Please fill in the form below to subscribe to our blog

The Week in Breach News: 05/26/21 – 06/01/21

June 02, 2021

Cybercriminals pulled off a meaty breach at JBS SA, Canada Post is wrapped up in a third-party breach, how federal data breach and infrastructure risk reduction efforts might impact businesses and 5 webinars to help you harness new revenue streams!


dark web economy represented by the words dark web in white on a black background blurred like a faint tv transmission

Explore the dark web with experts & get a deck of screenshots in Unveiling Cybercrime Markets on the Dark Web. WATCH NOW>>



United States – DailyQuiz

https://therecord.media/8-3-million-plaintext-passwords-exposed-in-dailyquiz-data-breach/

Exploit: Hacking

DailyQuiz: Entertainment App 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.655= Severe

The personal details of 13 million DailyQuiz users have been leaked online after a hacker breached the app developer’s database. Millions of user passwords were stored in that database unsafely in a plain text format and were subsequently stolen. Researchers recently discovered that the DailyQuiz database was up for sale in dark web data markets.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.711= Moderate

Users should be aware that their passwords have been compromised and change any accounts that share that password as well as updating their DailyQuiz accounts.

Customers Impacted: 13 million

How It Could Affect Your Customers’ Business: Weak password storage is symptomatic of low cybersecurity safety standards and shows clients that you don’t take their data privacy seriously.

ID Agent to the Rescue: Are your clients protected from common risks? Make sure they’re covered with our Cybersecurity Risk Protection Checklist. GET THE CHECKLIST>>


United States – Rehoboth McKinley Christian Health Care Services (RMCHCS) 

https://portswigger.net/daily-swig/us-healthcare-non-profit-reports-data-breach-impacting-200-000-patients-employees

Exploit: Hacking

Rehoboth McKinley Christian Health Care Services (RMCHCS): Health Non-Profit

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.833= Severe

Rehoboth McKinley Christian Health Care Services (RMCHCS) has reported a data breach reported caused by improper access to data impacting around 200,000 patients and employees. RMCHCS operates a 60-bed acute care hospital and four clinics providing emergency care, cancer care, and hospice and pediatric services in Arizona and New Mexico. The company did not say how the data was improperly accessed.

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.833= Severe

RMCHCS states that the breached material includes names, dates of birth, postal addresses, telephone numbers, and email addresses, as well as Social Security, driver’s license, passport and (for Native Americans) tribal ID numbers. Healthcare-specific details of patient care were also involved, but it’s not consistent across accounts. Healthcare data potentially impacted may include medical record numbers, dates of service and healthcare provider names; prescription, treatment, and diagnosis information; and billing and claims information, including financial account information.

Customers Impacted: 200,000

How it Could Affect Your Customers’ Business Data theft is always a problem, but theft of medical data is a disaster for healthcare orgs that will have to pay major fines for security failures.

ID Agent to the Rescue:  Which data breach risks should you be most concerned about? Find that information and more useful data to inform security decisions in The Global Year in Breach 2021. READ IT NOW>>


United States – Bose

https://www.hackread.com/logistics-giant-leaks-data-lolz-when-alerted/

Exploit: Ransomware

Bose: Audio Equipment Maker 

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.812= Moderate

Audio manufacturing titan Bose disclosed a data breach following a ransomware attack that hit the company’s systems in early March. In a regulatory filing, the company explained that a small amount of employee data had been potentially exposed as had several unnamed spreadsheets. No customer or other proprietary data was reported as compromised but the investigation is still ongoing.

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.812= Moderate

According to the company, a very small amount of employee personally identifying data and payroll data was compromised. Current and former employees should be alert to spear phishing and identity theft.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.

ID Agent to the Rescue:  Secure your data and systems against today’s nastiest threat with Ransomware 101, our most popular eBook, to guide you through how to secure your clients effectively. READ IT>>


global year in breach depicted as a printed report.

Give your clients the cold, hard facts that tell the tale of exactly how much danger their business is in. GET THIS FREE BOOK>>



Canada – Canada Post

https://globalnews.ca/news/7894760/canada-post-data-breach/

Exploit: Third Party Data Breach

Canada Post: Postal Service 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.882 = Severe

A supplier’s malware attack is responsible for a nasty data breach at Canada Post affecting 44 of the company’s large business clients and their 950,000 receiving customers. The exposure comes from Commport Communications, an electronic data interchange (EDI) solution supplier that manages shipping data for business customers, informed Canada Post that address data associated with some of their customers had been compromised in May 2021. Canada Post has announced that only shipping information pertaining to less than 50 corporate customers was involved.

Individual Impact: No sensitive personal or financial information has been declared compromised in this incident and the investigation is ongoing.

