The Week in Breach News: 01/20/21 – 01/26/21
This Week in Breach News:
ShinyHunters work overtime at multiple targets including Pixlr, data theft puts a star talent agency in the spotlight, and three of our best tips for securing clients in an evolving threat landscape at a price you’ll both love.
Dark Web ID’s Top Threats This Week
Top Source Hits: ID Theft Forum
Top Compromise Type: Domain
Top Industry: Health & Medical Research
Top Employee Count: 501+
The Week in Breach News – United States
United States – Teespring
Teespring: eCommerce Platform
Risk to Business: 2.129 = Severe
Hackers have dropped a huge trove of user and creator data allegedly from Teespring, an e-commerce platform that specializes in enabling designers to market their wares. The two massive files of stolen data include email addresses and last update dates for 8,242,000 user accounts.
Individual Risk: 2.221 = Severe
The info dump contains 4,000,000+ user records, including usernames, full names, locations, phone numbers, Creator IDs, referral information, trust score, whitelisted seller campaigns, storefronts, bank check payouts, and other analytics data. This data could be used to conduct business email compromise attacks and spear phishing attempts.
Customers Impacted: 8,242,000
How it Could Affect Your Customers’ Business: Data like this is sought-after by cybercriminals and often hangs around for years on the Dark Web, acting as fuel for future cybercrime.
ID Agent to the Rescue: Watch for threats from the Dark Web without lifting a finger using Dark Web ID, 24/7/365 credential monitoring that alerts you to trouble fast. LEARN MORE>>
United States – Circuit Court of Cook County
Exploit: Unsecured Server
Circuit Court of Cook County: Municipal Court System
Risk to Business: 1.775 = Severe
An unsecured Elasticsearch server is the cause of a huge data exposure containing more than 323,277 Cook County court-related records. Researchers estimate that the database may have belonged to a specialist Cook County department of caseworkers working with people who needed additional help.
Risk to Business: 1.612 = Severe
The records contained PII such as full names, home addresses, email addresses, and court case numbers and notes on the status of both the case and the individuals concerned. Criminal, family and immigration cases are in the mix. This data could be used to mount an array of attacks like blackmail, identity theft and spear phishing attempts.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Failing to take a simple step to secure a server that contains sensitive information doesn’t speak well to an organization’s commitment to cybersecurity.
ID Agent to the Rescue: Everyone needs to understand the seriousness of today’s threats. Our Security Awareness Champion’s Guide makes understanding cyber threats easy and fun. GET THE BOOK>>
United States – MeetMindful
MeetMindful: Dating Site
Risk to Business: 1.979 = Severe
Details of an estimated 2.28 million users of dating site MeetMindful was just released online in the latest in a series of stolen data dumps by cybercrime gang ShinyHunters. There’s no clear origin of the data, but researchers expect that it may have come from an unsecured AWS S3 bucket.
Individual Risk: 1.779 = Severe
The dumped data includes users’ real names, email addresses, address information, physical descriptions, dating preferences, marital status, birth data, location data, IP addresses, Bcrypt-hashed passwords, Facebook user IDs and Facebook authentication tokens. This information puts users at risk for spear phishing attacks.
Customers Impacted: 2.28 million
How it Could Affect Your Customers’ Business: Keeping data safe from hackers starts with keeping data secure using strong access point controls and basic security protocols like multifactor authentication.
ID Agent to the Rescue: Passly provides the toolkit that businesses need to keep cybercriminals locked out of data and systems including multifactor authentication and secure shared password vaults. SEE IT IN ACTION>>
United States – Bonobos
Bonobos: Menswear Retailer
Risk to Business: 1.979 = Severe
Men’s clothier Bonobos has experienced a huge 70GB data breach exposing millions of customers’ personal information after a cloud backup of their database was snatched. ShinyHunters, who had a very busy week, posted the full Bonobos database to a free hacker forum. ShinyHunters was kind enough to transform the stolen password data into a handy list for credential stuffing.
Individual Risk: 2.006 = Severe
The leaked data included customers’ addresses, phone numbers, partial credit card numbers (last four digits), order information and password histories. This information can be used in many cyberattacks including spear phishing and credential stuffing.
