The Week in Breach News: 01/05/22 – 01/11/22
Ransomware rocks two major service providers, disrupting IT services and schools around the world, a pair of healthcare data breaches and what you need to know about the state of data security for your clients in Q1 2022.
Help your clients start the new year off on the right foot with this checklist of smart cybersecurity practices. GET IT>>
FinalSite
Exploit: Ransomware
FinalSite: Education Technology Provider
Risk to Business: 1.227=Extreme
School website services provider FinalSite has suffered a ransomware attack that disrupted access to websites for thousands of schools worldwide. FinalSite provides solutions for over 8,000 K – 12 schools and universities in 115 countries. School districts that hosted their websites with FinalSite found that they were no longer reachable or were displaying errors. Bleeping Computer reports that in addition to the website outages the attack prevented schools from sending closure notifications due to weather or COVID-19. FinalSite says that approximately 5,000 school websites went offline as a result of the ransomware attack and no data was stolen. An investigation is ongoing.
Individual Impact: No consumer or employee PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses.
ID Agent to the Rescue: Learn more about how ransomware is evolving and get tips for protecting your clients in 2022 in our hit eBook Ransomware Exposed. GET THIS EBOOK>>
Broward Health
Exploit: Hacking
Broward Health: Hospital System
Risk to Business: 2.223 =Severe
Florida-based healthcare system Broward Health has disclosed a data breach affecting 1,357,879 individuals after an intruder gained unauthorized access to the hospital’s network and patient data. The organization discovered the breach four days after the initial intrusion and immediately notified the FBI and the US Department of Justice. Broward Health contracted a third-party cybersecurity expert to help with the investigations.
Risk to Business: 2.419=Severe
The exposed personal data for patients and former patients at Broward health may include Social Security numbers, bank or financial account information, driver’s license numbers, names, addresses, telephone numbers and hospital payment account information. Protected health information including medical information like care history, condition, treatment and diagnosis records may also have been exposed.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business Medical data is always a win for cybercriminals and losing it is an expensive nightmare for hospitals once regulators are finished with them.
ID Agent to the Rescue: Cybersecurity horrors lurk around every corner, lying in wait for unwary organizations. Learn how to defeat them in our eBook Monsters of Cybersecurity. DOWNLOAD IT NOW>>
D.W. Morgan
https://www.websiteplanet.com/blog/dwmorgan-leak-report/
Exploit: Hacking
D.W. Morgan: Logistics and Supply Chain Management
Risk to Business: 1.717= Severe
Researchers at Website Planet uncovered a data breach at D.W. Morgan because of a misconfigured AW3 bucket. The exposed data included more than 2.5 million files equating to over 100GB of data related to D.W. Morgan’s clients and their shipments from 2013 to late 2021. Some files also included sensitive client data and employee PII. Website Planet revealed that records pertaining to deliveries for clients including Cisco, and Life Technologies was also exposed in files.
Individual Impact: No specifics about any consumer/employee PII or financial data loss were available at press time.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business Service providers like this are goldmines for cybercriminals, amping up supply chain risk for evryone.
ID Agent to the Rescue: Make sure that your clients are doing everything right to stop system and data security threats with the Computer Security To-Do List checklist, available now! GET THIS CHECKLIST>>
Ravkoo
Exploit: Hacking
Ravkoo: Pharmacy
Risk to Business: 1.719 = Severe
US-based online pharmacy Ravkoo has disclosed a data breach. The company disclosed that its AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed by unauthorized parties, resulting in the potential compromise of customers’ prescription and health information.
Individual Impact: No consumer/employee PII or financial data loss was disclosed in this breach as of press time.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.
ID Agent to the Rescue: Employees are the most likely cause of a cybersecurity incident in any business. See how to spot and stop insider risks in our new Guide to Reducing Insider Risk. DOWNLOAD IT NOW>>
FlexBooker
Exploit: Hacking
FlexBooker: Scheduling Platform
Risk to Business: 1.806=Moderate
FlexBooker experienced an attack before the holidays that resulted in the theft of more than three million user records. The platform is used for scheduling and employee calendar management by small businesses like doctor’s offices, real estate companies, service sector businesses and similar companies. Bleeping Computer reports that a group calling themselves Uawrongteam, has claimed responsibility, providing links to archives and files with sensitive information, such as photos, driver’s licenses, and other IDs as proof.
Individual Impact: No specific information about exposed customer personal or financial data was available at press time.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.