Customers Impacted: 44 companies and an estimated 950,000 individual addresses

How it Could Affect Your Customers’ Business: Third-party and supply chain data breaches like this one are becoming all too common as clever cybercriminals go for data-rich targets – and the problem will only get worse thanks to booming dark web data markets.

ID Agent to the Rescue: Get expert advice to minimize damage from incidents like this in our ebook Breaking Up with Third Party and Supply Chain RiskGET THE BOOK>> 



 United States – JBS SA

https://www.cnn.com/2021/06/01/tech/jbs-usa-cyberattack-meat-producer/index.html

Exploit: Ransomware

JBS SA: Meat Processor

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.221 = Extreme

International meat supplier JBS SA has been hit by a ransomware attack. The world’s largest meat producer, Brazil-based JBS has operations in 15 countries and serves customers worldwide including the US, Australia and Canada. The company is in contact with federal officials and has brought in a “top firm” to investigate and remediate the incident which is potentially tied to nation-state cybercrime. JBS stated that the attack only impacts some supplier transactions and no data was stolen.

Individual Impact: No sensitive personal or financial information was reported as compromised in this incident and the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware is the preferred weapon of cybercriminals, especially of the nation-state variety, for its potential for business disruption without even stealing data.

ID Agent to the Rescue: BullPhish ID provides customizable security awareness training including phishing resistance that enables MSPs to conduct training on industry-specific threats. SEE IT AT WORK IN A NEW VIDEO!>>


supply chain risk represented by a handshake overlaid with an image of a chain in green on a black background.

Is Your Biggest Security Threat Already Inside Your Business? Learn to spot and stop insider threats with this kit>> DOWNLOAD IT



Australia – TPG Telecom

https://www.zdnet.com/article/a-pair-of-tpg-trustedcloud-customers-were-breached/

Exploit: Hacking

TPG Telecom: Communications Technology 

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.115 = Extreme

TPG Telecom has announced that it had the data of two unnamed large customers improperly accessed on its legacy TrustedCloud hosting service. It added it did not believe any other customers were impacted by the breach. The service was part of a 2011 acquisition by the telecom and is set to be decommissioned in August 2021. An investigation is underway and authorities have been informed.

Individual Impact: At this time, no sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Attacks on older systems are often easy money for cybercriminals looking for data to sell with a low overhead and fast turnaround time.

ID Agent to the Rescue: Make sure you’re protecting aging assets with strong security, including strong passwords with our Build Better Passwords eBook. GET IT>>


Are you in a bad relationship third-party & supply chain risk? Our eBook can help you break free and live your best life! GET IT NOW>>



Japan – Net Marketing Co.

https://www.japantimes.co.jp/news/2021/05/22/business/tech/omiai-dating-app-hack-japan/

Exploit: Hacking

Net Marketing Co.: App Creator 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.922 = Severe

Japanese app company Net Marketing Co. said Friday that the personal data of 1.71 million users of one of its apps has been compromised in a hacking incident. The company is the operator of the popular dating app Omiai. Net Marketing said that Omiai customer information provided to the company between January 2018 and last month has been accessed on more than one occasion by unauthorized parties and PII on users may have been stolen.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.942 = Severe

The company notes that assorted user data, including names, identity cards, addresses, email addresses and face photos, was likely leaked due to unauthorized access to its server. Customers that use the Omiai app should be cautious for spear phishing and identity theft risk.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Personal data like this is a hot commodity in booming dark web data markets. Failing to protect it adequately makes it catnip for cybercriminals.

ID Agent to the Rescue: Protect your data from unwelcome visitors with a strong password policy that helps keep credentials secure. Our eBook “Is This Your Password” gives you a look at password dos and don’ts. READ IT>>


Don’t let cybercriminals steal your profits! Learn to spot and stop ransomware fast in Ransomware 101. GET IT>>



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.



Go Inside the Ink to Get the Inside Scoop on Cybercrime


Are you up to date on the latest news that can impact your business and your customers? Here’s a recap:


should you diclose a data breach represented by the words "hacking detected" in red on a blue and white touchscreen

Don’t become a cybercrime statistic. The Cybersecurity Risk Protection Checklist will help you find and fix security gaps. GET IT>>



New Sources of Revenue Are in Bloom


Now is the perfect time to take advantage of new opportunities and grow your revenue with new business strategies!

