The Week in Breach News: 03/16/22 – 03/22/22
More trouble for crypto and DeFi outfits thanks to a supply chain incident, Anonymous isn’t letting up on Russia, a cyberattack sours milk processing in the US and 6 insights from Gartner’s Top Trends in Cybersecurity 2022 report.
Get ready to pack your bags for Connect IT 2022! Join us June 20-23 in Las Vegas for the industry’s premier event! REGISTER NOW>>
H.P. Hood Dairy
Exploit: Hacking
H.P. Hood Dairy: Milk Producer
Risk to Business: 1.411 = Extreme
Major New England dairy producer Hood announced that it had been hit with a cyberattack that has impacted milk production. The company stated that the unnamed attack caused milk processing and dairy production to halt at its 13 plants around the U.S. This has led to dairy shortages in some school systems and the waste of a large volume of milk. Production and processing operations have been restored and the incident is under investigation.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Customers’ Business: TCybercriminals have been hitting major food producers hard, looking for a quick score from a time-sensitive business.
ID Agent to the Rescue: Learn why high cyber resilience is the ticket to a safer future for your clients (plus more MRR for you) and what you can do to help them build it. GET THIS EBOOK>>
BlockFi
Exploit: Supply Chain Risk
BlockFi: Cryptocurrency Finance
Risk to Business: 2.799 = Moderate
Crypto financial institution BlockFi has announced that it had experienced a data breach incident via one of its third-party vendors, HubSpot. BlockFi says that the hackers gained access to BlockFi client data stored on HubSpot on Friday, March 18. BlockFi was quick to assure investors that its internal system and client funds were not accessed and that the breach remains limited to a very narrow pool of data stored with the third-party vendor, HubSpot.
Individual Risk: 2.806 = Severe
The exposed information from this breach may have included user data such as names, email addresses and phone numbers.
NOTE: The attackers in this incident likely also accessed similar data on HubSpot belonging to Swan Bitcoin, NYDIG and Circle.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Customers’ Business Cryptocurrency and DeFi have been catnip for cybercriminals and that’s not going to stop anytime soon.
ID Agent to the Rescue: Help your clients navigate the tricky straits of third party and supply chain risk with great ways to mitigate the danger and stay safe in a dangerous world. GET EBOOK>>
United States – Creative Services Inc.
Exploit: Hacking
Creative Services Inc.: Employment Investigations
Risk to Business: 1.721 = Severe
Hackers cracked into Massachusetts background check firm Creative Services and snatched highly sensitive personal records on more than 164,000 job-seekers and license applicants on November 26, 2021. The company’s internal investigation determined that an unauthorized party may have copied certain files on the company’s computer systems. This is a particularly tricky incident because of the confidential nature of the information that this firm handles.
Individual Risk: 1.763 = Severe
Investigators found that the hackers obtained access to names, dates of birth, Social Security numbers and driver’s license numbers in the attack as well as access to other sensitive data that could be used for nefarious purposes.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Customers’ Business: This kind of sensitive information isn’t what anyone wants falling into the wrong hands and should be stored with extra safety.
ID Agent to the Rescue: Cybersecurity horrors lurk around every corner, lying in wait for unwary organizations. Learn how to defeat them in our eBook Monsters of Cybersecurity. DOWNLOAD IT NOW>>
Wheeling Health Right, Inc.
Exploit: Ransomware
Wheeling Health Right Inc.: Healthcare Non-Profit
Risk to Business: 1.867 = Severe
Wheeling Health Right Inc (WHR), a United Way medical services non-profit, announced that on January 18, 2022, the organization was the victim of a “sophisticated cyberattack”, likely ransomware, that encrypted its systems as well as giving the threat actors access to protected patient health information. The organization is working with a technology services provider to decrypt the data as well as add other safeguards, and the investigation is ongoing.
Individual Risk: 1.772 = Severe
Information that may have been accessed includes full name, postal address, email address, phone number, driver’s license number, medical record number, Social Security number. tax information, income information, and other health information about patients who applied for or received services from WHR.
How it Could Affect Your Customers’ Business This isn’t a problem that any medical facility can afford with high HIPAA penalties, especially a non-profit.
