Please fill in the form below to subscribe to our blog

The Week in Breach News: 03/02/22 – 03/08/22

March 09, 2022

Nation-state hacking impacts thousands, Lapsus$ spills the beans on Samsung’s source code and the 2022 Global MSP Survey Benchmark Report is here.


Get ready to pack your bags for Connect IT 2022! Join us June 20-23 in Las Vegas for the industry’s premier event! REGISTER NOW>>



Washington State Department of Licensing

https://www.washingtonpolicy.org/publications/detail/the-washington-state-department-of-licensing-has-restored-its-website-after-650000-individuals-data-was-leaked

Exploit: Hacking

Washington State Department of Licensing: Government Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.337= Severe

Washington State Department of Licensing (DOL) experienced a data breach that has impacted approximately 650,000 former and current licensees. After discovering unexpected activity, the agency’s website was taken offline in January. At the time, no data loss was expected but that has since changed. 

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.416= Severe

The exposed data includes former and current licensing information as well as licensees’ social security numbers, driver’s license or ID numbers and dates of birth.  

How It Could Affect Your Customers’ Business: This trove of data combines business and personal information, making it especially useful and potentially profitable for the bad guys

ID Agent to the Rescue: Learn more about how high cyber resilience helps prevent trouble like this and why it is the ticket to a safer future for your clients and how to build it. GET THIS EBOOK>> 


AON

https://www.bleepingcomputer.com/news/security/insurance-giant-aon-hit-by-a-cyberattack-over-the-weekend/

Exploit: Ransomware

AON: Insurer

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.176=Moderate

Insurance giant AON disclosed that it had suffered a cyberattack last week in a filing with the U.S. Securities and Exchange Commission (SEC). The company said that it had discovered an incident that impacted some systems. AON does not suspect that there will be a material impact on clients or operations. The incident is suspected to involve ransomware. It is under investigation and the company has brought in outside experts.

How It Could Affect Your Customers’ Business Companies like this that hold or store large amounts of valuable data are high on cybercriminal shopping lists.

ID Agent to the Rescue: Share The Computer Security To-Do List with your clients to help them find vulnerabilities and you’ll start profitable conversations! DOWNLOAD IT>> 


Monongalia Health System

https://www.securityweek.com/healthcare-company-mon-health-discloses-second-data-breach

Exploit: Hacking

Monongalia Health System: Healthcare Provider

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.367 = Extreme

West Virginia healthcare organization Monongalia Health System (Mon Health) has announced another data breach. The company operators of Monongalia County General Hospital, Preston Memorial Hospital, Stonewall Jackson Memorial Hospital and other healthcare centers, is informing patients and staffers that they had data stolen in December 2021. This is the second breach announcement in 3 months for Mon Health. Attackers did not gain access to the organization’s health electronic records systems.

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.377 = Extreme

Exposed data may include patient, employee, provider and contractor data including names, addresses, birth dates, Social Security numbers, health insurance claim numbers, medical record numbers, patient account numbers, medical treatment information, and various other data. 

How It Could Affect Your Customers’ Business: Every medical sector organization needs to take extra precautions against data-hungry cybercriminals to avoid a major HIPAA fine. Or two in this case.

ID Agent to the Rescue: Cybersecurity horrors lurk around every corner, lying in wait for unwary organizations. Learn how to defeat them in our eBook Monsters of Cybersecurity. DOWNLOAD IT NOW>>


Adafruit

https://www.bleepingcomputer.com/news/security/adafruit-discloses-data-leak-from-ex-employees-github-repo/

Exploit: Insider Risk

Adafruit: Open-Source Hardware

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.847 = Moderate

An employee’s publicly accessible GitHub repository is to blame for a data security breach at New York hardware developer Adafruit, resulting in exposure of information about some users on or before 2019. The company was quick to provide assurances that the data set did not contain any user passwords or financial information such as credit cards, but not so quick to send emails to impacted users, waiting until after publishing a notification on its blog that was picked up by media outlets.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.802 = Moderate

Exposed data for users may include names, email addresses, shipping/billing addresses, order details and order placement status via payment processor or PayPal.

How it Could Affect Your Customers’ Business Whether they’re malicious or not, insider actions can have a major effect on companies even if the insider no longer works there.

