The Week in Breach News: 04/21/21 – 04/27/21
Ransomware is a rising tide, setting new records in the UK, hitting Apple supplier Quanta, raining on airlines’ parades by taking down Radixx and flooding businesses with risk worldwide. We’ll share some tips for securing your clients plus the MVP Growthfest recording is now available as are two new case studies!
See how to fix staffing problems, fill security gaps and make more money fast with security automation. LEARN MORE>>
United States – Manhunt
https://www.infosecurity-magazine.com/news/dating-service-suffers-data-breach/
Exploit: Hacking
Manhunt: Dating App
Risk to Business: 1.667= Severe
Social network and dating site Manhunt has suffered a data breach. The company filed a declaration with Washington state regulators disclosing that the 20-year-old site was compromised in a cyberattack that took place in February 2021. An unauthorized third party downloaded personal information belonging to some Manhunt users after gaining access to the company’s account credential database. In the notice of data breach, Manhunt revealed that the personal information of an estimated 7,714 Washington residents had been affected, but did not say how many of the site’s approximately 6 million users outside of Washington state were affected.
Risk to Business: 1.667= Severe
The compromised database contained customers’ usernames, email addresses, and passwords. After discovering that a breach had occurred, Manhunt performed a forced reset of all users’ passwords. The stolen information could be used to mount phishing, blackmail and identity fraud attacks.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business: Hacking into databases is a profitable enterprise for cybercriminals, especially when juicy personal details are acquired. If you’re storing that kind of information, ensuring that you’re using strong security for information storage is essential.
ID Agent to the Rescue: Make sure that everyone on the IT team is up to date on today’s threats and ready for tomorrow’s with the tips and tricks in “The Security Awareness Champion’s Guide“. GET THIS FREE BOOK>>
United States – Eversource Energy
Exploit: Unsecured Database
Eversource Energy: Power Company
Risk to Business: 1.807= Severe
Eversource Energy, the largest energy supplier in New England, has suffered a data breach after customers’ personal information was exposed on an unsecured cloud server. The company serves 4.3 million electric and natural gas customers throughout Connecticut, Massachusetts, and New Hampshire. The unsecured database allegedly contained unencrypted files created in August 2019 that included the personal information of 11,000 Eversource eastern Massachusetts customers.
Risk to Business: 2.177= Severe
Eversource Energy disclosed to customers that the unsecured cloud storage server exposed their name, address, phone number, social security number, service address, and account number. The utility is offering a free 1-year identity monitoring service for impacted customers through Cyberscout.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Unsecured data is a rookie move. Make sure that everyone is following cybersecurity best practices to avoid costly mistakes.
ID Agent to the Rescue: Make sure that you’re covering all of the bases to avoid breaches and nasty regulatory action with our Cybersecurity Risk Protection Checklist. GET THE CHECKLIST>>
United States – Radixx
Exploit: Malware
Radixx: Software Company
Risk to Business: 2.207 = Severe
Travel software company Radixx has disclosed a data breach caused by a malware attack that has triggered a dayslong outage, snarling reservations systems at about 20 low-cost airlines around the world. The company said it noticed “unusual activity” around its reservations program on Tuesday. It did not describe the malware or say how it got into the program. Radixx’s parent company is travel software giant Texas-based Sabre Corp.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Hacking that disrupts operations has become an increasingly serious problem for businesses that provide services like software and data storage.
ID Agent to the Rescue: Keep your data in and the bad guys out with Passly. By including multiple security essentials into one tool, Passly does the job of multiple solutions at a price everyone will love. WATCH A VIDEO DEMO>>
United States – Gyrodata
Exploit: Ransomware
Gyrodata: Mining Technology
Risk to Business: 2.463 = Severe
A ransomware attack against mining technology organization Gyrodata has potentially leaked the sensitive information of current and former employees. Gyrodata said it has been the victim of a ransomware attack that led to a possible data breach. So far, the number of potential victims has not been confirmed, though Gyrodata, which is headquartered in Houston, Texas, has multiple offices worldwide in countries including Saudi Arabia, UAE, Ecuador, Malaysia, and Scotland.
Individual Impact: No sensitive personal or financial information was confirmed as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware has been an increasingly popular tool for cybercriminals to use against targets in the education sector. Preventing it from hitting systems is just as important as protecting data.