MSP Cybersecurity Webinar – Learn how to differentiate your MSP from the competition fast. WATCH NOW>>
The Ultimate Customer Retention Blueprint – Secrets for getting your clients to stick around and buy more. WATCH NOW>>
Making a Battle Plan for Profit – Write your roadmap to success and find your ideal profit strategy. WATCH NOW>>
Lessons Learned for the Pandemic – Make your post-pandemic plan to enter a new, profitable growth phase. WATCH NOW>>
Customer Experience Confidential – Separate your MSP from the competition with an incredible customer experience. WATCH NOW>>


Help your clients stay off of cybercriminal hooks with the expert tips and strategies that we share to combat phishing in our webinar The Phish Files. LISTEN NOW>>



In the Wake of Colonial Pipeline, Federal Infrastructure & Contracting Rules Are Under Scrutiny


US officials have been mulling new cybersecurity regulations for various types of businesses in the wake of the Solarwinds disaster and the recent ransomware incident at fuel pipeline operator Colonial Pipeline. Although officials initially mused that the attack was from sophisticated nation-state threat actors, it was ultimately determined that the culprits were actually an unaffiliated major ransomware gang, DarkSide. Investigations showed that one of the reasons why a general ransomware gang was able to lock down this infrastructure linchpin was sloppy cybersecurity. That led to officials at every level of government becoming concerned about the power of ransomware to take down similar targets – a possibility that was neatly exemplified by this week’s attack at international meat behemoth JBS.

The attack at JBS marks the second recent attack on under-the-radar yet critical infrastructure targets in as many months. The company announced on Monday that a cyberattack had severely impacted operations at its subsidiary arms in the US and Australia. Experts estimate that 1/3 of US beef production is served by JBS. Early reports are pointing the finger of blame at nation-state threat actors, but that should be taken with a grain of salt – early reports said the same thing about Colonial Pipeline and it turned out not to be true. On Tuesday afternoon, White House spokeswoman Karine Jean-Pierre said the United States has contacted Russia’s government about the matter and that the FBI is investigating.


Learn the strats to beat today’s nastiest cybersecurity mobs in the Security Awareness Champion’s Guide. GET IT>>


Infrastructure is More Than Bridges and Roads


The shockwaves that followed in the wake of Colonial Pipeline spurred the US federal government to work on several levels in an attempt to play catchup after years of lax cybersecurity oversight. That lack of scrutiny had led to gaping holes in the safety net for critical US infrastructure and supply chain service providers, a circumstance that cybercriminals are more than willing to exploit. Persistent cybersecurity vulnerabilities in myriad industries have left the White House and Congress scrambling as citizens demand answers. The federal government has just begun taking steps to address the problem but it’s facing a long road to security improvements that will assure voters that infrastructure is protected from increasing cyberattack danger.

In an Executive Order signed on May 12th, President Biden laid down an initial framework for response. The order declares that “It is the policy of my Administration that the prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security.  The Federal Government must lead by example.  All Federal Information Systems should meet or exceed the standards and requirements for cybersecurity set forth in and issued pursuant to this order.” Included in the Executive Order is a directive for top officials at the Office of Management and Budget (OMB), the Department of Defense (DOD), the Department of Homeland Security (DHS), along with the US Attorney General and the Director of National Intelligence to review cybersecurity rules in the Federal Acquisition Regulation (FAR) bible and the Defense Federal Acquisition Regulation Supplement (FARS) to recommend changes to contract requirements and language for contracting with IT and OT service providers to ensure compliance with cybersecurity best practices. Those changes will then enter the federal rulemaking process for finalization.

Also included in the Executive Order, the President has instructed DHS and OMB that they have 120 days to institute a method by which federal and infrastructure service providers can quickly and reliably share data with agencies including the Cybersecurity Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) about threats, incidents and risks that present danger to infrastructure targets. In the Colonial Pipeline incident, the FBI and CISA were not informed by the company until well afterward. The Order goes on to lay down specifications for different requirements based on the work that the contractor does. It also includes calls for oversight into software development, new standards and practices to be developed by the National Institute of Standards in Technology (NIST), IoT consumer labeling guidelines and a host of smaller tech initiatives.

A notable section of the report did not get as much airtime as the splashier regulatory actions but may hold special relevance for MSPs and their clients who serve the federal government as insight into what upcoming rule changes may look like. The Executive Order lays out a new federal approach to data handling and cybersecurity, influenced by its recent Microsoft contretemps, instructing all agencies to update their existing cybersecurity plans to prioritize resources for the adoption of more security automation and universal use of cloud technology. The Order also directs every agency to develop a plan to implement zero trust architecture throughout the federal establishment. This was followed up with a mandate for CISA and the General Services Administration (GSA) to develop an updated federal cloud-security strategy that operates on zero trust principles.


get cyber resilient to avoid healthcare ransomware attacks

Don’t let cyberattacks put the brakes on your business. Start your journey on The Road to Cyber Resilience now! DOWNLOAD IT>>


The Impact on Businesses Will Be Profound


As the US federal government begins rolling out these sweeping changes, looking at the end goals of the initiatives can help organizations understand what federal authorities are considering in terms of cybercrime risk, what federal cybersecurity will look like going forward and how these new regulations combat challenges like social engineering that can complicate security. After rulemaking finishes, the requirements will give federal contractors and service providers an idea of what to expect in future project requirements and through the bidding process, to help them ensure that their business is compliant with stricter information security policy before they start putting together a bid. In its final form, this Order also gives everyone in tech a glimpse into what the government’s cybersecurity experts are going to be scrutinizing moving forward in fields like automation, regulation and even ransomware policy.

