us today!