ID Agent to the Rescue: Stopping ransomware starts with stopping phishing. in “The Phish Files“, you’ll learn strategies to spot and stop phishing attacks fast. READ THIS BOOK>>
Is your password a zero or a hero? Find out in our ebook Is That Your Password? DOWNLOAD IT>>
United Kingdom – University of Portsmouth
https://www.infosecurity-magazine.com/news/campus-closed-portsmouth/
Exploit: Ransomware
University of Portsmouth: Institution of Higher Learning
Risk to Business: 1.672 = Severe
IT systems at the University of Portsmouth were knocked offline this week after a supposed ransomware attack, delaying the start of the new term. Although it was due to open on Monday for the start of the summer term, the university campus will continue to remain closed to students until at least 04/30/21 due to an inability to access online learning or data tools.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware, especially targeted ransomware, is the weapon of choice for cybercrime, and ransoms have been skyrocketing as criminals grow more brazen about disrupting business operations and holding them hostage until they’re paid.
ID Agent to the Rescue: Don’t let cybercriminals slow your business down – learn to mitigate the risk of trouble in Ransomware 101. DOWNLOAD FREE EBOOK>>
France – Laurent Perrier
Exploit: Ransomware
Laurent Perrier: Champagne Maker
Risk to Business: 2.217 = Severe
French Champagne giant Laurent Perrier had fallen victim to ransomware. The company is beginning investigation and recovery, but some IT systems are still offline, impacting production and delivery. The French champagne house is the main company of the Laurent-Perrier Group, whose other flagship brands include the houses of Salon, De Castellane and D.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Cybercriminals love ransomware because it is easy and profitable. Companies need to pay close attention to ransomware trends to stay out of their clutches.
ID Agent to the Rescue: Learn more about the impact of ransomware in 2020 and see how we expect it will impact businesses in 2021 in The Global Year in Breach 2021. GET THIS BOOK>>
Australia – ClickStudios
Exploit: Hacking
ClickStudios: Password Security Software Company
Risk to Business: 2.112 = Severe
Researchers report that password manager maker ClickStudios suffered a breach, sometime between April 20 and April 22, which resulted in the attacker dropping a corrupted update to its password manager Passwordstate. A zip file contained a dynamic link library with the malicious code, according to the blog. The associated malware dubbed Moserpass – which was in the file name of a malicious dll found by researchers – called out to a command and control server to execute the next stage of the attack. However, that server went down before CSIS Security Group could grab and examine any second-stage malware that might have been used in follow-up operations. The compromise is under investigation.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is the weapon of choice for cybercrime, and ransoms have been skyrocketing as criminals grow more brazen.
ID Agent to the Rescue: Get the tools that you need to conduct security awareness training that includes phishing resistance painlessly in the new BullPhish ID. SEE THE UPDATE WEBINAR>>
Taiwan- Quanta
Exploit: Ransomware
Qanta: Technology Manufacturing
Risk to Business: 1.661 = Severe
Apple supplier Qanta is dealing with a suspected ransomware incident. Quanta Computer is a manufacturer of many flagship Apple products, including its MacBook line. Russian hacker group REvil is the culprit. The gang says that it has had accessed confidential data from the Taiwan-based contract manufacturer’s servers. the data includes stolen blueprints for unreleased products, and the hackers are threatening to release more. data after posting samples on their hack site. The ransom demand is rumored to be in the tens of millions of dollars and the cybercriminals are demanding payment by May 1.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Cybercrime is around every corner, especially ransomware. Protecting sensitive data like schematics and blueprints is vital for components and technology manufacturers, especially for new products.
ID Agent to the Rescue: Is your organization ready to repel cyberattacks and keep on going? You are if you’re cyber resilient. Learn how to transform your business in “The Road to Cyber Resilience” today. GET THIS BOOK>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
Go Inside the Ink to Get the Inside Scoop on Cybercrime
Are you up to date on the latest news that can impact your business and your customers? Here’s a recap:
- Why You Should Worry About the Booming Dark Web Economy
- Lessons Learned from the Global Year in Breach: Remote Workforce Security Presents Challenges
- The Week in Breach: 04/07/21 – 04/13/21
- 10 Must-See Business Email Compromise Statistics
- Don’t Put Off Cybersecurity Incident Response Planning
Don’t become a cybercrime statistic. The Cybersecurity Risk Protection Checklist will help you find and fix security gaps. GET IT>>
Learn How to Overcome Challenges and Crush the Competition
MVP Growthfest 2021 was an amazing afternoon of growth-focused energy. Featuring four expert-led panels devoted to building your MSP business, the crown jewel was a fascinating discussion with The Great One, keynote speaker Wayne Gretzky. If you couldn’t join us (or you just need to review a few things) here’s what you may have missed:
- Insightful panels on overcoming challenges and pushing forward to win
- Tips on shifting your focus to profit from the hybrid work trend
- Advice on building sales, customer retention and prospecting from experts who have been in the trenches
Don’t wait! While the panels will be available for the long term, the interview with Wayne Gretzky is only available until 07/23/21. LISTEN NOW>>
New Case Studies
The ID Agent Digital Risk Protection Platform gives you incredible security and incredible value. But don’t just take our word for it – check out two new case studies to see how our solutions are working for these organizations!
