Please fill in the form below to subscribe to our blog

The Week in Breach News: 02/10/21 – 02/16/21

February 17, 2021

This Week in Breach News:

A Florida municipal water plant breach raises alarm, ransomware impacts hospital care in France, our special look at 3 ways that MSPs and SMBs can work together to fight ransomware plus how to make a battle plan for your MSP’s charge to greater profit!



United States – Syracuse University

http://dailyorange.com/2021/02/names-social-security-numbers-of-syracuse-university-students-exposed-in-data-breach/ 

Exploit: Unauthorized Access to Email

Syracuse University: Institution of Higher Learning

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.379 = Severe

An unknown party gained unauthorized access to an employee’s email account at Syracuse University. The university launched an investigation with a third party firm that determined in early January that emails and attachments in the account that had been improperly accessed did contain names and Social Security numbers of students, and those affected who have been informed by letter.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.347 = Severe

Impacted students may have had names and Social Security numbers exposed. officials aren’t clear on how much data was stolen or who may have taken it. Students should be alert to potential identity theft or spear phishing attempts

Customers Impacted: 10,000

How it Could Affect Your Customers’ Business: Data like this is a currency on the Dark Web, and it can hang around for years acting as fuel for future cybercrime like phishing.

ID Agent to the Rescue: Watch for threats from the Dark Web without lifting a finger using Dark Web ID, 24/7/365 credential monitoring that alerts you to trouble fast. LEARN MORE>>


United States – Chess.com

https://www.hackread.com/vulnerability-chess-com-50-million-user-records-accessed/

Exploit: Security Vulnerability

Chess.com: Gaming and Resource Site 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.211 = Severe

Security researchers found a critical bunch of vulnerabilities in chess.com’s API. The flaws could have been exploited to access any account on the site. They could also be used to gain full access to the site through its administrator panel. The website quickly fixed the problem after they were informed. There’s no current evidence that it was accessed by bad actors before it was patched.

Customers Impacted: 50 million

How it Could Affect Your Customers’ Business Security vulnerabilities can lead companies down dangerous paths and expose them to unexpected risks. Building a strong security culture helps make sure everyone is on the same page when it comes to data protection.

ID Agent to the Rescue: Get The Road to Cyber Resilience to learn strategies and solutions that can make your business bounce back faster from cybersecurity failures. READ THE BOOK>>


United States – Nebraska Medicine

https://apnews.com/article/technology-data-privacy-nebraska-94d8a76d2b772a3014773023c989d71a

Exploit:  Malware

Nebraska Medicine: Health System

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.663 = Severe

Nebraska Medicine and the University of Nebraska Medical Center have begun notifying patients and employees whose personal information may have been compromised in a breach in late 2020. Bad actors gained access to Nebraska Medicine and UNMC’s shared network using unnamed malware. The breach led to the interruption of some services including the postponement of patient appointments and required staff in the system’s hospitals and clinics to chart by hand.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.101 = Severe

Nebraska Medicine officials say that the incident did not result in unauthorized access to the health system’s shared electronic medical record application. However, an unspecified number of records that included information such as names, addresses, health insurance data, Social Security numbers and clinical information was compromised. Patients and employees should carefully watch for identity theft, spear phishing or fraud attempts using this data.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware isn’t the only kid on the block when it comes to causing a data breach – many types of malware are available for bad actors to use, and they can do devastating damage without the ransom.

ID Agent to the Rescue: Read our Security Awareness Champion’s Guide, for a complete walkthrough of today’s nastiest cyberattacks and the tricks that cybercriminals conduct them. GET THE BOOK>>


United States – Oldsmar Water Treatment Plant

https://threatpost.com/florida-water-plant-hack-credentials-breach/163919/

Exploit: Credential Compromise

Oldsmar Water Treatment: Municipal Water System Plant 

cybersecurity news gauge indicating extreme risk

Risk to Business: 2.022 = Severe

In an attack that made national headlines, bad actors are suspected of using stolen credentials to access operational systems at a Florida wastewater treatment plant. The attackers likely used remote access software to enter the operations system with the intent of changing the level of sodium hydroxide, more commonly known as lye, in the water from 100 parts per million to 11,100 parts per million. Other systems detected the chemical change and stopped it before anyone was hurt. Officials suspect that the compromised credentials may have been part of a huge 2017 data dump.

Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Recycled, reused, and weak passwords can cause trouble for years, and that’s especially dangerous when they give access to critical infrastructure like this.

ID Agent to the Rescue: Passly is an essential protection for every business, adding multifactor authentication that stops more than 90% of password-based cyberattacks. SEE IT IN ACTION>>




Canada – Canadian Discount Car and Truck Rentals

https://securereading.com/darkside-ransomware-gang-hits-canadian-rental-car-company/ 

Exploit: Ransomware

Canadian Discount Car and Truck Rentals: Vehicle Rental Company

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.668 = Severe

The DarkSide ransomware gang claims to have stolen 120 GB of data from Canadian Discount Car and Truck Rentals. The snatched data includes marketing, finance, account, banking and franchisee information. The company’s clients are also unable to book or manage rentals online.

Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware usually means phishing, today’s top threat to businesses. Every company can be hit by ransomware at any time. Employee training is vital to guard against this threat.

ID Agent to the Rescue: BullPhish ID is newly updated and upgraded to provide top-tier training that’s user-friendly for everyone involved. LEARN MORE IN THIS WEBINAR>>


cybersecurity new year's resolutions

Want to Borrow Our Sales and Marketing Teams? OK!

Get expert sales and marketing help to power up your MSP in a flash with Powered Services Pro. LEARN MORE>>



France – Dax-Cote de Argent Hospital

https://portswigger.net/daily-swig/dax-cote-dargent-hospital-in-france-hit-by-ransomware-attack 

Exploit: Ransomware

Dax-Cote de Argent Hospital: Medical Center 

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.413 = Severe

A suspected Egregor ransomware attack has caused significant operational disruption at French medical center Dax-Cote de Argent Hospital. Staff were resorting to pen and paper for records, phone systems were knocked out of operation and critical departments including radiotherapy care were severely disrupted. Officials at the hospital system, which has six sites and around 1,000 beds, were quoted as saying that restoration of normal operations could be several weeks away.

Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is lurking around every corner, and it can have severe impacts on every organization, resulting in everything from stolen data to near-complete operational shutdown.

ID Agent to the Rescue: In our eBoom Ransomware 101, learn how to spot and stop ransomware and add essential defenses against future attacks before it impacts your business. GET THE EBOOK>>


France – Mutuelle Nationale des Hospitaliers (MNH)

https://www.bleepingcomputer.com/news/security/french-mnh-health-insurance-company-hit-by-ransomexx-ransomware/

Exploit: Ransomware

Mutuelle Nationale des Hospitaliers (MNH): Insurance Company 

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.062 = Severe

RansomExx ransomware is to blame for an attack at French health insurance company Mutuelle Nationale des Hospitaliers (MNH) that has severely disrupted the company’s operations. The company’s website displays a notice stating that it has been affected by a cyberattack that started on February 5th. This attack has caused their websites, customer portal and telephone platform to go down. The attack is ongoing and under investigation, but operations are severely limited for clients.

Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware does more than just steal data these days, it is frequently used to halt operations altogether and bring companies to their knees as cybercriminals try for a fast payment from a simple phishing attack.

ID Agent to the Rescue: Is your business ready to fend off today’s tricky phishing attacks? Learn what cybercriminals are using as bait and how to stay off the hook in our eBook Phish Files. GET THIS EBOOK>>


Poland – CD Projekt Red

https://www.theverge.com/2021/2/11/22278121/cd-projekt-red-ransomware-hack-cyberpunk-2077-the-witcher-3-auction-sale

Exploit: Ransomware

CD Projekt Red: Videogame Developer 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.667 = Severe

Beleaguered game developer CD Projekt Red faces a new challenge as cybercriminals have obtained and auctioned off part or all of the source code for its biggest game properties including Thronebreaker: The Witcher Tales spinoff, The Witcher 3, a ray-traced version of The Witcher 3Cyberpunk 2077, virtual card game Gwent and copies of the company’s internal documents. Experts suspect HelloKitty ransomware is behind the attack.

Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware can give cybercriminals access to your corporate secrets like source code of schematics that they can sell to enrich themselves and hurt your business.

