Please fill in the form below to subscribe to our blog

The Week in Breach: 06/05/19 – 06/11/19

June 13, 2019

This week, medical information continues to be an easy target for hackers, a major Australian university loses control of student data, and phishing scams become increasingly difficult to defend.

Dark Web ID Trends:

Top Source Hits: ID Theft Forums 
Top Compromise Type: 
Domain
Top Industry:
Construction & Engineering
Top Employee Count: 
11 – 50 Employees 


United States – Quest Diagnostics
https://abc13.com/health/qaawnearly-12m-quest-diagnostics-patients-may-be-affected-in-breach/5327860/ 

Exploit: Unauthorized network access
Quest Diagnostics: Clinical laboratory company with operations in the United States, the United Kingdom, Mexico, and Brazil.

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.556 = Severe: A collection firm partnering with Quest Diagnostics encountered a data breach that directly impacted nearly 12 million of the lab’s patients. In response, Quest is partnering with a third-party cybersecurity organization to ensure proper breach notification standards are followed. Even though the event precipitated at a separate organization, Quest Diagnostics will bear the financial and reputational burden of a data breach that has compromised the most sensitive information in people’s lives: the type that is related to their health.
1.51 – 2.49 = Severe Risk Individual Risk: 2.286 = Severe: The scope of this incident is astounding, and it includes patient information, financial data, social security numbers, along with other medical data. While test results were not included in the breach, this extensive trove of valuable information can quickly make its way to the Dark Web, and those impacted by the breach should attain the services necessary to know what happens to their information after it’s compromised.

Customers Impacted: 11.9 million
How it Could Affect Your Customers’ Business: Caring for customers in the wake of a data breach should be any company’s top priority. Although Quest Diagnostics is working diligently to notify those impacted by the breach, much more is required to adequately make reparations. Since sensitive personal information has a significant market on the Dark Web, providing services to help customers understand what happens to their data is an excellent place to start.

ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID™ is the leading Dark Web monitoring platform in the Channel. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United States – Broome County
https://wbng.com/news/local-news/2019/05/31/financial-medical-information-put-at-risk-in-months-old-broome-county-security-breach/

Exploit: Credential harvesting phishing email
Broome County: Local government in the Binghamton, New York metropolitan area

1.51 – 2.49 = Severe Risk Risk to Small Business: 2 = Severe: A phishing email compromised the email and PeopleSoft accounts of several county employees, ultimately exposing sensitive personal information and impacting the county’s payroll system. The county became aware of the breach on January 2nd, when hackers attempted to change an employee’s direct deposit information. In this case, a simple security vulnerability now requires the county to absorb the costs of post-breach management, a fee that is considerably higher than proactively training employees and implementing safeguards. Such a recommendation seems like a no-brainer, especially when analyzing the modest budgets of many local government systems.
2.5 – 3 = Moderate Risk

Individual Risk: 2.571 = Moderate: The breach compromised data from 13 different agencies and third-party affiliates, including names, dates of birth, contact details, social security numbers, financial information, credit card information, medical record numbers, patient identification numbers, diagnosis and treatment, and health insurance credentials. Anyone affiliated with the impacted departments should immediately seek identity and credit monitoring services. Moreover, since the hackers attempted to alter an employee’s direct deposit information, those impacted should monitor their records for abnormalities.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Phishing scams are quickly becoming normative for local governments and SMBs. In this case, a single phishing scam had cascading consequences for a local government, which is now tasked with repairing its technological infrastructure while undergoing the arduous process of restoring the constituents’ confidence in their data stewardship. Since phishing scams are entirely preventable, partnering with a third-party training solution is a veritable must-have in today’s digital environment.

