The Week in Breach: 05/27/20 – 06/02/20
This week in The Week in Breach, slow breach responses put customers at risk, a malware attack undermines the benefits of shopping online, and a new study reveals that frequently resetting passwords is essential even if they haven’t been directly compromised.
Dark Web ID Trends:
- Top Source Hits: ID Theft Forums
- Top Compromise Type: Domain
- Top Industry: Education & Research
- Top Employee Count: 501+
United States – Quidd
Exploit: Unauthorized database access
Quidd: Digital collectibles app
Risk to Small Business: 2.137 = Severe
Bad actors infiltrated a Quidd database and shared its contents online, exposing users’ account credentials. The database was circulating on private forums for months, but the platform didn’t identify the breach until it appeared on a public board this week. The passwords were encrypted, but hackers have already cracked more than 135,000 passwords. Quidd’s slow response was further exacerbated by delayed notification procedures, as victims still haven’t been notified of the incident.
Individual Risk: 2.795 = Moderate
The data breach compromised usernames and passwords. All platform members should immediately update their credentials while assessing the integrity of other online accounts. Quidd users should continue evaluating their accounts for unusual or suspicious activity.
Customers Impacted: 4,000,000
How it Could Affect Your Customers’ Business: Rapidly identifying and responding to potential data breaches is a critical component of any defensive posture. In this case, the company could have acted much sooner if the Dark Web was being monitored for their information. Being able to identify the sale or transfer of company data enables businesses to respond before an incident escalates.
ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at https://www.idagent.com/dark-web/.
United States – Arbonne International
Exploit: Unauthorized database access
Arbonne International: Multi-level marketing (MLM) platform
Risk to Small Business: 1.692 = Severe
A data breach has exposed personal information for thousands of MLM participants. The data loss event began when the company detected unusual network activity on April 20th, but the incident was not revealed publicly until this week. The breach specifically applies to California employees, which means regulatory authorities will likely scrutinize the incident under the California Consumer Privacy Regulation
Individual Risk: 2.591 = Severe
The breach compromised MLM members’ names, email addresses, mailing addresses, phone numbers, purchase histories, and account passwords. Those impacted need to reset their Arbonne account password, and they should update other credentials using the same details. At the same time, victims should carefully monitor their accounts and communications for suspicious activity, since personal data is often used in subsequent phishing scams and other fraud attempts.
Customers Impacted: 3,527
How it Could Affect Your Customers’ Business: Consumer sentiment has quickly shifted toward a privacy-first approach to personal information, and regulatory efforts are enforcing that priority. Data privacy laws already apply in many places, and companies should expect more regulatory scrutiny in the years ahead
ID Agent to the Rescue: Compliance becomes much more important for companies every day. Data protection requires a stack of solutions that work together to mitigate the maximum amount of risk. Is your digital risk protection platform is up to the challenge? https://www.idagent.com/passly-digital-risk-protection
United States – Minted
Exploit: Unauthorized database access
Minted: Online marketplace for independent artists
Risk to Small Business: 1.980 = Severe
After a database was made available on the Dark Web, Minted acknowledged a data breach that compromised customer information. The breach happened when hackers accessed a company database on May 6th, and it’s unclear why it took the company more than three weeks to identify and respond. Customers are increasingly willing to walk away from platforms that can’t protect their data, and the company’s slow response could make it more challenging to regain users’ trust.
Individual Risk: 2.602 = Moderate
The incident compromised users’ data, including their names, addresses, phone numbers. Less than 1% of victims also had their dates of birth exposed. In addition, users’ login credentials were impacted. In response, those affected by the breach need to update their Minted passwords and any other platform passwords that use similar information.
Customers Impacted: 5,000,000
How it Could Affect Your Customers’ Business: Data beaches are a public relations nightmare, and a fast, effective response can be the difference between restoring trust and watching customers walk away. At the same time, equipping employees and customers with tools to secure their accounts demonstrates a tangible commitment to data security.
ID Agent to the Rescue:
Don’t wait until after you have a data breach or other devastating attack to put a digital risk platform in place for your organization that not only mitigates the threats of today, it’s ready for the threats of tomorrow. Watch 10-minute demos of our award-winning solutions now to see what you could be doing to protect your company.
Canada – Northwest Atlantic Fisheries Organization (NAFO)
NAFO: International fisheries organization
Risk to Small Business: 1.542 = Extreme
A ransomware attack has compromised the organization’s servers, making them unusable. Consequently, NAFO’s website has been inaccessible for more than a week, and a critical database for an upcoming scientific council is inoperable. NAFO had previously been warned of cybersecurity vulnerabilities, but they failed to take action, which may have contributed to this effective ransomware attack. Now the organization must decide if they will pay the undisclosed ransomware or attempt to restore systems in other ways. Regardless, it will be an expensive recovery process for the organization and its employees.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware attacks are devastating for small businesses, which often lack the robust resources of larger corporations to restore operations. In an already-challenging business environment, ensuring that your digital environment is prepared to defend against these attacks should be a top priority. As NAFO learned the hard way, failing to repair small vulnerabilities can have outsized consequences.