Record-Setting Ransomware Risk Can’t Be Ignored
Ransomware risk is skyrocketing around the world. Although other cyberattacks like nation-state hacking and supply chain data breaches may be occupying the tech headlines, no one can afford to turn their backs on the nasty hydra that ransomware has become in 2021. A wide variety of players jockeyed for position including Emotet, REvil, Clop, and nation-state threat actors. From stopping production lines to stealing data, ransomware gangs are growing bolder by hitting precisely positioned targets and asking for bigger ransoms – and that commitment to strategy is why every business should take this threat seriously.
An unusual cocktail of factors created a fertile ground for ransomware. Experts point to factors like the sudden shift to remote workforce security combined with operational neglect due to the pandemic and the stumbling economy as components of an environment that enabled cybercriminals to hit businesses with near impunity – especially in the beleaguered healthcare sector. A surge in email usage also boosted the opportunity for email-based cybercrime. An estimated 8 of 10 organizations increased their email traffic in 2020, leading to a 64% increase in email threat volume.
In a recent survey, researchers determined that approximately 61% of organizations worldwide experienced a damaging ransomware incident in 2020. Drilling down deeper, those unfortunate organizations lost an average of six working days to system downtime, with 37% saying downtime lasted one week or more after that incident. In an effort to recover much-needed data, an estimated 52% of companies held to ransom by cybercriminals paid them off, but only 66% of the payers were able to recover their data. Another 34% of payers never saw their data again.
The increase in the number of ransomware attacks logged in Q4 2020 over the same period in 2019 are astonishing. Cybercriminals had favorable conditions for conducting ransomware attacks and juicy targets abounded, like hospitals and shipping companies directly needed to fight the global pandemic. They didn’t waste their chance to make a big score, either. Ransomware attacks recorded by researchers climbed by 80% in the UK, but that wasn’t even close to the top of the chart. Other notable increases in ransomware attack frequency were the US (98.1%), Germany (145%), Spain (160%), and Sri Lanka (436%). This huge surge in cybercrime has helped produce a thriving dark web economy for stolen data.
See how to fix staffing problems, fill security gaps and make more money fast with security automation. LEARN MORE>>
That trend is set to continue or worsen in 2021 as cybercriminal organizations refine their post-pandemic attacks to do more damage and earn more money. Targeted ransomware is the new trend, and it is exploding. Researchers determined that targeted ransomware has grown by an eye-popping 767%, easily dwarfing all other types. This increase has been especially felt in the APAC region. Recent numbers logged by UK researchers tell a chilling tale as well, with a record-breaking 11% year-on-year increase in attacks against UK targets in Q1 2021. UK businesses encountered 172,079 cyberattacks each, on average, between January and March 2021, the equivalent of 1,912 per day
Cybersecurity experts are pointing to a wide variety of potential trouble spots as factors that may help cybercriminals increase their targeted ransomware attacks even more. Budget cuts can lead to organizations failing to update technology. A huge backlog of basic maintenance and patching can leave businesses exposed to flaws. Plus a vast quantity of information snatched from key service providers like BlackBaud and Accellion have opened organizations to risk that they don’t even know about yet. In a 2021 survey, 70% of survey respondents said that they believe that their business will be harmed by email attacks in the next year, up from 59% in 2020. That means that now is the time to take precautions against email-based cybercrime like targeted ransomware. So how can you secure your clients against this risk? Here are our best tips.