ID Agent to the Rescue: Security awareness and compliance training is essential to reduce risk. Help your clients get started by sending them the 6 Tips for Creating a Security Awareness Training Policy infographic. GET IT>>
Solve five of the most exhausting remote and hybrid security problems fast with this handy infographic! DOWNLOAD IT>>
Ireland – The Rehab Group
https://www.irishtimes.com/business/technology/rehab-group-falls-victim-to-cyber-attack-1.4828860
Exploit: Malware
The Rehab Group: Disability Services Provider
Risk to Business: 1.661 = Severe
One of the largest disability services providers in Ireland, The Rehab Group has fallen victim to a cyberattack. The company says that there is no evidence that data had been accessed. The investigation is still ongoing, with the Garda National Cyber Crime Bureau and the National Cyber Security Centre involved.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Customers’ Business Any organization that holds a large quantity of personal or financial data will be an attractive target for cybercriminals.
ID Agent to the Rescue See what makes security and compliance training such a powerful weapon against cyberattack risk and compliance failure for any organization in Security Awareness Training: Your Best Investment. GET EBOOK>>
Russia – Transneft
https://www.theverge.com/2022/3/17/22983085/russia-transneft-omega-data-leak-hillary-clinton
Exploit: Nation-State Hacking (Hacktivism)
Transneft: State-Owned Oil Pipeline Company
Risk to Business: 2.902 = Moderate
Anonymous is back at it, this time leaking documents stolen from the Omega Company, the research and development division of Russian oil pipeline company Transneft. The hacktivist collective, who have publicly sided with Ukraine in response to Russia’s invasion of the country, got ahold of 79GB of the company’s emails and published them on the leak site of the non-profit whistleblower organization Distributed Denial of Secrets. The stolen data includes invoices, equipment technical configurations, and product shipment information. One unusual detail: the hackers responsible dedicated the hack to Hillary Clinton after she mentioned that Ukraine-aligned hackers should attack Russian targets in a recent interview.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Customers’ Business Political upheaval can place organizations within hacktivist sights, creating unforeseen security complications.
ID Agent to the Rescue Find and slay dastardly vulnerabilities in your clients’ security strategy and emerge victorious with the Cybersecurity Monster Hunter’s Checklist! GET IT>>
Insider risk is swamping your clients. Learn to mitigate it quickly & profitably. WATCH WEBINAR>>
South Africa – TransUnion
https://www.cyberscoop.com/south-africa-transunion-data-breach/
Exploit: Ransomware
TransUnion: Credit Bureau
Risk to Business: 1.905 = Severe
TransUnion has reported that it experienced a data breach as a result of a ransomware attack. The company states that cybercriminals obtained access to their systems through credential compromise. TransUnion received a $15 million ransom demand from a group identifying themselves as N4ughtySec that they do not intend to pay. The group says they’re based in Brazil and that they have over 4TB of stolen data touching over 200 companies.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Customers’ Business Organizations in the Financial sector from bans to credit organizations have been getting walloped by cybercrime, beating out healthcare to become the top cyberattack target.
ID Agent to the Rescue Ransomware 101, our most popular eBook, is full of tips and expert advice to guide you through securing your clients effectively from today’s scariest risk. READ IT>>
Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
Go Inside the Ink to see how today’s biggest threats can impact your MSP and your customers in our blog.
- Industry, Infrastructure and Manufacturing Cyberattack Danger is Rising
- Incident Response Planning Reduces Nation-State Cybercrime Risk
- Ukraine Charity Phishing Scams Are Hitting Employee Inboxes
- 8 Reasons Why Security & Compliance Awareness Training is the Perfect Investment
- The Week in Breach News: 03/09/22 – 03/15/22
Just getting started in cybersecurity? This resource bundle will help you get up to speed to protect your clients fast! GET IT>>
Are You Using and Sharing Our Helpful Checklists?
These 3 checklists are perfect for using yourself or sharing with clients to kick off profitable security conversations.
Are Your Users Trained to Handle These Risks? This checklist is perfect for sending to your clients as you talk to them about the importance of up-to-date security and compliance awareness training and where they may be lacking. GET IT>>
Building a Strong Security Culture ChecklistThe evidence is clear: a strong security culture is a major security asset that helps prevent cyberattacks. This checklist helps you and your clients assess the health of their security culture. GET IT>>
Computer Security To-Do ListIt’s a dangerous world. Are you covering all of the bases to keep your clients safe? This checklist gives you a good barometer of your client’s security and gaps that need to be filled. GET IT>>
Did you miss this? Find out the 5 ingredients necessary for MSP success! WATCH WEBINAR>>
See how cyber insurance is changing and how to protect your clients from trouble. WATCH NOW>>
6 Key Insights from Gartner’s Top Trends in Cybersecurity 2022 Report
Keep Your Clients Ahead of the Curve
The cybersecurity world presents IT professionals with a wide array of challenges, and those challenges are continuously evolving. It can be difficult to be certain that you’re paying attention to the right trends and spending your energy on securing your customers from the biggest risks they face today as well as those that are around the corner. The “Top Trends in Cybersecurity 2022.” by Gartner, Inc provides some excellent insight into the things that security professionals may want to keep an eye on in 2022.
