The Week in Breach: 10/02/19 – 10/08/19
This week, hackers make a sport of exploiting online gamers’ data, ransomware prevents patient care, and business leaders lament today’s data landscape.
Dark Web ID Trends:
Top Source Hits: ID Theft Forums
Top Compromise Type: Domain
Top Industry: Finance & Insurance
Top Employee Count: 501+ Employees
United States – Zynga
https://www.cisomag.com/data-breach-affected-218-million-words-with-friends-gamers/
Exploit: Unauthorized database access
Zynga: Social game development company
Risk to Small Business: 2 = Severe: Hackers gained access to the company’s database, which exposed the personally identifiable information(PII) for millions of customers. The company discovered the breach in September, and they responded by hiring an external investigator to determine the scope and severity of the breach. Unfortunately, by the time they responded, hackers uploaded user data to various hacker forums. | |
Individual Risk: 2.428 = Severe: The data breach applies to all users of the platform’s popular Words with Friends gaming app on Android and iOS who registered on or before September 2, 2019. In addition, some users of Draw Something, another mobile game produced by Zynga, were compromised. The exposed information includes names, email addresses, login IDs, hashed passwords, password reset tokens, phone numbers, Facebook IDs, and other Zynga account details. Since this information is already available to bad actors on the Dark Web and will be used to perpetuate additional cybercrimes, those impacted by the breach should carefully monitor their accounts while being especially watchful for other fraudulent communications. |
Customers Impacted: 218,000,000
How it Could Affect Your Customers’ Business: Data security is increasingly top of mind for consumers. For companies operating in a highly competitive marketplace, it can mean the difference between keeping your customers happy while increasing revenue or losing them forever. Therefore, businesses of every size need to meet the moment by understanding their vulnerabilities, embracing best practices for cyber defense, and building a breach response action plan.
ID Agent to the Rescue: Dark Web IDTM alerts MSPs when their customers’ employee emails and passwords have been compromised and are for sale to the highest bidder, before a breach occurs. Learn how you can partner up with us here: https://www.idagent.com/dark-web/#contact.
United States – Tomo Drug Testing
https://finance.yahoo.com/news/tomo-drug-testing-provides-notice-210000275.html
Exploit: Unauthorized database access
Tomo Drug Testing: Medical laboratory providing drug and screening services
Risk to Small Business: 1.888 = Severe: An unauthorized user gained access to Tomo’s customer database, which contained a treasure trove of personal data. Upon discovering the access, Tomo hired an external forensic firm to investigate the incident, which confirmed that customer data was either deleted or removed from the database. Although Tomo can’t confirm that hackers downloaded data, they are charged with notifying their customers and regulatory bodies of the incident. This could bring additional expenses and revenue reductions to the drug testing company. Moreover, the company will certainly face additional criticism and scrutiny for its lengthy reporting process and the sensitive nature of the compromised information in question. The breach occurred on July 1, 2019 but wasn’t officially reported until this week. | |
Individual Risk: 2.142 = Severe: Tomo confirmed that personal data, including names, driver’s license numbers, Social Security numbers, and drug test results could be compromised. The drug testing company has set up a designated helpline, and they encourage those impacted by the breach to acquire a free credit report to identify abnormalities. |
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Although Tomo states that data privacy is one of their top concerns, their actions say otherwise. Companies demonstrate their priorities by actively securing their customers’ data and by having a response plan ready in case a breach occurs. Knowing what happens to data after it is stolen and having deliberate channels to communicate this information to your customers are both critical to hastening the recovery process and restoring customer confidence in your brand.
ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at: https://www.idagent.com/dark-web.
United States – Zendesk
https://www.channele2e.com/technology/security/zendesk-chat-data-breach/
Exploit: Unauthorized database access
Zendesk: Customer service software company
Risk to Small Business: 1.888 = Severe: More than three years after the event, Zendesk acknowledged a data breach after a third party notified the customer service software company of unauthorized data access. The breach impacts Support and Chat accounts, and it includes personal data from all categories of Zendesk users, including customers, agents, and end users. The company is resetting all passwords for users that registered before November 1, 2016. However, the platform touts many high-profile companies as clients, which means that the breach could have far-reaching repercussions for all stakeholders involved. | |
Individual Risk: 2.285 = Severe: The personal details of customers, agents, and end users were compromised in the breach. This includes names, email addresses, phone numbers, passwords, and other technically-oriented data. The company is contacting all customers who could be impacted by the breach, and those affected should reset their Zendesk passwords and any redundant passwords used on other platforms. |
Customers Impacted: 10,000
How it Could Affect Your Customers’ Business: When it comes to protecting customer data, speed and precision are your best friends. Unfortunately, too many companies don’t have the IT capabilities to identify a data breach or to adequately investigate an event after it happens. As a result, customer data can virtually linger indefinitely before protective action can be taken, such as changing passwords or otherwise ensuring data integrity. This incident serves as an important reminder that every business needs to enlist in services that help proactively monitor and protect customer data.
ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID is the leading Dark Web monitoring platform in the Channel. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact.
Canada – Listowel Wingham Hospital Alliance
https://www.cbc.ca/news/canada/kitchener-waterloo/rural-hospitals-in-southwest-ontario-hit-by-ransomware-attack-1.5301947
Exploit: Ransomware
Listowel Wingham Hospital Alliance: Healthcare partnership between Listowel Memorial Hospital and Wingham and District Hospital
Risk to Small Business: 2 = Severe: The Listowel Wingham Hospital Alliance, which is comprised of two hospitals, was struck by a ransomware attack that significantly curtailed their treatment capabilities. Although the emergency rooms remain open, less urgent patients are enduring long waits or are being transferred to other facilities. In addition, the hospitals are unable to communicate with other healthcare providers until their network is cleared of ransomware-spreading malware. Not only does this put patients’ health at risk, but the recovery expenses and opportunity costs are sure to be immense.
Individual Risk: No personal information was compromised in the breach. |
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: There are no inexpensive ways to respond to a ransomware attack, which raises the importance of strong cybersecurity standards that can defend against these attacks. As the cost of a ransomware attack continues to rise, every business needs to be aware of the urgent need to secure their IT infrastructure against this incredibly frustrating and unfortunately expensive cybersecurity threat.
ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal Assist™, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.
Canada – The National Basketball Association
https://www.narcity.com/sports/ca/nba-canada-data-breach-reported-one-month-after-the-incident
Exploit: Unauthorized database access
The National Basketball Association: Men’s professional basketball league in North America
Risk to Small Business: 2.111 = Severe: An unauthorized user accessed a server managed by the NBA for its Canadian business efforts. The league quickly identified the intrusion and took the server offline, began an investigation, and hired cybersecurity experts to make further recommendations. However, these measures can’t retroactively restore users’ data integrity, nor will it negate the reputational damage that always accompanies a privacy breach. | |
Individual Risk: 2.428 = Severe: The exposed user data includes names, addresses, email addresses, phone number, and other account-related information. Although the breach is limited to those who recently entered an online contest in Canada, this information is especially sensitive, and those impacted by the breach should take every precaution to ensure the long-term integrity of their credentials. |
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Digital platforms can be a great way to engage customers, but when data integrity is compromised, these initiatives can quickly become a liability. Therefore, cybersecurity needs to be the bedrock of any online engagement to ensure that such marketing efforts meet customers where they are securely, as opposed to manifesting into self-inflicted wounds on your company’s reputation and customer engagement.
ID Agent to the Rescue: Monitoring the Dark Web for stolen credentials is critical for MSPs who want to provide comprehensive security to their customers. BullPhish ID compliments that data with simulated phishing attacks and security awareness training campaigns to educate employees, making them the best defense against cybercrime: https://www.idagent.com/bullphish-id.
United Kingdom – EA Sports
https://www.infosecurity-magazine.com/news/ea-games-leaks-personal-data/
Exploit: Accidental sharing
EA Sports: Developer and publisher of sports video games
Risk to Small Business: 2 = Severe: EA Sports inadvertently leaked the personal data of 1,600 gamers who participated in a competition on the company’s website. The breach is related to the company’s FIFA 20 Global Series competition. Aside from becoming a PR nightmare for EA Sports on social media, the leak occurred just hours after the company’s announcement of new security features and promotional events related to the UK’s National Cyber Security Month. The web form was removed after thirty minutes, and the competition was temporarily cancelled. | |
Individual Risk: 2.142 = Severe: The leaked data includes email addresses, account ID numbers, usernames, and dates of birth. Those impacted by the breach should monitor their accounts for suspicious or unusual activity. |
Customers Impacted: 1,600
How it Could Affect Your Customers’ Business: Even relatively small data breaches can have a sizable impact on a company’s reputation and future earnings potential. Even apart from the bad press and media scrutiny that often accompanies a breach, customers are quick to take to social media to voice their concerns. Taken together, a data breach can quickly escalate into a PR disaster. To protect your brand’s reputation, prioritize customer data security.
ID Agent to the Rescue: Dark Web ID alerts MSPs when their customers’ employee emails and passwords have been compromised and are for sale to the highest bidder, before a breach occurs. Learn how you can partner up with us here: https://www.idagent.com/dark-web.
Australia – West Gippsland Hospital
https://www.theage.com.au/national/victoria/surgeries-delayed-and-patient-security-fears-after-cyber-attack-on-victorian-hospitals-20191001-p52wp1.html
Exploit: Ransomware
West Gippsland Hospital: Regional emergency hospital
Risk to Small Business: 2.111 = Severe: A ransomware attack has significantly impacted the healthcare provider’s ability to conduct business and treat patients. West Gippsland Hospital expects their book and record keeping system to be unavailable for two weeks. In response, the hospital had to disconnect and isolate its computer network to prevent the malware’s spread. Emergency and surgery centers remain operational, but some patient procedures were cancelled, and others were delayed until full operations can be restored. The ransomware attack was one of seven reported at healthcare providers around Australia.