ID Agent to the Rescue: Learn to mitigate insider risk while building a strong security culture quickly and affordably for your clients in or eBook The Guide to Reducing Insider Risk. DOWNLOAD IT>>




Ukraine – Viasat

https://www.zdnet.com/article/viasat-confirms-cyberattack-causing-outages-across-europe/

Exploit: Nation-State Cyberattack

Viasat: Internet Service Provider

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.661=Severe

An estimated 10 thousand people found themselves without internet access after a cyberattack took down service to fixed broadband customers in Ukraine and elsewhere on its European KA-SAT network. The attack, starting about the same time as the Russian invasion of Ukraine, is suspected to be the work of Russia-aligned nation-state threat actors. No data was accessed or stolen in the incident, which is still under investigation.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Nation-state cybercriminals are highly likely to strategically attack Utilities and Infrastructure targets during times of trouble.

ID Agent to the Rescue Ransomware is the preferred tool of nation-state cybercrime. Get an in-depth look at how ransomware is evolving and who profits from it in our hit eBook Ransomware Exposed. GET THIS EBOOK>> 


Learn the secret to conjuring up amazing stress-free marketing campaigns in 5 Ways to Make Marketing Magic! GET IT>>



PressReader 

https://www.infosecurity-magazine.com/news/pressreader-suffers-cyber-attack/ 

Exploit: Nation-State CyberattackPressReader: Media App

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.719 = Severe

A cyberattack impacting PressReader, the world’s largest digital newspaper and magazine distribution platform, left readers in the US, UK, Australia and Canada unable to access more than 7000 publications. Some of the unavailable publications include The Guardian, Vogue, Forbes and the New York Times. PressReader said it has resolved the issue and is working to make missed content available to users after experiencing an unspecified cybersecurity event. This may be a nation-state attack; the incident happened shortly after PressReader announced that it was removing dozens of Russian titles from its catalog and publicly stated that it would help the Ukrainian citizens access the news following Russia’s invasion of their country.

Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Unsurprisingly, Russia-aligned threat actors are trying to control the flow of information about the invasion of Ukraine, leaving news outlets especially vulnerable right now.

ID Agent to the Rescue Find and slay dastardly vulnerabilities in your clients’ security strategy and emerge victorious with the Cybersecurity Monster Hunter’s Checklist! GET IT>> 


Learn how to spot and stop malicious insiders and educate users with this handy infographic! GET IT>>



Japan – Acro

https://portswigger.net/daily-swig/japanese-beauty-retailer-acro-blames-third-party-hack-for-breach-of-100k-payment-cards

Exploit: Third-Party Risk

Acro: Beauty Retailer

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.826 = Severe

Japanese e-commerce beauty company Acro has disclosed a data breach that has exposed the details of more than 100,000 payment cards. The incident included two of the company’s four retail websites. Acro is pointing to a security incident at a third-party service provider as the cause. The company specified that the compromised data related to 89,295 payment cards used to pay for goods on the Three Cosmetics domain and 103,935 cards used on its Amplitude site. Victims potentially include anyone who made purchases on either of the two sites between May 21, 2020, and August 18, 2021.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.713 = Severe

The stolen data potentially contains credit card information including cardholder names, payment card numbers, expiration dates and security codes.

How it Could Affect Your Customers’ Business Cybercriminals love credit card data because it’s a reliable commodity in dark web markets for quick profits.

ID Agent to the Rescue Help your clients reduce their cybercrime risk by building a security culture that helps spot and stop threats with the Building a Strong Security Culture Checklist. GET IT>>


Korea – Samsung

https://appleinsider.com/articles/22/03/06/hackers-leak-190gb-of-data-taken-in-alleged-samsung-breach

Exploit: Ransomware

Samsung: Electronics Maker

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.664 = Severe

The Lapsus$ hacking group just published a 190-gigabyte trove of confidential data including source code that it claims to have seized from Samsung Electronics in a ransomware attack. Reports say that the stolen code contains the source for every Trusted Applet in Samsung’s TrustZone environment, which handles sensitive tasks such as hardware cryptography and access control. It may also include biometric unlock operation algorithms, the bootloader source for recent devices, activation server source code and the full source code used to authenticate and authorize Samsung accounts. Samsung says that they’re investigating the incident.  

No information about consumer/employee PII, PHI or financial data exposure was available at press time.