Customers Impacted: 7 million
How it Could Affect Your Customers’ Business: Data theft is an increasingly worrisome problem for everyone. Not only is the original business impacted, the addition of such large troves of information to the Dark Web fuels further cybercrime.
ID Agent to the Rescue: Dark Web ID provides 24/7/365 protection against surprise credential compromise by sending up a red flag when a stolen credential that could impact your business appears on the Dark Web. LEARN MORE>>
The Week in Breach News – Canada
Canada – City of Montmagne
City of Montmagne: Municipal Government
Risk to Business: 2.211 = Severe
The municipal government of Montagne in Quebec has fallen victim to a ransomware attack that crippled city systems. Some services have been restored including the phone system which was down for 6 days, but the recovery could be slow.
Individual Risk: No personal or business financial information or PII was reported as stolen in this incident that is still under investigation.
Customers Impacted: 17,553
How it Could Affect Your Customers’ Business: Ransomware is almost always the result of a phishing attack. Failing to keep up with security awareness training will put businesses at risk for more cyberattacks.
ID Agent to the Rescue: BullPhish ID makes it easy to keep up with training for users and trainers with customizable training portals for each user. SEE IT AT WORK>>
The Week in Breach News – United Kingdom & European Union
United Kingdom – the7stars
the7stars: Talent Agency
Risk to Business: 1.411 = Severe
Clop ransomware is at the root of a data breach at the7stars, a London-based talent agency that handles clients with connections to Atlantic Records, Suzuki and Penguin Random House. Internal client records, business agreements, photographs, business records, and other communications were included in this haul. The agency announced that it was able to restore its systems from back-ups and are continuing to investigate.
Individual Risk: 1.221 = Severe
The stolen data includes scans of passports, invoices, and other sensitive information about the agency’s clients. This information can be used for identity theft and spear phishing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is a huge risk for every business, and it’s essential that everyone in your team is on board to spot and stop ransomware attacks.
ID Agent to the Rescue: Go back to school to learn why ransomware has become such a prevalent threat in today’s landscape and how to stop it in our ebook Ransomware 101. READ THE EBOOK>>
Exploit: Third Party Data Breach
Pixlr: Photo Editing Software Developer
Risk to Business: 1.827 = Severe
ShinyHunters are at it again, this time with a dump of data from Pixlr. The gang claims that the Pixlr data was obtained through their earlier successful breach at stock photo site 123rf, which is owned by the same parent company. The Pixlr database posted by ShinyHunters contains 1,921,141 user records consisting of email addresses, login names, SHA-512 hashed passwords, a user’s country, whether they signed up for the newsletter, and other internal information.
Individual Risk: 1.717 = Severe
User information was stolen that includes basic contact information for users, leaving them at risk for spear phishing attacks.
Customers Impacted: 1,921,141
How it Could Affect Your Customers’ Business: Third party data breaches are becoming all too common as Dark Web data grows, creating even more risk for businesses, especially around credential stuffing.
ID Agent to the Rescue: Get protection from password-based cyberattacks like credential stuffing fast with secure identity and access management from Passly. LEARN MORE>>
The Week in Breach News – Australia & New Zealand
Australia – Australia Securities and Investments Commission
Australia Securities and Investments Commission: Securities Regulator
Risk to Business: 1.616 = Severe
A security breach at Australia’s security regulator may have led to a significant data exposure. The breach occurred on a server that the organization used to transfer files including credit license applications where some information may have been viewed. This breach may have been caused by a suspected flaw in third-party software that may have also spurred a similar breach at the New Zealand central bank a few weeks ago.
Individual Risk: No personal or business data was reported as confirmed to be stolen in this incident that is still under investigation.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Taking precautions against potential third party data breaches is sensible for every business because you can never be sure how another company’s cybersecurity flaws may impact your business.