See why security awareness training is a security and revenue superstar that you & your clients need to invest in now. GET EBOOK>>
1. Attack Surfaces Are Expanding
For most organizations, their attack surface is expanding and will continue to expand. The report notes that risk around cyber-physical systems and IoT, open-source code, cloud applications, complex digital supply chains, social media and more have caused organizations’ exposed surfaces to expand beyond a previously quantifiable set of controllable assets. Gartner cautioned that “Organizations must look beyond traditional approaches to security monitoring, detection and response to manage a wider set of security exposures.” Suggested ways to mitigate this risk include Digital risk protection services (DRPS), external attack surface management (EASM) technologies and cyber asset attack surface management (CAASM).
2. Digital Supply Chain Risk Will Continue to Climb
Supply chain risk has been a rising concern for businesses. Cybercriminals have discovered that it pays to attack bigger targets through their supply chain. They’ve also discovered that certain types of suppliers and service providers hold lots of valuable information without having very strong security. As illustrated in our reporting in The Week in Breach, organizations are constantly being ensnared in cybersecurity disasters that are not necessarily of their own making. Gartner predicts that by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021.
Insider risk is swamping your clients. Learn to mitigate it quickly & profitably. WATCH WEBINAR>>
3. High Cyber Resilience is Key to Security Success
The overarching message sent by this report is that organizations need to be prepared for a cyberattack coming from any direction. Escalating digital supply chain risk is one big reason why a shift to reliance-based thinking is necessary for enterprise security. The report recommends that companies need to be ready to embrace new mitigation approaches that involve more deliberate risk-based vendor/partner segmentation and scoring. They should also not hesitate to make requests to suppliers and service providers about their security practices or to see evidence of their security controls.
4. Companies Need to Evolve Their Thinking on Security Awareness
Going a step beyond simple security or compliance training is essential for companies to stay ahead of the risk curve. Employees don’t just need to be aware of risks they may encounter, they also need to be invested in their company’s security success. That means that smart organizations are evolving their approach to increased security awareness by investing in “holistic security behavior and culture programs (SBCPs).” According to this report, the updated approach weaves security and compliance more deeply into the company’s culture, fosters new ways of thinking and reinforces new or better security habits and behaviors across the organization.
Learn the secret to making compromised credentials your biggest money maker! WATCH WEBINAR>>
5. Cybersecurity is Everyones’s Problem
Burnout and overwork in tech is endemic and that ranges from the bottom to the top in many organizations. Beyond that, cybersecurity isn’t just a “tech” problem anymore; it’s a part of every department and every employee’s job. That makes it important to change the way that companies approach decision-making, accountability and responsibility for cybersecurity functions. The report urges transitioning sole responsibility for all things security away from CISOs. In another report, Gartner predicted that at least 50% of C-level executives will have performance requirements related to cybersecurity risk built into their employment contracts by 2026.
6. Identity Threats Management and Detection Will Grow in Importance
Gartner has introduced a new term, “identity threat detection and response.” This term is intended to encompass the tools and practices designated for identity and access management purposes, a steadily growing job for security teams. In a world moving steadily toward a zero trust architecture as the default, IAM is only going to become more important as time goes on. “Identity as the new security perimeter” was a key insight from Gartner’s 2021 report, influenced by the prevalence of remote work. This report takes that IAM focus a step further, highlighting the importance of strength in this area going forward.
Learn how to spot and stop malicious insiders and educate users with this handy infographic! GET IT>>
Other Insights
The report claims that three major trends are influencing cybersecurity in 2022: new responses to sophisticated threats, the evolution and reframing of the security practices and rethinking technology. There’s no doubt that the threats that IT professionals are facing when securing companies are increasingly more sophisticated as time goes on. The shifting cybercrime landscape has sent evolving threats careening into sectors that didn’t see them coming like today’s elevated nation-state cybercrime threats against SMBs. New threats are also emerging and racing to prominence more quickly than they have in the past. The sudden prominence of remote workforce security threats in 2020 is a great example of a new threat charging to the top spot in terms of relevance.