How it Could Affect Your Customers’ Business Proprietary data is just as much of a win for cybercriminals as credit card or personal data, and worth a chunk of change for the right buyer.

ID Agent to the Rescue Ransomware 101, our most popular eBook, is full of tips and expert advice to guide you through securing your clients effectively from today’s scariest risk. READ IT>>


Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.



Go Inside the Ink to see how today’s biggest threats can impact your MSP and your customers in our blog.



Just getting started in cybersecurity? This resource bundle will help you get up to speed to protect your clients fast! GET IT>>



Security & Compliance Awareness Training is Your Next Growth Accelerator

Every business benefits from security and compliance awareness training – including yours. These resources can help you maximize your opportunity and boost your MRR fast!

Security Awareness Training: Your Best Investment – This eBook shows clients, prospects and decision-makers exactly why they need to be doing regular security and compliance awareness training to gain benefits and reduce risk in concrete terms that anyone can understand. DOWNLOAD IT>>

6 Tips for Creating a Security Awareness Training Policy – Pass this on to your clients to help them lay the foundation for security and compliance training with a security awareness policy that gets the job done. DOWNLOAD IT>>

Are Your Users Trained to Handle These Risks? Give this checklist to your clients to help them determine if their security awareness training program is getting the job done or not (and discover that they might need a new one). GET THE CHECKLIST>>
Did you miss this? Close more deals with the 3 Ways to Present Your Cybersecurity Services webinar. WATCH NOW>>


See how cyber insurance is changing and how to protect your clients from trouble. WATCH NOW>>



Security Leads the Charge for MSP Growth


Insights from the Kaseya 2022 MSP Benchmark Survey Report


2021 was a tumultuous year for MSPs around the world as they navigated the extended global pandemic and its profound impact on the world. Some of that profound impact fell on MSPs, especially in the areas of security and profitability. The Kaseya 2022 Global MSP Benchmark Survey Report tells the tale of change and hopeful signs of growth for MSPs around the world. 

Meet the Survey Respondents 

More than 1,200 MSPs and technician firms from 40 countries took part in the 2022 Kaseya Global Benchmark Survey. About 82.5% of MSP respondents were from the Americas region, which includes the United States, Canada and Puerto Rico, over 11% were from Europe, Middle East and Africa (EMEA), and the remaining 6.3% were from Asia Pacific (APAC). About 67% of MSP respondents described themselves as general-purpose MSPs, while 17% described themselves as managed security service providers (MSSPs).About 12% of the MSP respondents described themselves as network and datacenter focused, while the remaining 4% said that they specialized by market vertical. 


Don’t let roadblocks trap you in the slow lane. Learn to overcome obstacles and put your MSP on the road to prosperity fast. SEE HOW>>


MRR is Growing  


One of the most welcome findings of the Survey is that MRR is growing for the majority of MSPs, with small variances between regions. Respondents say they’re making money and that revenue is steadily growing. Over the past three years, nearly half of the respondents experienced monthly recurring revenue (MRR) growth of more than 10%. MSPs in EMEA experienced the highest growth in the last 3 years with over one-fifth of MSPs in that region saying that they’d experienced MRR growth of 20% or more.  

Average MRR growth over
the past 3 years
All respondents Americas APAC EMEA
Less than 0% 4% 4% 6% 2%
0% – 5% 17% 18% 15% 14%
6% – 10% 31% 30% 30% 36%
11% – 15% 20% 20% 20% 14%
16% – 20% 13% 13% 14% 13% 13% 13% 14% 13%
More than 20% 20% 15% 16% 21%

Most MSPs experienced a growth rate of 6 – 10 %, a slight improvement over 2020, with another healthy segment coming in at 11 – 15%, virtually unchanged from 2020. Altogether the Survey shows that for most MSPs, their business is steadily growing and in a good place for continued profitability.

Average MRR growth over the past
3 years
20222021
Less than 0% 4%6%
0% – 5% 17% 17%
6% – 10% 31%28%
11% – 15% 20%20%
16% – 20% 13%13%
More than 20% 15% 16%

dark web danger represented by a shadowy hacker using a hook to steal a password from a square flating over a laptop with other warnings in an animated style

Spark profitable security training conversations with clients & prospects by giving them this list of risks. DOWNLOAD IT>>


The Global Pandemic Drove Growth 


The global pandemic impacted every facet of life and business. For MSPs, a changing technology world combined with an increased need for security, the transition to remote work and other shifts in the way we do business created a wealth of opportunities that they were able to capitalize on. More than half of the respondents from all regions reported that the COVID-19 pandemic helped them expand their services within their customer base. 

