Please fill in the form below to subscribe to our blog

The Week in Breach: 06/03/20 – 06/09/20

June 10, 2020
the week in breach represented by a money sitting in front of a furnace burglar looks on

New this week in breach news: glaring oversights lead to data disasters, ransomware puts governance out of action, and a new study shows the enormous cost of data breaches. 

This Week in Breach: Dark Web ID’s Top Threats

  • Top Source Hits: ID Theft Forums
  • Top Compromise Type: Domain
  • Top Industry: Education & Research
  • Top Employee Count: 501+

The Week in Breach: United States

United States – Westech International   

https://www.infosecurity-magazine.com/news/cyberattack-on-us-nuclear-missile/?&web_view=true

Exploit: Ransomware

Westech International: Nuclear maintenance subcontractor 

Week in Breach gauge showing severe risk

Risk to Small Business: 1.510 = Severe

Cybercriminals associated with the MAZE ransomware group exfiltrated company data before encrypting certain networks. The stolen files were subsequently posted online. Westech International is working with cybersecurity experts to identify the scope of the incident and restore access to encrypted data. In the meantime, the company will likely face significant fallout as its business relies on an industry that demands the highest cybersecurity standards. 

Week in Breach gauge showing severe risk

Individual Risk: 2.279 = Severe

The company did not detail the specific information compromised in the breach, but the incident includes company emails and payroll information, which likely contain personal and financial data. Anyone impacted by this breach should immediately notify their financial institutions while taking steps to protect their personal information against misuse. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Stolen data can be quickly disseminated on the Dark Web. To combat data misuse and to prevent further cybersecurity incidents, today’s organizations need insight into this nefarious marketplace. With information traveling quickly among bad actors, it could be the difference between stopping further misuse and succumbing to a more problematic cybersecurity incident. 

ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at https://www.idagent.com/dark-web/.  


United States – Joomla 

https://www.crn.com.au/news/content-management-system-joomla-hit-by-data-breach-548844

Exploit: Unsecured database

Joomla: Content management system 

Week in Breach gauge showing severe risk

Risk to Small Business: 1.708 = Severe

Developers failed to secure backup files on a cloud storage platform, leaving people’s personal data exposed to the internet. The storage platform doesn’t automatically encrypt data, but enabling these security features is simple, making this incident an unforced error that was easily preventable. While the platform has secured the database, this breach will test users’ loyalty at a time when people are more willing than ever to leave businesses that can’t protect their information. 

Week in Breach gauge showing severe risk

Individual Risk: 2.675 = Severe

The data breach exposed personally identifiable information, including names, addresses, phone numbers, website addresses, business titles, encrypted passwords, IP addresses, and newsletters subscription preferences. Users should update their Joomla account passwords and any other account credentials using the same details. In addition, they need to carefully monitor incoming messages as this information is often used in phishing scams.  

Customers Impacted:  2,700

How it Could Affect Your Customers’ Business: Billions of account credentials are compromised every year. Companies committed to cybersecurity shouldn’t rely exclusively on password integrity to protect their most critical information. Instead, make account security tools, like two-factor authentication, accessible for all employees. 

ID Agent to the Rescue: Dark Web ID can find out how your staff’s stolen sensitive data is being used on the Dark Web, with customized options to add special alerts for executives and administrators. Find out more here: https://www.idagent.com/dark-web/.


United States – San Francisco Employees’ Retirement System (SFERS) 

https://www.bleepingcomputer.com/news/security/san-francisco-retirement-program-sfers-suffers-data-breach/?&web_view=true

Exploit: Unauthorized database access

SFERS: Public employee benefits program  

gauge showing severe risk

Risk to Small Business: 1.980 = Severe

An unauthorized user accessed a critical database managed by the program’s third-party vendor, causing a significant data breach. The breach, which occurred on February 24, 2020, wasn’t discovered until the end of March. An analysis of the incident couldn’t be completed until this month, leaving many people unaware that their information might be compromised. This data breach reveals the cybersecurity risk that accompanies third-party partnerships but also the often-lengthy delay between breach identification and notification.

Week in Breach gauge indicating moderate risk

Individual Risk: 2.602 = Moderate

The data breach did not compromise Social Security numbers or bank data, but it did include members’ names, addresses, dates of birth, and beneficiary information. This data can be used in a variety of different cybercrimes. Most notably, cybercriminals are using stolen data to craft spear phishing messages that can result in even more problematic cybersecurity incidents.  