ID Agent to the Rescue: Is your company in danger from insider threats like careless employees clicking on a ransomware-laden phishing email when they shouldn’t? Get our Stop Insider Threats eBook! GET THIS RESOURCE>>


supply chain risk represented by a handshake overlaid with an image of a chain in green on a black background.

Is Your Biggest Security Threat Already Inside Your Business? Learn to spot and stop insider threats with this kit>> DOWNLOAD IT



Australia – QIMR Berghofer Medical Research Institute 

https://portswigger.net/daily-swig/australian-research-institute-confirms-likely-data-breach-after-third-party-accellion-hack

Exploit: Third Party Data Breach

QIMR Berghofer Medical Research Institute: Medical Research Facility 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.802 = Severe

Investigators handling a breach at QIMR Berghofer Medical Research Institute have announced that certain data stored in a file-sharing system from third-party service provider Accellion has been improperly accessed. Officials say that they were told that their data had been impacted by a breach at Accellion in December 2020, and subsequently discovered that around 4% of their data held by Accellion had been compromised. QIMR Berghofer said that it used Accellion’s services to share data related to clinical trials of anti-malaria drugs.

Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Third party risk is everywhere, and as the world grows more interconnected with more outsourcing of things like data storage, every company must be cautious about protecting itself against third party risk.

ID Agent to the Rescue: Learn more about keeping your data and systems safe the right way with our Cybersecurity Resolutions Checklist. DOWNLOAD IT>>




1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.



Go Inside the Ink to Get the Inside Scoop on Cybercrime

Cybersecurity is serious business, but it doesn’t always have to have a serious tone. These 5 posts make cybersecurity fun while helping you solve unexpected difficulties for your clients!




Make Your Battle Plan for Profit!


Are you ready to conquer the market and drive your MSP to greater success? This webinar gives you the tools to make a winning battle plan that speeds you to your goals or even exceeds them! ID Agent’s Channel Development Manager Amelia Paro and MSP expert Charles Henson are here to help you with Making a Battle Plan for Profit. 

Learn essential skills that help you plot your course to success including :

  • How to build the perfect security stack
  • Where to look for new sales opportunities
  • What to do to turn prospects into clients
  • And so much more!


3 Smart Ways That MSPs & SMBs Can Beat Ransomware Together 


Ransomware threats have been continuing to climb, with a more than 40 percent increase in attacks in Q3 2020 alone. In a recent survey,  70 percent of MSPs report ransomware as the most common malware threat that they’re facing when working to secure to SMBs. The good news for recession-battered MSPs 50 percent of survey respondents said thattheir clients have increased their budget for IT security including solutions and training in 2020, but how can you utilize that spending power to maximize protection against threats like ransomware?



Educate


Encourage your clients to engage in increased and augmented security awareness and phishing resistance training. Far too many employees still get taken in by phishing. Proper security awareness training can reduce their chances of falling victim to phishing-based cyberattacks by up to 70 percent, as long as that training is updated every 3 – 4 months. Ransomware is commonly the poisoned cargo of a phishing email, and increasing phishing resistance is crucial for stopping it. Every business of every size in every industry is at risk of a damaging phishing attack. No one is immune.

The new BullPhish ID helps you show your clients the value of increased training with simple, easy-to-read reports that detail exactly how well their training program is going to show them how much value they’re getting for their money. Plus, the new white labeling capability, training material customization tools, and the ability to create custom URLs means that you keep your MSP top-of-mind effortlessly. Your clients will love new, user-friendly training portals (that you can white label) that make training a breeze for everyone. A high-end training experience with fewer headaches is a win for you both!


Secure


Sometimes, even the most security-conscious employees make a mistake and click on a dodgy email or follow a bad link. Human error is a fact of life for every business. In a recent survey, common accidental employee behaviors cited as likely to result in cyberattacks include clicking on a malicious link or downloading a compromised file (43%), falling victim to phishing emails (39%) and unauthorized use of devices and applications (35%). Those are the kind of mistakes that can open the door to ransomware nightmares.