ID Agent to the Rescue: BullPhish ID™ simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United States – Lewes Board of Public Works
https://cyware.com/news/lewes-board-of-public-works-notifies-customers-of-potential-data-breach-b5f45004

Exploit: Software vulnerability
Lewes Board of Public Works: Public works department in Lewes, Delaware

1.51 – 2.49 = Severe Risk Risk to Small Business:  1.666 = Severe: The Department of Homeland Security notified the Lewes Board of Public Works that a software vulnerability allowed hackers to copy customer information from their network. The board responded by isolating their customer information system and developing improvements to prevent a similar attack in the future. It’s unclear why the board’s own cybersecurity apparatus didn’t identify the threat, requiring a federal agency to intervene and communicate knowledge of the breach. Now, the board is faced with repairing its reputation while ensuring that their customers can successfully protect their personal data and financial information.
1.51 – 2.49 = Severe Risk Individual Risk: 2.429 = Severe: Hackers gained access to customers’ personal information including their names, email addresses, payment card information, bank account details, account numbers, and more. Those impacted by the breach are encouraged to monitor their credit card and banking statements for possible misuse and to reset their account passwords.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Customers shouldn’t be expected to navigate a data breach on their own. Despite their public communication, the Lewes Board of Public Works hasn’t offered any services to support customers impacted by the breach. By providing adequate assistance or showing initiative through awareness and training, companies can ensure that their customers can recover from a breach. In a world that is becoming increasingly cyber-vigilant, this can have the dual benefit of restoring brand reputation and trust in the wake of a cybersecurity incident.

ID Agent to the Rescue: Did you know that SpotLight ID™ is 100% US-based and more comprehensive than LifeLock® or other competitors? Discover more about the personal identity protection solution here: https://www.idagent.com/identity-monitoring-programs.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United States – Opko Health
https://www.reuters.com/article/us-opko-health-cyber/opko-health-says-over-400000-customers-likely-affected-by-data-breach-idUSKCN1T71UL 

Exploit: Unauthorized network access
Opko Health: Medical testing company focused on diagnostics and pharmaceuticals

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.666 = Severe:: A data breach at the company’s former collections vendor has compromised personal information for hundreds of thousands of the company’s customers. The lab recently switched its collections services to another provider and requested that the compromised collections agency stop pursuing requests on its customers. Despite the fact that the breach originated with a third-party provider, Opko Health is now responsible for restoring order and supporting their customers in the aftermath of the breach.
1.51 – 2.49 = Severe Risk Individual Risk: 2.288 = Severe: This particular incident is incredible in its scope and duration. Unauthorized activity occurred between August 1, 2018 and March 30, 2019, and hackers gained access to customers’ names, credit card numbers, bank account information, email addresses, addresses, phone numbers, and account information.

Customers Impacted: 422,600
How it Could Affect Your Customers’ Business: Even when data breaches don’t originate on-site, a holistic response plan is critical. Not only do companies need to reevaluate the cybersecurity priorities of their trusted partners, but they must train their employees to avoid such an incident from ever occurring. Working with a qualified MSP that leverages identity monitoring solutions can help mitigate the damage of a data breach.


ID Agent to the Rescue: Backed by ID Agent’s $1 million identity theft restoration policy, SpotLight ID allows MSPs’ clients to protect customers while enhancing their overall cybersecurity awareness. Learn more: https://www.idagent.com/identity-monitoring-programs.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Germany – Eurofins Scientific
https://www.reuters.com/article/us-eurofins-scient-cyber/eurofins-scientific-detects-ransomware-in-some-of-its-it-systems-idUSKCN1T40QH

Exploit: Ransomware
Eurofins Scientific: Laboratory that provides testing for pharmaceutical, food, environmental, agriscience, and other industries

2.5 – 3 = Moderate Risk Risk to Small Business: 2.555 = Moderate Risk:  Eurofins Scientific was forced to take several of its IT systems offline when malware gained access to the system. Although personal data wasn’t compromised in the breach, business processes have been interrupted, and IT teams are now tasked with upgrading protections and restoring affected systems from backups.
whitebox Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business:  Today’s cybersecurity landscape contains ever-evolving threats, and every company needs to take a dynamic approach to their security initiatives. When it comes to protecting your digital infrastructure, today’s defenses might not be adequate tomorrow. Small and mid-size businesses should consider collaborating with third-party security providers to ensure that their standards are sufficient before they endure the financial and reputational cost of a data breach.