Customers Impacted: 74,000

How it Could Affect Your Customers’ Business: Third-party vendors are an inevitable part of doing business in 2020. However, these relationships expose companies to potential data breaches that are outside of their control. In this environment, having an extra layer of protection to prevent network or account access is a critical component of any defensive strategy.

ID Agent to the Rescue: Vendor or service provider mistakes can be a problem, but they don’t have to be your problem. Breathe easier with a digital risk protection platform that’s up to the challenge of protecting you from other companies’ mistakes. https://www.idagent.com/passly-digital-risk-protection


The Week in Breach: Canada

Canada – The Nipissing First Nation 

https://www.bleepingcomputer.com/news/security/ransomware-locks-down-the-nipissing-first-nation/

Exploit: Ransomware 

The Nipissing First Nation: Administration for First Nations Tribe

gauge showing severe risk

Risk to Small Business: 1.702 = Severe

A ransomware attack disrupted communications throughout the administration and resource network. The attack, which was first detected on May 8th, was partially thwarted when the organization prevented it from encrypting networks, communications infrastructure was impacted. To repair the damage, Nipissing First Nation hired a cybersecurity team to investigate the cause and to identify solutions. Despite avoiding some of the worst consequences, the organization will still face an expensive recovery process that will impact its operations at a critical time. 

Individual Risk: At this time, no personal information was compromised in the breach.  

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: While cybersecurity specialists believe that company and customer data was spared in this attack, ransomware attacks often double as data breaches when bad actors exfiltrate data before encrypting networks. Organizations should regularly assess their defensive landscape to ensure that they are prepared to defend against the latest ransomware trends.

ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal AssistTM, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.


Canada – The Manitoba Agricultural Services Corporation (MASC) 

https://winnipeg.ctvnews.ca/masc-informs-clients-about-accidental-data-breach-1.4964369

Exploit: Accidental data sharing  

MASC: Agriculture products and services provider 

gauge indicating moderate risk

Risk to Small Business: 2.847 = Moderate

An employee accidentally attached a document containing the names and contact information for more than 130 clients. The incident is an embarrassing oversight, requiring MASC to notify its clients of the self-inflicted data breach. In response to the breach, MASC acknowledged that it’s implementing new policies and procedures to guard against a similar data breach in the future. However, there is no guarantee that these steps will assuage clients, who could shy away from partnering with organizations without data security processes in place from day one.

gauge indicating moderate risk

Individual Risk: 2.922 = Moderate

The breach exposed organizational contact information, which could include certain employees’ personal data. This information can be used to craft convincing phishing scams, and employees should carefully evaluate the authenticity of incoming communications. 

Customers Impacted: 134

How it Could Affect Your Customers’ Business: As we’ve reported on our blog, accidental and malicious insider threats pose a meaningful data privacy risk to every organization. While many organizations are rightly focused on external cyber threats, it’s important to account for a 360-degree approach to cybersecurity that includes effective policies and procedures to prevent insider threats from compromising company data.

ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal Assist we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist


The Week in Breach: EU & UK

Spain – 8Belts         

https://www.securitymagazine.com/articles/92494-000s-of-e-learning-students-exposed-in-8belts-data-breach

Exploit: Unsecured database

8Belts: Online learning platform  

gauge showing severe risk

Risk to Small Business: 2.161 = Severe

Developers failed to secure an Amazon Web Services S3 bucket, exposing users’ personal data to the open internet. The database includes both critical company files and users’ personal information, making it an especially problematic cybersecurity incident for the company. 8Belt frequently partners with prominent organizations to provide educational services, and this data breach could jeopardize those important relationships. In response, the company will need to undergo a significant PR effort to restore customer confidence, an effort that is undoubtedly predicated on the reprioritization of data privacy.

gauge showing severe risk

Risk to Small Business: 1.710 = Severe

This data breach impacts both staff and students of the online learning platform. It includes their names, email addresses, phone numbers, dates of birth, National ID numbers, and Skype IDs. Those impacted need to carefully scrutinize income messages, as compromised data often reemerges in convincing-looking spear phishing campaigns that can compromise even more sensitive data.

Customers Impacted: 150,000

How it Could Affect Your Customers’ Business: Billions of records are routinely compromised through accidental and malicious data exposure. This data is fodder for phishing scams, which rely on personal information to craft authentic-looking messages that inspire engagement. In response, every company needs a robust, dynamic phishing scam awareness program to ensure that these malicious messages don’t compromise company data.