Impact of COVID-19 on the ability to
expand services within customer base
All
respondents
AmericasAPACEMEA
Increased 51% 51% 53% 53%
Decreased 25% 26% 22% 19%
No change 24% 23% 24% 28%

Providing more services means making more money for MSPs as well as healthy MRR growth. Service expansion at the client base was the driver that resulted in higher revenues for MSPs. More than 60% of respondents from all regions said that the COVID-19 pandemic accelerated their overall MRR growth. MSPs in EMEA saw the biggest MRR gains, but the majority of MSPs in every region experienced solid MRR growth 

Did COVID-19 pandemic accelerate
overall MRR growth?
All
respondents
Americas APAC EMEA
Yes 62%61% 67% 61%
No 38%39%33%39%

See why security awareness training is a security and revenue superstar that you & your clients need to invest in now. GET EBOOK>>


MSP & Client Challenges Continue to Evolve


That’s not to say that MSPs didn’t experience significant challenges in 2021 as well. For about a third of MSPs, their biggest challenge was one that everyone faces: acquiring more clients. As cybercrime growth has exploded, so has the pressure on MSPs to keep their clients safe. Dealing with sophisticated security threats came in second, just a few points behind customer acquisition. Concerns about hiring came in third, a change from concern about shrinking IT budgets last year. 

MSP business challenges in 2022 All
respondents
Americas APAC EMEA
Acquiring more customers 29% 28%28%39%
Dealing with advanced and
sophisticated security threats
23% 23%20%18%
Hiring 19% 18%20%20%
Shrinking IT budgets and spending
as a result of the pandemic
9% 9%13% 10%
Reduced service offerings to fit
shrinking customer budgets
9% 10% 5% 4%
Retention6% 6%11%5%
Supporting remote work for staff
and clients
5% 5%3%3%

For clients, the list of challenges changes but security remains a major concern, this year’s number one worry for almost half of MSP clients worldwide. Security was followed by business continuity and disaster in second place, a change from 2021. Managing remote workers was the biggest challenge for MSP clients in our 2021 survey, but that dropped to number three this year.  

Top three problems for MSP client 2022 2021
Security 52% 57%
Business continuity and disaster recovery 38%42%
Remote workers 36%58%

The top concerns for clients don’t really change much across regions, but the weight of each concern onn a client does. While security was the top dog worldwide, MSPs in EMEA cited the highest percentage of clients that were concerned about supporting a remote workforce. This difference may be at least partially driven by the impact of the global pandemic in that region leading to extended lockdowns and reducing the number of workers returning to the office in 2021 in that region.  

Top three problems for MSP clients in 2022All
respondents
AmericasAPACEMEA
Security 52% 52% 48% 54%
Business continuity and disaster recovery 38% 39% 28% 40%
Remote workers36% 36% 31%38%

Give your clients 7 lucky tips to secure their data & remind them that they can’t rely on luck to stay safe! GET THE INFOGRAPHIC>>


Compliance Challenges Create a Growth Area for MSPs 


The majority of MSPs report that their clients are experiencing compliance challenges. Three-quarters of MSPs say that their clients struggled to comply with regulations last year, an increase over the 2021 survey. 

My Customers Struggle to Meet Their Regulatory Compliance Requirements

Strongly Agree21%
Somewhat Agree53%
Somewhat Disagree19%
Strongly Disagree7%

Take a deep dive into ransomware and learn to protect your clients affordably with this resource bundle! GET IT>>


Security is a Dark (But Profitable) Landscape 


The evidence bears out a conclusion that IT professionals universally suspected: cybercrime is up. For almost three-quarters of MSPs around the world, that means that attacks on their customers are up too. More than 70% of MSPs in every region say that 20% of their clients or more weathered a cyberattack last year. This trend is consistent with 2021 survey responses. 

Percentage of clients that experienced
at least one cyberattack within the past
12 months
All
respondents
AmericasAPACEMEA
Up to 20% 73% 72% 73% 71%
21% to 40% 21% 22% 20% 18%
41% to 80% 5% 5%7%7%
More than 80% 1% 1% 0% 4%

Cybercriminals attacked more MSP clients in 2021 than they did the year before too. While there was little change in the number of MSPs year-over-year who said up to 20% of their clients experienced cyberattacks, there was a big shift in the number of MSPs who said that between 21% and 40% of their clients had experienced at least one cyberattack, jumping from 13% to 21%.  