ID Agent to the Rescue: Passly is the multipurpose secure identity and access management solution that every business needs to guard systems and data against unexpected trouble fast. SEE IT IN ACTION>>
The Week in Breach News Guide to Our Risk Scores
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
The Week in Breach: Added Intelligence
Go Inside the Ink to Get the Inside Scoop on Cybercrime
Every weekday, our blog features timely cybersecurity and breach news, problem-solving advice, and expert analysis of today’s threats, plus insight that helps you plan for tomorrow. Don’t miss it!
- Kaseya Ends 2020 Empowering Customers with Best-in-Class Product Innovations to Thrive in a Post-COVID World
- How Are Cybercriminals Stealing Business Data?
- Hackers Leaked 22 Million Records on the Dark Web in 2020
- Healthcare Cyberattacks Disrupt COVID-19 Vaccine Supply Chain
- The Week in Breach News: 01/06/20 – 01/12/20
Go inside the booming post-pandemic Dark Web markets in this essential webinar to learn more about protecting your clients – and yourself from Dark Web threats.
The Week in Breach: Resource Spotlight
Come In From the Cold and Curl Up with a Webinar!
The weather outside is indeed frightful, with nasty conditions (and a nasty virus) making it unpleasant to go out. But never fear – your friends at ID Agent are here to keep you from getting bored indoors with five superstar webinars to help you transform your business. Grab a warm blanket, a hot beverage and a comfy couch (cat optional) and listen now!
- Grabbing BPID by the Horns – All the details you need to sell the newly updated and upgraded BullPhish ID plus a peek at what’s next for BullPhish ID and ID Agent. LISTEN NOW>>
- Twas the Night Before Krampus – Hear amazing tales of cybercrime past and present from hacker Brett Johnson, MSP success stories plus expert insight on selling more security! LISTEN NOW>>
- Phishing Confidential: Offense and Defense Playbooks of a Phishing Attack Revealed – get the inside scoop on both sides of a phishing attack from an anti-phishing expert and an ethical hacker. LISTEN NOW>>
- 5 Proven, Practical Steps to Close New Security Business – Who doesn’t want to make more money? Learn the secret to closing new cybersecurity deals in just 5 steps from a master. LISTEN NOW>>
- Unveiling Cybercrime Markets on the Dark Web – Go behind the scenes into Dark Web data markets and see what really goes on on the Dark Web. Plus get a free deck of real Dark Web screenshots! LISTEN NOW>>
The Week in Breach: Featured Briefing
3 Tips for Securing Clients Affordably (and Profitably) in an Explosive Threat Landscape
Your clients need stronger security to protect them in today’s tumultuous, rapidly expanding risk landscape. Cybercrime is up across the board – a recent survey shows that almost a quarter of organizations worldwide had the misfortune to experience seven or more attacks that infiltrated their networks over the past year. When looking forward, a majority of those surveyed believe it will happen again in the coming 12 months.
That fear is reflected in market spending. Analytics Insight experts predict that the global cybersecurity market overall will grow at a CAGR of 8.1% from $153.9 billion in 2019 to an expected $227.4 billion in 2023. North America will be the biggest slice of that pie at 41% with Europe at 30% and the Asia Pacific region at 23%. They’re also predicting a growth percentage of 16.1%, in cybersecurity solutions spending, up from $6.2 billion in 2019 and projected to reach $11.1 billion in 2023.
While these expected growth numbers are a hopeful sign, that doesn’t take into account the reluctance that your clients may have to change or upgrade their security stack in a challenging economy even with scary-high increases in cybercrime. There’s profit to be made, but you’ve got to get decision-makers to not only buy in to the need to make necessary security improvements but also feel good about making that choice. Here are three of our best tips to help get them on board and signing on the dotted line.
Use Budget Stress to Your Advantage
Some people are more likely to understand the need for changes when its presented in dollars and cents. Your client may be looking at the impact that spending on upgraded cybersecurity will make on their bottom line, but they may change their tune after you show them what the damage to that bottom line could be from not investing in adequate security. You’ll find useful statistics in our Top 10 Facts lists for most cybersecurity topics, as well as fresh data about the epic increases in cybercrime that businesses experienced in 2020 in our Security Awareness Champions Guide.