ID Agent to the Rescue: Ransomware attacks are typically fueled by the Dark Web. Get the facts about what really happens in Dark Web markets plus a deck of Dark Web screenshots to help you learn more about how Dark Web threats endanger your business. https://www.idagent.com/resources/unveiling-cybercrime-markets-on-the-dark-web/
Ireland – Savia
Exploit: Accidental data sharing
Savia: Victims’ rights group
Risk to Small Business: 1.427 = Extreme
An employee included hundreds of abuse victims’ personal identities in an external email, creating a data privacy incident with vast implications. Advocates, incensed by the oversight, called for the organization’s leader to resign, and others have publicly threatened to sue Savia. Making matters worse, the organization was slow to address the error, promising to manage the situation after a long holiday weekend concluded. For an organization predicated on trust, this incident has significantly undermined its mission, making it more difficult to successfully advocate for victims’ rights. At the same time, regulatory scrutiny will certainly accompany the incident, potentially bringing financial consequences to an already-arduous situation.
Individual Risk: 1.122 = Extreme
The data breach included the names and personal stories for hundreds of victims, many who never shared their stories publicly. This privacy violation could have profound personal implications for each person involved.
Customers Impacted: 250
How it Could Affect Your Customers’ Business: The Information Commissioner has already promised an investigation into the data breach. The results of the investigation could have profound implications for the organization. When coupled with the reputational damage, Savia certainly has a long road ahead as it seeks to rebuild the public’s trust.
ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal Assist we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.
Belgium – European Parliament
Exploit: Unauthorized database access
EU Parliament: Legislative branch of the European Union
Risk to Small Business: 2.105 = Severe
A website managed by the European Parliament exposed sensitive personal details for current and former staff members. The breach was detected by a cybersecurity company conducting a random screening of exposed data, meaning EU officials were unaware of the vulnerability. This underscores the agency’s integrity, as it tries to curtail data privacy issues through its expansive General Data Protection regulation. In response, users will be required to reset passwords more frequently and adhere to more stringent defensive tactics.
Risk to Small Business: 2.430 = Severe
Officials have not released the specific information categories compromised in the breach, but they admitted that it includes both personal and professional data. Notably, the breach exposes people to the risk of phishing attacks, which could lead to even more harmful compromises. Those impacted need to carefully scrutinize incoming, ensuring that they are engaging with authentic communications.
Customers Impacted: 16,200
How it Could Affect Your Customers’ Business: Even after steps are taken to repair the damage of a data breach, the consequences can linger for years afterward. Bad actors can reuse stolen information to craft convincing phishing scams that threaten sensitive information. Therefore, in today’s digital environment, phishing scam awareness training is a must-have component of any data security initiative.
ID Agent to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, including video content available in 8 languages, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.
United Kingdom – Páramo
Exploit: Malware attack
Páramo: Clothing retailer
Risk to Small Business: 1.755 = Severe
Card-skimming malware was active on Páramo’s online store for more than eight months before the retailer identified and eradicated the malicious code. Specifically, the malware redirected shoppers’ card information through a PayPal plugin. The information was forwarded to hackers who could use the data to commit financial fraud. This attack was especially difficult to detect, underscoring the importance of actively securing the online checkout process against bad actors.
Individual Risk: 1.992 = Severe
The card-skimming malware collected shoppers’ names, addresses, card numbers, and CVV codes. This information can be used in a variety of financial crimes, and victims should immediately report the breach to their financial institutions. Also, they should enroll in a credit monitoring service that can help ensure the long-term integrity of their personal and financial data.
Customers Impacted: 3,743
How it Could Affect Your Customers’ Business: Online shopping has surged since the COVID-19 pandemic, presenting an opportunity for retailers to recoup some of the losses from diminished foot traffic. However, while shoppers are spending more money online than ever before, they are also more willing to walk away from retail outlets that can’t protect their information. Card-skimming malware is a real threat to the checkout process, and it’s one of many cybersecurity concerns that businesses looking to capitalize on their online stores need to consider.
ID Agent to the Rescue: With Dark Web ID, MSPs can provide a more complete picture of a company’s potential Dark Web risks and how to strengthen security posture and make sure that they’re using the right protection for their digital risk threats Find out how you can get started with us here: https://www.idagent.com/dark-web-id-enterprise
Australia – Big Footy
Exploit: Phishing scam
Big Footy: AFL fan website
Risk to Small Business: 2.226 = Severe
Cybersecurity researchers discovered more 132GB of accessible data originating from Big Footy’s online platform. The data includes personal and business data, as well as private conversions between users. The company has taken steps to secure its infrastructure and notify users, two tasks that will be costly to its reputation and bottom line. Big Footy hopes that bad actors haven’t accessed this information, but information that’s publicly exposed is often collected and sold on the Dark Web.