Individual Risk: No personal information was compromised in the breach. |
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware attacks are on the rise, and healthcare providers are a top target. However, regardless of industry, every organization needs to examine the deliverable pathways for ransomware. Since there is no advantageous or affordable response once a ransomware attack occurs, these critical defensive maneuvers are a bottom-line issue for every company in 2019.
ID Agent to the Rescue: Designed to protect against human error, BullPhish ID simulates phishing attacks and manages security awareness training campaigns to educate employees, making them the best defense against cybercrime. Learn more here: https://www.idagent.com/bullphish-id.
New Zealand – Tu Ora Compass Health
https://www.stuff.co.nz/dominion-post/news/116318497/up-to-1-million-new-zealand-patients-data-breached-in-criminal-cyber-hack
Exploit: Unauthorized database access
Tu Ora Compass Health: Primary health organization
Risk to Small Business: 1.666 = Severe: Tu Ora Compass Health recently acknowledged a data breach that compromised the personal information for up to a million people. The breach was extensive, and hackers likely had access to the healthcare provider’s system since 2016. The organization discovered the breach after its website was defaced in August, and their slow response time made an already difficult situation even more damaging. Now, the organization will face public backlash, regulatory scrutiny, and high recovery costs. | |
Individual Risk: 2.428 = Severe: Tu Ora Compass Health’s data breach included a wide range of patient data, including names, ages, ethnicities, and addresses. In addition, hackers had access to patients’ smoking history, alcohol intake levels, immunization records, diabetes information, and other highly-personal data points. Administrators believe this data was harvested to perpetuate identity theft, so those impacted by the breach should enroll in identity monitoring services to ensure that their information isn’t leveraged for nefarious reasons. |
Customers Impacted: 1,000,000
How it Could Affect Your Customers’ Business: Companies operating in highly regulated industries like healthcare have to be especially vigilant about their cybersecurity stance. Patients’ personal data must be protected at all costs, and when a breach occurs, it should not take three years to discover. Deploying proper defenses is much more affordable and advantageous than considering data breaches an inevitability and leaving it up to chance.
ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help to ensure you are getting the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win!: https://www.idagent.com/goal-assist.
Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
In Other News:
U.S. Senate Passes Ransomware Response Law
Ransomware is making a devastating comeback in 2019, impacting SMBs, government agencies, and educational institutions with frightening regularity and at great cost.
The scourge of attacks has been so profound that a bill governing ransomware response tactics actually elicited bipartisan support from a divisive U.S. senate.
The new legislation calls for dedicated teams tasked with providing organizations with best practice advice for protecting against and responding to ransomware attacks. These resources will be available for SMBs, government agencies, and schools, which were specifically addressed by senate minority leader, Chuck Schumer.
The practical effects of such legislation are unclear, but the more prescient fact is that the law exists at all. It underscores the incredible need for more companies to adopt a best practice defensive posture and the chasm between those that are ready to defend themselves and those that remain vulnerable.
However, the law alone won’t solve SMBs problems. They need to understand the ways that their IT infrastructure might be vulnerable, and they need to make addressing those concerns a top priority.
https://www.infosecurity-magazine.com/news/senate-passes-ransomware-law/
What We’re Listening to:
Know Tech Talks
Security Now
Defensive Security Podcast
Small Business, Big Marketing – Australia’s #1 Marketing Show!
IT Provider Network – The Podcast for Growing IT Service
TubbTalk – The Podcast for IT Consultants
Risky Business
CHANNELe2e
A Note for Your Customers:
UK Business Leaders Believe Data Breaches Are the New Normal
The majority of UK businesses have suffered some form of a data breach in 2019, and C-suite business leaders view this reality as the “new normal.”
This information was derived from the latest Carbon Black study, which surveyed 250 C-level business leaders from the UK. In total, 84% indicated that they endured a data breach in the past year, and the same amount indicated that cyber attacks were becoming more sophisticated.
This new reality is especially notable among smaller businesses, which reported a 57% increase in cyber attacks. While the financial repercussions varied significantly, 75% of executives noted that reputational cost is one of the most problematic results of a data breach.
Interestingly, two of the most prominent threats identified by executives, malware and phishing attacks, are defensible. By implementing comprehensive awareness training, companies of all sizes can neutralize a persistent and problematic threat group.
In a cybersecurity landscape that’s increasingly defined by continuous attacks, controlling some of the variables can give any organization a leg up on the best efforts of bad actors.
Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in entirety) for your own social media and marketing efforts! Just send an email to [email protected] to let us know!
Not a Partner? Learn more about Dark Web ID™ and the benefits it holds for your Business. Contact us today!