This spate of new regulations and requirements may impact your customers and your business in many ways. While the wake-up call that the US federal government received from recent cybersecurity disasters will bring much-needed updates to the way that federal agencies handle information, it also carries implications for the SMBs who assist in that process. New regulations about the security features needed to qualify software and apps as eligible for federal purchasing may be something that your clients have to deal with as well, especially since many states will just their guidelines to match. Plus, this creates opportunities for SMBs that are prepared in advance to demonstrate that they can do the job well by already maintaining compliance to the new guidelines to move into a sector where they may not have been able to previously compete. All of these circumstances are poised to provide new revenue streams for savvy MSPs as the cybercrime-as-a-service economy meets federal purchasing power.


Which of your vendors will cause your next cyberattack? Read our new eBook to learn how to spot and stop third party risk. GET THIS BOOK >>


Get Fast, Affordable, Compliant Control


Start laying the groundwork for any of your clients that may be impacted by new federal technology rules by making sure that they’re on track to provide first-class information security no matter who they’re serving with Passly, the powerful, affordable secure identity and access management guardian that fits every business.

Passly packs all of the bells and whistles without the high price of competing solutions. Get the tools that organizations need to prevent unauthorized access to systems and data in place fast to ensure compliance in diverse industries.

  • Simple remote management makes adding and subtracting user permissions anytime, anywhere a snap.
  • Multifactor authentication (MFA), long a requirement for federal contracts, is built right in.
  • Single sign-on enables IT teams to quickly respond to danger and isolate user accounts that may be compromised.
  • Quick installation and seamless integration with more than 1,000 common business apps eliminates headaches
  • Secure shared password vaults give you strong access control.
  • Automated password resets eliminate the constant wave of reset tickets, saving time, money and stress
  • Learn more:

We’re here to help if you would like to learn more about ways that you can protect clients who may be in the line of fire from today’s nastiest cybersecurity nightmares. From dark web monitoring to phishing resistance training, the ID Agent digital risk protection platform has you covered. Let’s get together and talk about how we can help your clients and your business! SCHEDULE A CONSULTATION>>



June 9: Master Class: The 3 Ps of Ransomware Preparedness REGISTER NOW>>

Jun 10: Phish & Chips EMEA REGISTER NOW>>

June 10: MSP Mastered® Level 2: Service Desk Management for Continual Improvement REGISTER NOW>>

June 15: Deploy Your Secret Weapon: Security-Savvy Employees REGISTER NOW>>

Jun 16 – 17: ASCII Success Summit REGISTER NOW>>


Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>



How Will a New Federal Security Push Impact Businesses?


In the wake of the recent cyberattack nightmare at Colonial Pipeline, the White House has issued a powerhouse executive order aimed at increasing information security throughout the government, regulating stronger software and IoT security requirements and generally bringing cybersecurity practices at federal agencies and infrastructure targets up to snuff. Even if you don’t have a business relationship with the federal government, these sweeping new regulations can still impact your business, making them worth taking a look at.

One section that will be especially relevant for small and medium businesses going forward is a new requirement for increased security at any business that’s competing under FAR and FARS rules for federal contracts. These regulations won’t just be felt at the federal level, as they are likely to require certain protections for the companies that perform federal IT and information storage services that will bleed down to the companies that serve those service providers too – and so on, unit, many more companies are operating under those guidelines than the executive order seems to hit at first glance.

Getting your in shape now is a smart way to give yourself a jumpstart on compliance and put your business in the right position to ease into the bidding process if you are a federal contractor, or if you have any business relationships with a federal contractor. It also provides your company with a ready-made point of proof that you can use to show customers that you take their security seriously too. It can also make sure that you’re poised to spring on any new opportunities that you see on the horizon.

Don’t wait until you’re stuck under a regulator’s thumb to protect your business without breaking the bank. With Passly, your secure identity and access management worries are neutralized. Passly is a one-stop shop for tools that keep cybercriminals out and your data in – including multifactor authentication, which stops 99% of password-based cybercrime all by itself. Don’t hesitate to add it to your security stack and start your journey to strong security today.


See how automated, affordable phishing defense with Graphus can save your business a fortune! GET THE EBOOK>>


ID Agent Partners: Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Please send an email to pr@kaseya.com to let us know – we love to hear about how our content works for you!


social media phishing scammers

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!

LEARN MORE>>


See our innovative, cost-effective digital risk protection solutions in action.

WATCH DEMO VIDEOS>>


Contact us for an expert analysis of your company security needs and a report on your Dark Web exposure!

SCHEDULE IT NOW>>