ID Agent to the Rescue: With BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Ireland – The Football Association of Ireland
https://www.siliconrepublic.com/enterprise/fai-data-breach-2019-season-tickets

Exploit: Unauthorized server breach
The Football Association of Ireland: The governing body for the association of football in Ireland

2.5 – 3 = Moderate Risk Risk to Small Business: 2.555 = Moderate Risk: Hackers gained access to the association’s servers, disabling their email and causing them to pour money into new cybersecurity initiatives. Fortunately, the organization’s ticket sales are conducted through a third-party merchant, and personal data is stored off-site, preventing the breach from being more extensive. However, because of the organization’s lax cybersecurity standards, they will now have to allocate more money to making repairs and positioning themselves for the future.
2.5 – 3 = Moderate Risk Individual Risk: 3 = Moderate Risk: While personal and financial information related to ticket sales were spared from this breach, hackers did have access to the organization’s email server, which could compromise personal information. Therefore, those impacted by the breach should monitor their accounts for unusual activity and create new, stronger passwords across logins.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: A strong cyber defense is critical for organizations of any size and industry. However, their response to a data breach is a close second. In this case, understanding what happens to the information accessed in the data breach can provide employees or customers to have confidence in the integrity of their personal information or credentials. Additionally, implementing cybersecurity training and awareness programs can stop potential compromises in their tracks by empowering your company’s front line: the staff.

ID Agent to the Rescue: SpotLight ID allows MSPs, Resellers, and Channel Partners to deliver comprehensive personal identity protection for clients’ employees and customers, ultimately safeguarding corporate systems. Get started here: https://www.idagent.com/identity-monitoring-programs.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Australia – Australian National University
https://www.theguardian.com/australia-news/2019/jun/04/australian-national-university-hit-by-huge-data-breach

Exploit: Unauthorized network access
Australian National University: National research university located in Canberra, Australia

1 – 1.5 = Extreme Risk Risk to Small Business: 1.444 = Extreme Risk: Hackers gained access to the university’s network, compromising the personal information of current and former staff and students. Security researchers concluded that the breach was conducted by unsophisticated hackers, meaning that this breach was likely preventable or at least containable. Instead, the university will now have to spend to upgrade its security standards while also providing support services to hundreds of thousands of victims. Collectively, it’s a reminder that the costs of a strong defense far outweigh the consequences of a data breach.
1.51 – 2.49 = Severe Risk Individual Risk: 2.286 = Severe: Hackers gained access to 19 years of student and staff records, providing them with names, addresses, dates of birth, phone numbers, personal email addresses, emergency contact details, tax file numbers, payroll information, bank account details, passport details, and academic records. While more detailed financial information, like credit card numbers, were not impacted, the extensive amount of personal information collected on such a sizable number of people will make this information valuable on the Dark Web. Those impacted need to attain identity and credit monitoring services while also examining their accounts for suspicious activity.

Customers Impacted: 200,000
How it Could Affect Your Customers’ Business: Any data breach can be devastating for a company and its customers, but the scope of this compromise signals an immediate need to quickly and effectively contain the breach and to make reparations. When valuable personal information is compromised, this response needs to include providing credit, identity, and Dark Web monitoring services to ensure that any negative repercussions are mitigated.

ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at: https://www.idagent.com/dark-web.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Australia – PayID
https://www.smh.com.au/business/banking-and-finance/australians-private-details-exposed-in-attack-on-westpac-s-payid-20190603-p51u2u.html

Exploit: Enumeration attack
PayID: Digital payment platform

1.51 – 2.49 = Severe Risk Risk to Small Business: 2.111 = Severe: PayID offers its users a simple way to send and receive money, allowing them to register their phone number or email address as a payment mechanism. Unfortunately, this also allowed hackers to perpetrate an enumeration attack, which involves changing letters or numbers at random until the account is identified, revealing personal information that could be used to commit fraud. In this case, a security vulnerability will slow the proliferation of a highly-touted and convenient technology, and it underscores the importance of understanding the unique threat landscape manifesting around emerging technologies.
2.5 – 3 = Moderate Risk Individual Risk: 2.857 = Moderate: Users’ bank account numbers were not compromised in this attack, but hackers did gain access to user nicknames, email addresses, or phone numbers. PayID users should closely monitor their accounts for suspicious activity, and they need to be aware that this information can quickly spread on the Dark Web where it is fodder for fraudsters who deploy the information in a variety of ways.

Customers Impacted: 100,000
How it Could Affect Your Customers’ Business: Savvy setups and swift functionality can be a big boon for any company, but security can’t be compromised in the name of user experience. However, both concepts don’t have to be mutually exclusive. Partnering with an MSP can provide the insights necessary to protect your digital infrastructure. Perhaps more importantly, having a game plan for helping customers navigate the difficult waters after a data breach can help all parties recover as quickly as possible.

ID Agent to the Rescue: Monitoring the Dark Web for stolen credentials is critical for MSPs who want to provide comprehensive security to their customers. BullPhish ID compliments that data with simulated phishing attacks and security awareness training campaigns to educate employees, making them the best defense against cybercrime: https://www.idagent.com/bullphish-id.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.



In Other News:

Phishing Scams Are Getting More Sophisticated 

Phishing scams, already a significant headache for companies of all sizes, are becoming more complicated. A recent study found that nearly half of all phishing attacks are polymorphic, meaning that they can implement slight but significant changes to multichannel formats and become more difficult to detect or prevent.

For instance, polymorphic phishing scams will use different email addresses, content, subject lines, sender names, or other features. Therefore, recipients are forced to fend off various versions of the same attack.

Phishing scams, which are frequently used to deliver malicious malware and ransomware, rely on users’ ambivalence to be successful, and they are defendable with proper training and preparation (like ours) from qualified MSPs. With polymorphic phishing scams on the rise, yesterday’s technical safeguards are being bypassed through sophistication, and the importance of cybersecurity awareness continues to grow in magnitude.

https://www.infosecurity-magazine.com/news/half-phishing-attacks-are/


What We’re Listening To:

Know Tech Talks
Security Now
Defensive Security Podcast
Small Business, Big Marketing – Australia’s #1 Marketing Show!
IT Provider Network – The Podcast for Growing IT Service
TubbTalk – The Podcast for IT Consultants
Risky Business
CHANNELe2e


A note for your customers:

Unpatched Vulnerabilities Are a Top Threat 

Today’s cybersecurity landscape is incredibly daunting, and IT administrators have a tough job on their hands. One of their most significant tasks, according to a recent study, is patching security vulnerabilities and getting their employees to update their software.

Different organizations take unique approaches to this problem, including scanning for vulnerabilities, running simulations, and collaborating with MSPs to identify and solve for possible pain points, but the challenge is ubiquitous throughout all sectors and among companies of all sizes.

Taken together, more than 1/4 of organizations endured a data breach because of an unpatched vulnerability, highlighting their need for technical support in this area.

To put it simply, it’s challenging enough to account for the multifaceted cybersecurity challenges facing organizations every day; don’t let solved problems be the reason for failure. Get the support you need from trusted MSPs to ensure that your defensive posture is as strong as possible.

https://www.scmagazineuk.com/one-fourth-global-organisations-faced-breaches-unpatched-vulnerabilities/article/1586349

 


 Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in entirety) for your own social media and marketing efforts! Just send an email to [email protected] to let us know!

Not a Partner? Learn more about Dark Web ID™ and the benefits it holds for your Business. Contact us today!