Reasons like these are why it is critical that companies bolster their cyber resilience and continue working to keep it high. The fast pace of threats and emerging cybercrime trends in today’s volatile world are clear indicators that organizations need to be ready for trouble from unexpected vectors as well as ready to pivot on a dime to face fresh threats. A hefty 67% of respondents in IBM’s Cyber Resilient Organization Study 2021 said that both the volume and severity of cybersecurity incidents that their organizations face has increased or significantly increased in the past 12 months. That clearly shows that cybercrime threats will only get worse and smart companies are preparing now to face tomorrow’s onslaught of danger.
Learn how to defeat terrifying cybersecurity monsters to keep systems & data safe in a dark world! READ IT IF YOU DARE!>>
Help Your Clients Prepare for Today’s and Tomorrrow’s Threats
A Strong Security Culture Rests on a Foundation of Knowledge
By making sure that all of your customers’ employees are security-savvy, you can reduce their risk of falling victim to a cyberattack while building the kind of strong security culture that keeps giving them security and compliance benefits down the road. BullPhish ID is the perfect vehicle to get the job done.
- Make learning fun with memorable, engaging video lessons that minimize tech jargon and address risks employees encounter every day.
- Choose from an ever-expanding library of videos including topics like ransomware, nation-state cybercrime, CMMC compliance, PCI-DSS and more with 4 new videos added per month.
- Deliver training automatically through personalized portals and follow up with quizzes that show who needs more help.
- Raise phishing awareness by running simulations using plug-and-play-kits or customize the content to fit every client’s unique needs.
Prevent Nasty Surprises from the Dark Web
Guard against unexpected credential compromise danger with the unmatched quality and value of Dark Web ID. Offer your clients and yourself the peace of mind of knowing that they can rely on the top dark web monitoring solution in the channel and a proven, tested security winner.
- Watch for trouble with 24/7/365 always-on human and machine monitoring and analysis of compromise data from multiple sources, like Dark Web markets, data dumps and forums, finds exposed credentials fast.
- The easy-to-use, automated monitoring platform deploys in minutes and gets to work immediately, with SaaS or API options available and no additional hardware or software to install.
- Leverage out of-the-box integrations with popular PSA platforms, for a fast, frictionless alerting and mitigation process.
- Get your hands on the single most effective prospecting tool you’ll ever use: immediate dark web search capability that uncovers your prospect’s exposed credentials in minutes (and knocks their socks off)!
Contact our security specialists for a demo of the solutions that make up the ID Agent Digital Risk Protection Platform right away. BOOK A DEMO>>
Don’t just take our word for it, see what these MSPs have to say: https://www.idagent.com/case-studies/
It’s a bird, it’s a plane, it’s your revenue rising into the stratosphere with 6 Power-Ups That Will Make You a Sales Superhero. GET IT>>
Mar 23: Dark Web Defence Guide #3 REGISTER NOW>>
Mar 24: Critical Components of a Profitable and Effective Security Awareness Program REGISTER NOW>>
Mar 24: MSP Happy Hour: Cyber Cosmo Edition REGISTER NOW>>Mar 30 – 31: Cybersecurity Expo REGISTER NOW>>
Apr 5: The 3 in 1 Secure Access Management Powerhouse REGISTER NOW>>
Apr 5: The Must-Haves for Your MSP’s Insider Risk Protection Strategy REGISTER NOW>>
Apr 6: GlueTalks: Sales & Marketing REGISTER NOW>>
Jun 20-23 – Connect IT Global in Las Vegas REGISTER NOW>>
Check for Vulnerabilities Now to Avoid Trouble Later
As we head into Q2, it’s a great time to review your security plan to make sure that you’ve got your house in order. Security is constantly evolving, and circumstances like increased risk from the ripple effects of the Russia/Ukraine conflict or supply chain danger could necessitate a few adjustments in your security plan.
This is especially important if you’ve just returned or are about to return to the office. The security adjustments that you made during the pandemic may need to be revisited to account for your people working in a different way, even if they’re only in the office a few days per week. Alternately, you may have decided to go full-time remote, which necessitates a review of security to ensure that you’ve got the right solutions in place for long-term remote security.
Making sure you have all the bases covered as you head into the busy spring and summer season (as well as vacation season) will help you avoid nasty surprises and be ready for the security challenges that are likely to be just around the corner in a dangerous world.
Do you have comments? Requests? News tips? Compliments? Complaints (or compliments)? We love to hear from our readers! Send a message to the editor.
ID Agent Partners: Feel free to reuse this post (in part or in its entirety) When you get a chance, email [email protected] to let us know how our content works for you!