ID Agent to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, including video content available in 8 languages, making them the best defense against phishing attacks for your business. https://www.idagent.com/bullphish-id.


United Kingdom – NHS Orkney         

https://www.eveningexpress.co.uk/news/scotland/dozens-of-covid-19-test-results-sent-to-business-in-error/amp/

Exploit: Accidental data sharing

NHS Orkney: Healthcare provider 

gauge showing severe risk

Risk to Small Business: 1.974 = Severe

An administrative error allowed COVID-19 test results to be sent to a local business. NHS Orkney has sent notices to data breach victims and notified governing authorities of the incident. In response, the organization is instituting new data management policies meant to prevent a similar incident in the future. This privacy violation comes at a critical time as COVID-19 testing is seen as a way to contain the virus, but it will be more difficult to convince people to be tested if they are worried about privacy violations as part of the process. 

Week in Breach gauge indicating moderate risk

Individual Risk: 2.768 = Moderate

The agency declined to detail the specific information transmitted in the breach, but medical tests often include patients’ most sensitive personal information. Even though this information was only transmitted to one outside business, those impacted should know that this information could be used in a variety of nefarious ways if it fell into the wrong hands. Therefore, they should continue to monitor their accounts and credentials for signs of misuse. 

Customers Impacted: 51

How it Could Affect Your Customers’ Business: While many employees present a severe data security vulnerability, companies can transform team members into cybersecurity assets by providing the right training. However, these initiatives are useless if they are implemented after a breach. Instead, organizations should make phishing scam and data management training a top priority from day one. 

ID Agent to the Rescue: Designed to protect against human error, Bullphish ID simulates phishing attacks and manages security awareness training campaigns to educate employees, making them the best defense against cybercrime. Learn more here: https://www.idagent.com/bullphish-id


The Week in Breach: Australia & New Zealand     

New Zealand – Earthquake Commission     

https://www.rnz.co.nz/news/national/418375/eqc-apologises-again-for-delay-in-contacting-homeowners-over-data-leak

Exploit: Accidental data sharing

Earthquake Commission: Crown Entity    

gauge showing severe risk

Risk to Small Business: 1.616 = Severe

The Earthquake Commission has come under public scrutiny after the organization accidentally shared peoples’ personal information with a company lawyer and their client. The organization was quick to blame an employee who failed to implement data security stopgaps intended to prevent such an error. The breach has been a PR disaster for the company, which has been slow to notify victims and repair the damage. As a result, the Earthquake Commission is experiencing media scrutiny and intense customer blowback as those angered by the incident speak publicly about their frustration with the company. 

gauge showing severe risk

Individual Risk: 2.101 = Severe

The breach exposed customers personal data, including names, addresses, and payment details. Victims should carefully monitor their accounts for potential misuse, while continuing to press the company to take necessary steps to secure this information. 

Customers Impacted: 8,000

How it Could Affect Your Customers’ Business: Data breaches are expensive, but the less-quantifiable reputation damage that always accompanies a breach can be equally problematic. As this incident demonstrates, today’s consumers have little patience for cybersecurity lapses, and they are not assuaged by apologies. Therefore, businesses wanting to thrive in today’s digital environment need to be proactive about data security, considering it a critical customer demand in 2020 and beyond. 

ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help to ensure you are getting the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.  


The Week in Breach Risk Levels

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.


SPECIAL EVENT!

Don’t miss ID Agent CEO and General Manager of Security Services at Kaseya Kevin Lancaster and the experts of The CyberCall on June 15th at 1 pm Eastern for an in-depth discussion of the benefits Zero Trust Security and why it’s the perfect strategy for keeping your data safe in the new remote-work world.

https://www.crowdcast.io/e/cybercall/6


The Week in Breach: Added Intelligence

Go Inside the Ink to Get the Inside Scoop on Cybersecurity  

Have you been reading our blog? We’re bringing you timely news, problem-solving advice, and expert analysis of today’s threats every day, plus intelligent cybersecurity insight that helps you plan for tomorrow. 

Catch up on what you need to know now: 


Download Great Education, Sales & Marketing Resources

Dark Web Activity is Booming. What Do You Need to Know Now?

