The Week in Breach News: 07/07/21 – 07/13/21
Shopping platforms are on the hit list this week, learn the details of the RNC hack and let us show you the benefits of security automation for your customers and your team in dollars and cents.
We know that you’re interested in news about the Kaseya VSA security incident. Please refer to the official Kaseya information page for updates. https://www.kaseya.com/potential-attack-on-kaseya-vsa/
Northwestern Memorial HealthCare
Exploit: Third-Party Data Breach
Northwestern Memorial HealthCare: Hospital System
Risk to Business: 1.771= Severe
A data breach at a third-party provider, Elekta, has potentially exposed the private medical information of patients at Northwestern Memorial HealthCare (NMHC) providers. Unknown cybercriminals were able to access a database owned by Elekta, a company that provides a cloud-based platform that handles legally required cancer reporting to the State of Illinois. Those potentially affected are patients of Northwestern Medicine Central DuPage Hospital, Northwestern Medicine Delnor Community Hospital, Northwestern Medicine Huntley Hospital, Northwestern Medicine Kishwaukee Hospital, Northwestern Medicine Lake Forest Hospital, Northwestern Medicine McHenry Hospital, Northwestern Memorial Hospital, Northwestern Medicine Valley West Hospital and Northwestern Medicine Valley West Hospital.
Individual Risk: 1.603= Severe
The hospital system has announced that attackers made a copy of datasets, which include patient names, dates of birth, Social Security numbers, health insurance information, and medical record numbers. The database also contained clinical information related to cancer treatment, including medical histories, physician names, dates of service, treatment plans, diagnoses, and/or prescription information.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business: Proprietary data like this is cybercriminal gold. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.
ID Agent to the Rescue: Building a zero-trust framework is a popular and successful planning choice for a reason. Learn more about how it helps mitigate risks like stolen PII. SEE NOW>>
Morgan Stanley
Exploit: Third-Party Data Breach
Morgan Stanley: Financial Services Firm
Risk to Business: 2.216 = Severe
Morgan Stanley has reported a third-party data breach after attackers reportedly stole customer data by hacking into the Accellion FTA server of a third-party vendor. That vendor, Guidehouse, is a third-party vendor that provides account maintenance services to Morgan Stanley’s StockPlan Connect business. Guidehouse notified the investment banking company in May 2021 that attackers had accessed its Accellion FTA server. The Clop ransomware gang claimed responsibility for the original Accellion hack.
Risk to Individual: 2.462 = Severe
Morgan Stanley says that the information stolen in this incident does not include financial information but does include stock plan participants’ names, addresses (last known address), dates of birth, social security numbers and corporate/company names. The files stolen from Guidehouse’s FTA server did not contain password information or credentials that the threat actors could use to gain access to impacted Morgan Stanley customers’ financial accounts.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Ransomware can have ripple consequences that complicate response for everyone involved, creating unexpected risk.
ID Agent to the Rescue: Are you selling and delivering security awareness training to all of your clients? If not, let us show you how to get started in only 15 minutes! WATCH NOW>>
Republican National Committee (RNC)
Exploit: Nation-State Cybercrime
Republican National Committee (RNC): Political Organization
Risk to Business: 2.223=Severe
Russian-aligned nation-state cybercriminals hacked into the Republican National Committee last week. Initially dismissive of the hack, RNC officials ultimately admitted that their security had been breached. However, those officials attributed the hack to a data security incident at a subcontractor, Synnex. The RNC announced that they are working with experts at Microsoft to investigate this incident.
Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Reviewing potential avenues of risk can help you and your customers make a strong defensive plan.