Get the cheat codes to defeat cybercrime in our eBook The Security Awareness Champions Guide GET IT NOW>>
Give Phishing the 1 -2 Punch
Just under 70% of ransomware is delivered via phishing. Stopping phishing from causing a cybersecurity incident will greatly reduce an organization’s chance of falling victim to ransomware. Strengthen phishing defenses by adding automated antiphishing security with Graphus that stops 40% more dangerous messages from reaching employee inboxes than competing solutions. Then follow that up with customized phishing resistance and security awareness training delivered through a user-friendly portal with BullPhish ID. Choose plug-and-play modules or personalized campaigns that mimic the real industry threats that your clients’ employees will face, reducing their chance of falling victim to a ransomware attack by up to 70%.
Guard Against Surprise Dark Web Threats
How much data about your client’s business is floating around on the dark web? On average, 65% of the information on the dark web at the start of 2020 could damage businesses, and more than 22 million more records were added in the last 12 months including huge lists of passwords. That’s why it’s a smart move for companies to use Dark Web ID to keep an eye out for trouble – 91% of employees in a 2020 survey understood the risk of password reuse, but 59% admitted to doing it anyway, opening their companies up to danger. No one has the time or money o deal with the impact of that unpleasant surprise.
Keep Data Locked Down
Placing strong protections between cybercriminals and data starts with secure identity and access management. Passly gives clients the maximum bang for their buck, featuring multifactor authentication (perfect for defending against a phished password and 99% of password-based cybercrime in general). They also get the value of 2 – 3 more solutions with the other security essentials like single sign on, secure shared password vaults and fast automated password resets all tied up in one affordable package – plus with easy remote management and deployment, making it perfect for supporting today’s hybrid workforce. It pairs well with Spanning’s easy-to-use SaaS backup data protection for Microsoft 365, G Suite and Salesforce that empowers administrators and users to restore data and get back to work in just a few clicks, another important part of IT Complete.
Are you ready to fight back against cybercrime? See where 2021’s threats are coming from and what’s next. DOWNLOAD THE REPORT>>
May 5: Deploy Your Secret Weapon: Security-Savvy Employees w/ Lisa Forte Webinar REGISTER NOW>>
May 11: Phish and Chips – Demo Webinar and Free Lunch! REGISTER NOW>>
May 11 – 14: Robin Robins Boot Camp (Orlando and Virtual) REGISTER NOW>>
May 13: MSP Master Certification: Proper Service Desk Incident Escalation and Lifecycle Management for Resolution REGISTER NOW>>
May 26: MSP Gym (EMEA Edition) REGISTER NOW>>
Ransomware Risk is a Rising Tide That Can Swamp Your Business
Cybercriminals are refining their approach to ransomware, and risk has risen worldwide. Targeted ransomware is today’s rising trend. Researchers determined that targeted ransomware has grown by an eye-popping 767%, easily dwarfing all other types. Recent numbers logged by UK researchers show a record-breaking 11% year-on-year increase in attacks against UK targets in Q1 2021.
Every business is at risk of falling victim to ransomware – after all, more than 60% of organizations worldwide experienced a damaging ransomware incident in 2020. Ransomware has especially battered healthcare targets, but that’s not the only industry that’s experiencing increased risk. No matter the size, your business is at an increased risk of experiencing a ransomware incident in today’s volatile threat landscape, and that danger is growing.
How can you guard against becoming a victim of targeted ransomware? By taking sensible precautions that keep your systems and data safe, like phishing resistance training using BullPhish ID. Your employees can learn to spot and stop real risks that are prevalent in your industry in customized phishing simulations. If you’re not already using multifactor authentication with Passly, this is a great time to add it. It stops 99% of password-based cybercrime, including cybercriminals with a password that they just phished off an unwary employee.
In a 2021 survey, 70% of survey respondents said that they believe that their business will be harmed by email-based attacks like targeted ransomware attacks in the next year, up from 59% in 2020. But you don’t have to join that number- put strong protections in place now and you can have peace of mind that you’ve chosen a powerful defense for your essential systems and data.
See how ransomware really works, who gets paid & what’s next in our tell-all Ransomware Exposed! DOWNLOAD IT>>
Get high-quality tools to help you connect with your customers with our free resources for marketing and education like eBooks, webinars, social media graphics, infographics, and more!
Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Just send an email to [email protected] to let us know – we welcome your feedback and we love to hear about how our content works for you!
Ready to become an ID Agent Partner or learn more about our remote-ready suite of cybersecurity solutions including the award-winning DarkWeb ID? Contact us today!
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!
Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>
See Graphus in action in an on-demand video demo WATCH NOW>>
Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!