Find out what really happens in Dark Web markets in our webinar “Unveiling Cybercrime Markets on the Dark Web” to learn how to protect your systems and data from disaster. Plus, get a free slide deck of authentic Dark Web screenshots to study or share with decision-makers. DOWNLOAD IT >>

Leverage LinkedIn for Post-Pandemic Success!

How can your LinkedIn connections help you grow your business and your bottom line in the new post-pandemic world? Get expert advice and tips in our webinar “Leverage LinkedIn to Build and Strengthen Relationships During Quarantine“. DOWNLOAD IT>>


Free eBook of the Week

Get our “Combating Insider Threats” eBook now to learn how to guard against threats from inside your organization! DOWNLOAD IT>>


The Week in Breach Threat Spotlight

Strong Cybersecurity Pays for Itself – Data Breach Costs Exceeded $1.2 Trillion for US Companies in 2019     

Data breaches have enormous consequences for companies, including recovery and repair expenses, reputational damage, potential regulatory penalties – all of which spell financial loss. This week, a new report illustrates just how significant the financial consequences of a data breach can be. In 2019, some major data breaches spelled disaster for heavyweight firms. With more than five-billion records compromised in 2019, breaches are estimated to have collectively cost companies $1.2 trillion, nearly double the sum from 2018. 

Healthcare was the most targeted sector in 2019, with 382 total breaches, a startling 100% year-over-year increase. It’s shaping up to be number one in 2020 as well. Unfortunately, the COVID-19 pandemic has incited cybercriminals to increase their attacks on the healthcare sector, which will certainly increase risks in the year ahead. In addition to healthcare, banking, insurance, education, government, and retail were among the top targets of cybercriminals. 

Taken together, personally identifiable information was the most sought after commodity. In response, it’s clear that companies need to take action to secure their systems and data now, especially as remote work compounds the risk of a cybersecurity incident. While today’s threat landscape is expansive and pervasive, every organization can improve its defensive posture by addressing the most prominent risks, including unauthorized access, phishing scams, and malware. 

https://www.techrepublic.com/article/data-breaches-cost-us-companies-more-than-1-2-trillion-last-year/ 


Catch Up With Us at These Virtual Events

JUNE 10: Robin Robins Rapid Implementation REGISTER>>
JUNE 17: 3 Steps to Rev Up Your Sales Engine with Gary Pica REGISTER >>
JUNE 23: MVP GROWTHFEST featuring Magic Johnson! REGISTER>>
AUG 24-27: Connect IT Global in Las Vegas REGISTER >> 
AUG 30-SEPT 1: ITBYDesign BuildIT REGISTER>> 


A note for your customers:

460 Million Records Reported Stolen in May    

A tally of May cybersecurity instances found that 460 million records were compromised last month, marking another staggering total in an already-historic year for cybersecurity. However, the sum only represents the beginning of the problem, as many data breaches are going unreported as companies fear regulatory repercussions and customer blowback. In addition, many data breaches also expose reams of sensitive personal data, making it difficult to quantify the full scope of the problem. 

Find out how records sold on the Dark Web can endanger your data in unexpected ways.

For businesses, this information has two prominent implications. First, there is a growing need to identify compromised data on the Dark Web. As more records are stolen and distributed in the dark corners of the internet, companies need eyes and ears to know if their information is among the mountain of stolen data.

What’s more, the sheer number of compromised records makes it more important than ever for organizations to put additional barriers between their IT infrastructure and bad actors. If your staffer is reusing a password from a compromised retail account or using their pet’s name to log in, that can put you at risk for a breach by making it easy for cybercriminals to find a way into your systems.

Dark Web ID can help keep accounts secure by alerting you when your staff’s compromised information hits the Dark Web. This cost-effective solution gives you peace of mind and gives you an opportunity to mitigate threats (like your staffer’s unwittingly compromised login credentials) before they become disasters.

https://www.bleepingcomputer.com/news/security/over-460-million-records-exposed-in-breach-incidents-reported-in-may/


Get high-quality marketing tools to help you connect with your customer with our free resources for marketing and education like eBooks, webinars, social media graphics, infographics, and more!.


Follow us on social media to find out about upcoming events, new blog posts, eBooks, white papers, webinars, product updates, marketing tools, and other cybersecurity news!


Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Just send an email to [email protected] to let us knowwe welcome your feedback and we love to hear about how our content works for you!

Ready to become an ID Agent Partner or learn more about our remote-ready suite of cybersecurity solutions including the award-winning DarkWeb ID? Contact us today!