Individual Risk: 2.761 = Moderate
The breach exposed users’ private messages, email addresses, phone numbers, passwords, and other sensitive personal details. The breach compromised many high-profile users, including police officers and government officials, giving the public unprecedented access to their private conversations. Big Footy is warning users to carefully monitor their accounts and communications for signs of misuse. Those impacted by the breach should update their Big Footy passwords and any other account credentials using a similar password combination.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Today’s organizations face threats on many fronts, making accidental, unforced errors especially problematic. In this case, the company failed to adequately assess its IT environment to ensure that all of the access points were secure. It’s a reminder that small details can have enormous consequences, and today’s organizations need to plan for a 360-degree approach to cybersecurity.
ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help to ensure you are getting the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.
In Other News
Our Bigger, Better Blog is Buzzworthy
Have you been reading our blog? We’ve revamped it to offer more news, problem-solving advice, and expert analysis of today’s threats, plus fresh cybersecurity insight that helps you plan for tomorrow.
Catch up on what you need to know now:
- 3 Free Webinars to Grow Your MSP Business Now
- Remote Work Security Boost is Critical for A Fully Remote Office
- The Week in Breach 5/20/20
- The Biggest Data Breaches of 2019 – 3 Lessons to Learn
- Phishing Attacks Increase as Pandemic Scams Flourish
- 3 Ways to Defend Against COVID-19 Email Scams
Sales & Marketing Tools You Can Use
NEW WEBINAR! Are you getting the most out of your LinkedIn connections to grow your business as we come out of quarantine? Get expert advice and tips that you can use in our new webinar “Leverage LinkedIn to Build and Strengthen Relationships During Quarantine“. DOWNLOAD IT>>
Get a free eBook! Your biggest threats are already inside your building. Learn how to spot and stop insider threats before they harm your business. Get our “Stop Insider Threats” resource package now! DOWNLOAD IT>>
USE THIS FREE TOOL
Get a free slide deck of genuine Dark Web screenshots to take a look at what’s really going on in Dark Web markets DOWNLOAD IT >>
Small Businesses Suffer More Than A Quarter of all Breaches
According to Verizon’s 2020 Data Breach Investigations Report, small businesses are increasingly the target of cybercriminals. The report, which analyzed more than 157,000 cybersecurity incidents, found that 28% were directed at small businesses. Previously, cybercriminals have targeted larger organizations as the rate of return was often higher. However, a transition to cloud computing and the use of social engineering attacks, like phishing scams, has increased the risk for small businesses.
In response, it’s clear that small businesses need to prioritize cybersecurity as a data breach has an outsized effect on smaller organizations. Among other recommendations, the report encourages small businesses to invest in continuous vulnerability management, secure their email infrastructure to protect themselves from the growing threat of phishing attacks. It’s also essential that companies recognize and identify insider threat sources and eliminate them as quickly as possible.
Knowing that small businesses often lack the in-house cybersecurity resources to implement a 360-degree defensive strategy, MSPs have an opportunity to reach out to small business customers to build a partnership that fills that gap effectively and affordably to provide essential cybersecurity support in this tumultuous time. .
Using tools and services that support good password hygiene, offering things like single sign-on, two-factor authentication, and other password-oriented enhancements, and enforcing stricter password reuse and sharing policies can help mitigate the risk of password compromise through password reuse and weakness.
Catch Up With Us at These Virtual Events
JUNE 1-5: PIVOT2GROW 2020 REGISTER >>
JUNE 17: 3 Steps to Rev Up Your Sales Engine with Gary Pica REGISTER >>
JUNE 23: MVP GROWTHFEST featuring Magic Johnson! REGISTER>>
AUG 24-27: Connect IT Global in Las Vegas REGISTER >>
AUG 30-SEPT 1: ITBYDesign BuildIT REGISTER>>
A Note for Your Customers
New Trouble Comes From Users Who Rarely Update Their Passwords
Despite years of advocacy and continual advice to update passwords frequently, the majority of victims fail to follow through on this priority. According to research by the Carnegie Mellon University’s CyLap, even after a data breach, users rarely voluntarily update their credentials, and only 13% even did so within three months of a known breach.
Updating passwords consistently is an essential security tool. Part of protecting a company’s data and systems from bad actors requires knowing when that company’s credentials have been compromised – and that compromise isn’t always on them. A third party breach could put corporate passwords at risk unexpectedly.
Is your password a failure or a winner? See how yours measures up!
Given the high number of compromised credentials available on the Dark Web, updating passwords after a breach is a critical recovery act that can help limit the scope and impact of the breach. Dark Web ID is an essential tool for finding out if company credentials have been compromised in someone else’s breach.
Do you need high-quality marketing tools to help you connect with your customers? Our marketing team is here to help with free resources for marketing and education like eBooks, webinars, social media graphics, infographics, and more!.
Follow us on social media to find out about upcoming events, new blog posts, eBooks, white papers, webinars, product updates, marketing tools, and other cybersecurity news!
Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Just send an email to [email protected] to let us know – we welcome your feedback and we love to hear about how our content works for you!
Not a Partner Yet? Let’s talk about how your business can benefit from our remote-ready suite of cybersecurity solutions including the award-winning DarkWeb ID and our newest addition Passly. Contact us today!