Concentrate Energy on a Big Change with a Big Payoff
Experts of every stripe have identity and access management (IAM) at the top of their cybersecurity best practices lists. In one CISO survey, 43% of those surveyed said they’re investing in IAM ahead of such areas as endpoint security and security awareness training. That’s for good reason – the multifactor authentication component of IAM solutions alone can deflect 99.9% of cybercrime. That’s why suggesting an investment in secure identity and access management with Passly is a smart move. Passly adds immediate, cost-effective protection that includes MFA and other IAM features with demonstrable value and without a scary price tag.
Use Our Resources to Make the Case
Our Partners don’t just get the benefit of our cybersecurity expertise – they also get the benefit of our marketing teams too. We report on cybersecurity risks and solutions daily in our blog and our ID Agent eBooks and resource packages focus on finding affordable solutions to common cybersecurity problems. Combine that with the tremendous array of sales and marketing tools, from plug-and-play marketing campaigns to sales technique videos, that you have access to through Powered Services Pro, and you’ve got everything that you need for marketing success at your fingertips.
Times are tough and tight for everyone, and the world economy is still reeling from the global pandemic. Your clients may not see why security upgrades are a must-have upfront, but by using these tips and maximizing your returns from the tools and data that are at your disposal as our Partner, you’ll be empowered to demonstrate the value of investing in updated cybersecurity solutions – and the cost of failing to take today’s threats seriously.
Contact the experts at ID Agent and let’s talk about how we can work together to help you build a stronger business, secure your clients increase your MRR with our security solutions.
Join Us at These Events!
Jan 27 – 5 Proven, Practical Steps to Close New Security Business REGISTER NOW>>
Jan 28 – MSP Mastered® Level 1: Determining Your True Cost of Service Delivery and Profit REGISTER NOW>>
Feb 4, 11, & 18 – Making a Battle Plan for Profit (choose from 3 regions) REGISTER NOW>>
Feb 11 – MSP Mastered® Level 1: Staffing, Hiring and Designing High-Performing Compensation Plans REGISTER NOW>>
Feb 11 – Phish and Chips (EMEA Edition) – REGISTER NOW>>
Feb 25 – MSP Mastered® Level 1: Pricing and Bundling for Profit REGISTER NOW>>
Mar 11 – MSP Mastered® Level 1: Developing Effective Master Service Agreements and SOWs REGISTER NOW>>
Mar 25 – MSP Mastered® Level 1: Optimizing and Integrating Your Business Platforms REGISTER NOW>>
The Week in Breach: A Note for Your Customers
How Strong is the Lock on the Door to Your Data?
You wouldn’t trust a flimsy old lock to secure the door to your business. Why are you trusting one to secure your business systems and data? It sounds logical that you’d want the most secure lock on your office door, but many companies don’t extend that logic to the access points to their systems and data, leaving them wide open to cybercriminal mischief.
In a recent survey, only 24% of businesses were using security access controls, like a secure identity and access management solution instead of old-fashioned password-based security. That’s a boon for cybercriminals – compromised passwords are the key to entry for them in around 85% of all data breaches. Strong access point security isn’t just something for major corporations anymore. Every business needs it, and solutions like Passly ensure that every business can afford it.
Protecting your systems and data with just a password isn’t going to cut it anymore. Even if your employees are making good, complex passwords and practicing excellent password hygiene, relying on passwords alone is outmoded and dangerous. Huge stores of passwords that have been stolen in past data breaches are available in Dark Web markets and data dumps to power credential stuffing attacks and other cybercrime.
Passly makes it easy and affordable to defend against password-based attacks with the tools that experts recommend: multifactor authentication, single sign-on, secure shared password vaults and more. Plus, Passly deploys in days, not weeks for an immediate security improvement. Don’t wait to beef up your access point security. Add a secure identity and access management solution today and make sure that the access points to your systems and data are really protected.
Get high-quality tools to help you connect with your customers with our free resources for marketing and education like eBooks, webinars, social media graphics, infographics, and more!
Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Just send an email to [email protected] to let us know – we welcome your feedback and we love to hear about how our content works for you!
Ready to become an ID Agent Partner or learn more about our remote-ready suite of cybersecurity solutions including the award-winning DarkWeb ID? Contact us today!