ID Agent to the Rescue Reduce the chance of a security incident, strengthen your clients’ security culture and start them off on the right foot in 2022 with our Building a Strong Security Culture Checklist. GET THE CHECKLIST>>
90% of MSPs have had clients hit with a ransomware attack in the last 12 months. Help your clients build stronger defenses with the insight in Ransomware Exposed! DOWNLOAD NOW>>
France – Inetum Group
Exploit: Ransomware
Inetum Group: IT Services Provider
Risk to Business: 1.991 = Severe
Over the winter holidays, French IT services company Inetum Group was hit by a ransomware attack that impacted its business and its customers. The company was quick to reassure clients that none of the main infrastructures, communication, collaboration tools or delivery operations for Inetum clients has been affected. Inetum Group has notified authorities about the attack and is collaborating with specialized cybercrime units. A third party investigation is underway. Inetum provides IT services for clients in myriad industries in 26 countries.
Individual Impact: No consumer or employee PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business IT services companies are juicy targets for crooks who may be able to parlay a successful attack on them into an intrusion on one of their clients.
ID Agent to the Rescue Learn 4 highly effective ways to protect your clients from ransomware now and set them up for future defensive success in one fun, educational webinar! WATCH NOW>>
Switzerland – CPH Chemie + Papier
https://www.hackread.com/german-audio-tech-sennheiser-expose-customers-data/
Exploit: Malware
CPH Chemie + Papier: Industrial Packaging. Paper and Chemicals
Risk to Business: 1.806 = Severe
Swiss company CPH Chemie + Papier has announced that it was hit with a cyberattack that has impacted its IT systems and some production facilities. Production in the paper and packaging operations in Perlen LU and Müllheim, Germany was halted briefly but the company’s chemical operations were unaffected. Malware is suspected to be the culprit. Investigation and recovery efforts are underway.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Ransomware isn’t the only malware on the block. Other types of malware also pack a nasty punch that can devastate businesses.
ID Agent to the Rescue The majority of malware arrives at businesses as the rotten cargo of a phishing attack. Our eBook The Phish Files can help you gain a strategic edge against phishing. GET THE BOOK>>
Make sure your clients have all the bases covered with the Computer Security To-Do Checklist! GET IT>>
Singapore – OG Department Stores
Exploit: Hacking
OG Department Stores: Retailer
Risk to Business: 2.721 = Moderate
OG Department Stores has announced that they’ve experienced a breach that has exposed customers’ personal data. The company said that the incident affected members who are in either the basic or gold membership tiers. OG said it has reported the matter to the police and other relevant authorities, including the Personal Data Protection Commission (PDPC) and the Cyber Security Agency of Singapore (CSA).
Risk to Business: 2.775 = Moderate
Customer data that may have been compromised includes the names, mailing addresses, email addresses, mobile numbers, genders and dates of birth. Encrypted data including NRIC numbers and passwords may also have been snatched.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Personal data is always a winner for cybercriminals who are looking to make a quick profit in the booming dark web data markets.
ID Agent to the Rescue Building cyber resilience helps insulate organizations from trouble like this. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>>
We’re invested in your success! Learn about best-in-class marketing & sales support from Kaseya Powered Services. WATCH NOW>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
Zero Trust security is a piece of cake when you’re sure you’re giving access to the right people at the right levels. SEE HOW TO DO IT>>
Go Inside the Ink to Get the Inside Scoop on Cybercrime
Are you up to date on the latest news that can impact your business and your customers? Here’s a recap:
- This Security Flaw Has 1 in 3 Companies Flirting with Disaster
- 5 Ways an Employee Becomes an Insider Risk (+2 You May Not Be Considering)
- 6 Ways Malicious Insiders Can Do Damage Fast & How to Uncover Them
- The 2022 Data Breach & Business Risk Outlook is Not Good
- The Week in Breach News: 12/29/21 – 01/04/22
Kaseya Patch Tuesday: Patch notes & bug fixes for December 2021: SEE PATCH INFO>>
See how to fix staffing problems, fill security gaps and make more money fast with security automation. LEARN MORE>>
Make More Money in 2022!
Nano Session #3: How to Sell More Security Solutions to Your Clients – Get proven, practical tips on how to close new security business and juice up your sales in just 15 minutes. WATCH NOW>>
6 Power-Ups That Will Make You a Sales Superhero – See the sales-boosting secret weapons that our partners can access through Kaseya Powered Services. DOWNLOAD IT>>
5 Ways to Make Marketing Magic – Get the word out about the benefits of choosing your MSP quickly with these tools created by experts and available through Kaseya Powered Services. DOWNLOAD IT>>
The Road to Prosperity – Learn to turn your weaknesses into strengths and overcome the obstacles that may be blocking your journey to success! WATCH NOW>>
Did you miss this? Help your clients kick off 2022 right with the Reboot Your Cybersecurity Practices Now checklist! GET IT NOW>>
See how cyber insurance is changing and how to protect your clients from trouble. WATCH NOW>>
What You Need to Know About the State of Data Security Right Now
Start the Year Off Armed with the Facts
2021 was a tumultuous year for cybersecurity. Big breaches, economic uncertainty, blockers that spawned from the global pandemic and supply chain problems plagued businesses creating challenges that tested the mettle of IT professionals around the globe. But if you were hoping that rough road might be behind us now, you may want to buckle up again because the 2022 outlook is not rosy, especially when it comes to data security.