Make sure that you share that data with your clients. It’s important that they understand that no solution or plan is perfect – the biggest threat to any cybersecurity plan is people! So you and your client should work together to find and fill security gaps to add extra protection against human error. Secure identity and access management with Passly is the ideal jack-of-all-trades solution for budget-minded clients. Multifactor authentication alone mitigates against many of today’s most dangerous cyberattacks, and single sign-on plus remote management tools provide an excellent means to both increase access point security (something more than 75 percent of companies need to do), and quickly respond to attacks.


Prepare


What should your client do if they experience a ransomware attack? Having a plan in place for incident response is just as important as having the right solutions in securing systems and data against ransomware. Have you created an emergency response plan for each of your clients and reviewed it with them? Having a solid security response plan can save more than 30 percent of the cost of an incident, but only 21 percent of companies have one in place.

In today’s explosive cybersecurity world, your clients need to be ready for anything. Work with them to make sure that everyone is on the same page by building a solid cybersecurity incident response plan that fits their needs and update it as their business evolves. Part of building that plan should start with increasing their cyber resilience. It’s not good enough just to build defenses anymore, companies have to be ready to pivot to respond to today’s sophisticated cyberattacks and keep working.

Contact the experts at ID Agent and let’s talk about how we can work together to help you find exactly the right solutions to secure your clients against ransomware, build your business, and deliver an excellent customer experience.


Land and keep more clients when you know the secret to creating an unforgettable customer experience!

LEARN IT NOW!>>



Feb 18 – Making a Battle Plan for Profit EMEA – REGISTER NOW>>

Feb 23 – 24 – TruMethods MSP Cyber Resilience Workshop REGISTER NOW>>

Feb 25 – MSP Mastered® Level 1: Pricing and Bundling for Profit – REGISTER NOW>>

Mar 3 – Business Management Online Summit REGISTER NOW>>

Mar 11 – The MSP Lounge (EMEA Special) REGISTER NOW>>

Mar 11 – MSP Mastered® Level 1: Developing Effective Master Service Agreements and SOWs REGISTER NOW>>

Mar 23 – Xaas Summit: Innovation on Demand Via the Channel (EMEA Special) REGISTER NOW>>

Mar 25 – MSP Mastered® Level 1: Optimizing and Integrating Your Business Platforms REGISTER NOW>>

Mar 31 – Apr 1 – Zero Trust World (MSP Edition) REGISTER NOW>>




Protect Against the Number One Cause of a Data Breach – Human Error


CISOs around the world agree – human error is the most dangerous threat that any cybersecurity plan can face. In a recent study, 55% of survey respondents noted that human error and lack of cybersecurity awareness is their top concern. Even though they were concerned, 44% of the survey respondents stated they did not know how to discover who should be counted among the most at-risk employees for a major mistake.

So how can an organization add protection that helps guard against damage done by employee cybersecurity mistakes if it doesn’t know who might be in line to make those mistakes? By adding a strong guardian that protects your systems and data from all sorts of cybersecurity disasters that’s both effective and cost-effective.

Using a secure identity and access management solution like Passly to guard your access points is the fastest way to stop many of today’s worst threats without breaking the bank. It’s a crucial mitigation for today’s flexible workforce, enhancing security no matter where your staff is working from. That’s why more than 40% of CISOs chose secure identity and access management as their top cybersecurity priority in 2021.



The biggest shield that you gain against cybercrime with Passly is multifactor authentication. This single mitigation on its own can stop more than 90% of password-based cybercrime. That includes the majority of attacks based on credential compromise, the damage from password theft by phishing, the dangers of reused passwords and many other common human error driven catastrophes. Multifactor authentication is an absolute must-have for every business.

Every employee makes errors. Security awareness training and building a strong cybersecurity culture are important to reducing the incidence of mistakes, but you’ll never stop them all. By taking the proper precautions against damage caused by human error, you can keep your systems and data safe even when staffers aren’t on their toes.



Get high-quality tools to help you connect with your customers with our free resources for marketing and education like eBooks, webinars, social media graphics, infographics, and more!

Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Just send an email to [email protected] to let us knowwe welcome your feedback and we love to hear about how our content works for you!

Ready to become an ID Agent Partner or learn more about our remote-ready suite of cybersecurity solutions including the award-winning DarkWeb ID? Contact us today!