2022 GLOBAL
Percentage of clients that
experienced at least one
cyberattack within the past
2022 2021
Up to 20% 73%77%
21% to 40% 21%13%
41% to 80% 4%6%
More than 80% 1%4%

Learn the secret to making compromised credentials your biggest money maker! WATCH WEBINAR>>


The Majority of Clients Turn to MSPs for Security Advice


The bottom line is that customers trust their MSPs to steer them in the right direction when it comes to security, turning to them for advice about security plans and best practices, and that is only increasing. About 82% of respondents said that at least some of their clients turned to them for advice on cybersecurity, a solid increase from 78% of respondents in the 2021 survey. The evidence shows that the rapidly escalating security danger that clients face combined with greater awareness of the importance of cybersecurity to business success presents a major growth opportunity for MSPs.  

To what extent have clients turned to you for advice on
cybersecurity plans and best practices?
All respondents
All of our clients 15%
Most of our clients 45%
Some of our clients 37%
None of our clients 3%

Insider risk is swamping your clients. Learn to mitigate it quickly & profitably. WATCH WEBINAR>>


Choose Trusted, Proven Security for Your Clients 


Your clients rely on you to steer them toward the right security solutions to keep their organizations safe, just like more ore than 4,000 MSPs worldwide trust ID Agent’s award-winning solutions to help them get the job done. Offer your clients strong security at a price you’ll both love. 

Solve your clients’ security and compliance awareness training problems quickly and painlessly while offering personalized service with the newly retooled BullPhish ID

  • Offer them a large library of lessons in compliance with regulations like HIPAA, PCI-DSS, GDPR and CMMC, with new lessons added monthly 
  • Have what they need right now on hand with fresh video lessons on the hottest topics in 8 languages delivered fast including nation-state cybercrime, ransomware and credential compromise. 
  • Tailor training to the needs of every client with customizable phishing kits, video lessons and personalized user training portals, or speed up the training process with plug and play lessons and phishing kits. 

Give your clients (and yourself) peace of mind that they won’t face nasty surprises from compromised credentials on the dark web with the leading solution in the channel, Dark Web ID

  • 24/7/365 monitoring that you can feel confident about   
  • Real-time analysis alerts you to trouble fast  
  • Monitor business and personal credentials, domains, IP addresses and email addresses 

Don’t just take our word for it, see what these MSPs have to say: https://www.idagent.com/case-studies/


It’s a bird, it’s a plane, it’s your revenue rising into the stratosphere with 6 Power-Ups That Will Make You a Sales Superhero. GET IT>>



Mar 10: Top 5 Ingredients in the Recipe of MSP Success REGISTER NOW>>

Mar 10: Phish & Chips EMEA REGISTER NOW>>

Mar 21 – 22: Midsize Enterprise Summit REGISTER NOW>>

Mar 30 – 31: IoTSSA Cybersecurity Expo REGISTER NOW>> 

Jun 20-23: Connect IT Global in Las Vegas REGISTER NOW>>  



 Are You Covering All the Security Bases?


Businesses are facing more cyberattacks than ever before as the cybercrime landscape grows darker for organizations of every size in every industry – is your security plan up to the test?  

Now is the time to review your security plan with your MSP to make sure that you’ve covered all of the bases. Strong security that utilizes the right solutions for your business gives your business the best odds of success when it comes to avoiding cyberattacks.  

It also pays to make sure that you’ve got a solid incident response plan in place now before things go wrong. Not only will that save you time and money in an emergency, having an incident response plan actually improves your company’s security immediately. 

Don’t wait until cybercriminals are knocking on your door – make it a priority to sit down with your MSP and review your organization’s security plan and address your vulnerabilities right away.  


Do you have comments? Requests? News tips? Compliments? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.

ID Agent Partners: Feel free to reuse this post (in part or in its entirety) When you get a chance, email [email protected] to let us know how our content works for you!


let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!

LEARN MORE>>


Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>

See Graphus in action in an on-demand video demo WATCH NOW>>


Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!

SCHEDULE IT NOW>>