The Guide to Reducing Insider Risk can help IT pros stop security incidents before they start! GET IT>>
Remote Work Continues to Complicate Security
Experian sounded the alarm about vulnerabilities and opportunities that cybercriminals could exploit in 2022 in the ninth annual edition of its Data Breach Industry Forecast. Their analysts’ findings reflect the shifts in the way that people and companies do business today, including increased online traffic in all areas and remote work, as well as taking into account the ongoing impact of the pandemic on cybersecurity.
Their experts warned that businesses face major challenges when it comes to securing their networks and data in 2022 because many are still relying on structures, policies and solutions that were implemented in 2020 because of the sudden shift to remote work. Additional research bears out that conclusion. Only 39% of IT executives polled in a staffing survey felt that they have adequate IT expertise on staff to assist employees with remote work issues, and only 45% of organizations reported having enough budget available to address the needs of either their IT team or their remote workforce.
Supporting a remote workforce looks like it’s here to stay as well, and that creates additional complications for data security. Upwork estimates that 36.2 million workers or 22% of Americans will be permanently working remotely by the year 2025, an 87% increase from pre-pandemic levels. For knowledge economy workers, that number increases dramatically, with Gartner declaring that by the end of 2021, 51% of all knowledge workers worldwide are expected to be working remotely, up from 27% of knowledge workers in 2019.
Learn why ransomware is today’s nastiest threat and how to defend against it in Ransomware 101. READ IT>>
Phishing Risk Compounds Data Security Challenges
Why does remote workforce support impact a company’s data security? Remote workers are more likely to fall for phishing messages, and phishing has been the number one threat to data security for the last three years. An astonishing 80% of IT professionals in a recent survey said that their organizations have faced an increase in the volume of phishing attacks that they’re facing in 2021. Unfortunately, more phishing attempts has translated into more phishing attack disasters for many companies. An estimated 74% of respondents in the same survey said that their companies had been successfully phished in the last year
As GetApp reports, phishing messages are becoming more sophisticated and more enticing to employees, raising click rates substantially while they create an elevated risk for businesses.
Percentage of Survey Respondents Who Received (and Clicked) a Phishing Email
2019 43% received 73% clicked
2020 58% received 81% clicked
2021 64% received 77% clicked
Other phishing-related cyberattacks also put your clients’ data at risk, and those risks are also steadily growing. In the same report, researchers noted that ransomware was continuing its ascendence, with the number of attacks that respondents reported rising significantly, from 28% of respondents reporting attacks in 2020 to 35% in 2021 – and 12% of those respondents reported multiple attacks. Ransomware now accounts for 69% of all attacks involving malware.
Protection from cybercrime danger is easy when you deploy your secret weapon: security-savvy employees! WATCH WEBINAR>>
Security Awareness Training Neglect Comes Back to Haunt Businesses
Among the many practices and procedures around IT that may have fallen aside in the chaos of 2020, neglecting security awareness training has been a real problem, leaving businesses vulnerable. 31% of the companies polled by GetApp do not provide any security awareness training even once per year. Of the companies in their survey that did engage in periodic or regular security awareness training, only 26% of businesses in the survey provided social engineering training for employees.
By and large, no industry is safe from employees falling for a phishing email. Data that we gathered from BullPhish ID users paints a very clear, very disturbing picture that organizations need to face: Employees at companies of any size in any industry are prime targets for cybercrime because they will click phishing emails. In year-end reporting, we discovered that within the total number of phishing simulation emails sent,3,273,995 the total number of clicks on phishing simulation emails was 267,976.
The lack of awareness and dearth of skills that employees have in spotting and stopping phishing threats can have devastating consequences for a company’s data security. It’s especially bad news at a time when employees are encountering more sophisticated threats like targeted spear phishing than they have in the past. An astonishing 97% of employees are unable to spot a sophisticated phishing message, increasing data security danger.
Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>
Data Breach Costs Are Climbing
In this year’s IBM Cost of a Data Breach Report, researchers determined that the average cost of a breach in 2021 is estimated at $4.2 million per incident, the highest ever recorded in the 17 years of the study. The cost of a breach can be impacted by the type of data stolen or leaked, like customer personally identifiable information – the most frequently breached and the most expensive at $180 per record. The top country in the world for data breach costs in 2021 (so far) is the US with an average cost of $9.05 million. Thanks to the hot market for COVID-19 data in 2020, medical data is in second place as the most desirable data to snatch, and healthcare at $9.23 million is the industry with the most expensive data breach costs.
Their researchers also found that companies with a remote workforce faced added complexity and costs when it came to data breach response. Organizations that operate with 50% remote workers took an average of 316 days to identify and contain a data breach compared to the overall average of 287 days. Companies supporting a remote or hybrid workforce experienced an increase of up to $1 million more when a data breach occurred, with the highest rates of $4.96 million in comparison to $3.89 million.
Is someone’s behavior suspicious? Learn to spot trouble fast with 5 Red Flags That Point to a Malicious Insider at Work. DOWNLOAD IT>>
Password Problems Aren’t Going Away
GetApp researchers concluded that password reuse is strongly associated with higher incidences of security issues and data breaches, and employees are reusing passwords everywhere. A full 60% of their survey respondents admitted to reusing the same password for multiple accounts at work and at home, sometimes mixing the two. That’s three out of five employees.
Employees are also still attached to unsafe methods for password generation and storage, adding another risk factor to the mix. According to GetApp research, one in five (22%) employees said they store their passwords in writing on paper Almost 20% admitted to storing passwords in a digital or online document like a Word or Google Doc. When they’re generating passwords, employees also turn to unsafe behaviors. Over 40% of survey respondents said that they use personally meaningful information like their date of birth or company name to make passwords easier to remember.
Are you ready to take back control of cyberattack risk from the villains on the dark web? This webinar shows you where to start. WATCH NOW>>
Help Your Clients Secure Their Data Quickly and Affordably
Data breach risk has been steadily climbing with no end in sight. The non-profit Identity Theft Research Center announced that the number of data breaches that they’d recorded by the end of Q3 2021 had already exceeded the total number of events in Full-Year (FY) 2020 by 17%, with 1,291 breaches in 2021 compared to 1,108 breaches in 2020. Cybercriminals are hungry for your customers’ data. The solutions in the ID Agent digital risk protection platform can help you secure it efficiently at a price you’ll both love.
Dark Web ID enables you to get a clear picture of your client’s credential compromise threats from dark web sources. Our 24/7/365 always-on monitoring alerts you when your clients’ credentials appear on the dark web automatically. Automation means that your team doesn’t need to spend time staring at a dashboard, and simple clear reports enable you to display the value of monitoring fast.
BullPhish ID is the perfect security awareness training solution for companies of any size. You can provide an excellent client experience through personalization when you tailor the training to fit every client’s unique needs. Choose from our plug-and-play phishing simulations or customize the content. You’ll also be able to offer training in more than just phishing including compliance, password safety, ransomware threats and other topics to fulfill all of your client’s digital training needs under one roof.
See what your peers have to say about the benefits of a relationship with ID Agent. SEE TESTIMONIALS>>
Contact our solutions experts today.
Can you spot a phishing email? This infographic shows you how to detect one! DOWNLOAD IT>>
Make This New Year’s Resolution to Reduce Your Company’s Cyberattack Risk by up to 70%
Now is the time to get your business ready to face new and evolving risks in 2022. Smart companies are making cybersecurity a cornerstone of their growth strategy and it’s easy to see why – just one cybersecurity incident can be devastating for any business.
Those cyberattacks are coming faster than ever before, putting your business in more danger than you may be expecting. IBM reports that 84% of US organizations have experienced either a phishing or ransomware attack in the last year, and that number is expected to keep on climbing.
Phishing is the most common way for ransomware to come to your business. Today’s cybercriminals are stepping up their game with expertly crafted emails that use social engineering to lure your employees –and an estimated 97% of employees in a wide array of industries are unable to recognize a sophisticated phishing email.
That’s what makes keeping up with your staff’s security awareness training is so important. Businesses that engage in regular security awareness training experience up to 70% fewer cybersecurity incidents than companies that don’t.
Your company can easily achieve that reduction in risk with a dynamic security awareness training solution like BullPhish ID. You can even automate the training program for set-it-and-forget-it convenience. Make sure that improved security awareness training is one of your company’s new year’s resolutions to stay out of cybercrime trouble in 2022.
Do you have comments? Requests? News tips? Compliments? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
ID Agent Partners: Feel free to reuse this post (in part or in its entirety) When you get a chance, email [email protected] to let us know how our content works for you!
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!
Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>
See Graphus in action in an on-demand video demo WATCH NOW>>
Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!