ID Agent to the Rescue: Learn more about the factors that make it easy for employees to make mistakes and how you can mitigate them for a better staff. SEE THIS WEBINAR>>
GETTR
https://therecord.media/gettr-leaks-email-addresses-and-user-details-in-api-security-snafu/
Exploit: Hacking
GETTR: Social Media Platform
Risk to Business: 1.575 = Severe
A hacker has reported that they have breached GETTR, a new right-wing social media platform popular with personalities who have been banned from mainstream social media. The data was purportedly collected in two batches, on July 1 and July 5. According to copies of the leaked file and the leaker’s claims, the first batch of the stolen data was collected through scraping on July 1 and the second batch was obtained through endpoint exploitation. The sum of the data collected in both leaks is estimated at more than 90,065 user profiles.
Individual Risk: 1.502 = Severe
According to the hackers, the snatched data included information such as real names, profile descriptions, site usernames, along with other public information, but also non-public information such as a user’s email address, birth year, and location information.
Customers Impacted: 40,000
How it Could Affect Your Customers’ Business Strong endpoint security and security awareness training are vital for the success of security plans
ID Agent to the Rescue: Building a strong security culture is essential. Learn more about how to do it in a webinar full of tips from team-building experts! WATCH WEBINAR>>
Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>
Switzerland – Comparis
https://www.reuters.com/technology/ransomware-attack-hits-swiss-consumer-outlet-comparis-2021-07-09/
Exploit: Hacking
Comparis: Shopping Platform
Risk to Business: 1.302 = Extreme
Swiss online consumer outlet Comparis has disclosed a ransomware attack by filing a criminal complaint. The attack purportedly blocked some of the information technology systems, causing scattered disruptions for several days. Sister company Credaris, a financial services provider that uses the same server environment, may also have experienced unconfirmed malicious access to unspecified information. According to the hackers, the snatched data included information such as real names, profile descriptions, site usernames, along with other public information, but also non-public information such as a user’s email address, birth year, and location information.
Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Personal data is gold in dark web markets, and cybercriminals are hungry to find new stores of it to sell.
ID Agent to the Rescue Learn more about the economics of an incident like this and how the dollars and cents can rapidly shift to gain perspective on the complexity involved. LEARN MORE>>
Germany – Spreadshop
Exploit: Hacking
Spreadshop: Shopping Platform
Risk to Business: 1.919 = Severe
German merchandise platform Spreadshop has disclosed that on July 8th, 2021, it was the victim of a malicious cyberattack. The company confirmed that personal user data, including bank account details, were compromised. The platform is the commerce arm of a web of businesses that also includes Spreadshirt and TeamShirts.
Individual Risk: 2.271 = Severe
According to a statement from Spreadshop, the compromised data includes address and contractual data belonging to customers, partners, employees and external suppliers. Also affected are the payment details of a small number of customers who made payments to Spreadshirt, Spreadshop, or TeamShirts via bank transfer or who have received a refund via bank transfer.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: If client data was impacted, GDPR carries stiff penalties for customer data loss and those continue to climb.
ID Agent to the Rescue: Powered Services can help you remind your clients that important things like GDPR compliance shouldn’t be overlooked with high-quality plug-and-play sales and marketing tools. LEARN HOW>>
Want to Borrow Our Sales and Marketing Teams? OK!
Get expert sales and marketing help to power up your MSP in a flash with Powered Services Pro. LEARN MORE>>
India – Technisanct
https://ciso.economictimes.indiatimes.com/news/data-breach-in-trading-platform/83829525
Exploit: Hacking
Technisanct: Trading Platform
Risk to Business: 2.801 = Moderate
Big data startup Technisanct has disclosed a data breach in a trading platform that it operates in India. Information from over 3.4 million customers was compromised. The security breach was identified by Technisanct’s digital risk monitoring tool. Researchers have reported that the pilfered data was for sale in an online platform dedicated to these kinds of transactions, and some of the information was published on June 15.
Idividual Risk: 2.766 = Moderate
The company has disclosed that Personal Identifiable Information (PII) was exposed including name, customer ID, contact number, email ID, trade login ID, branch ID, city and country.
Customers Impacted: 3.4 million
How it Could Affect Your Customers’ Business: PII was the second most popular category of data in dark web markets last year according to the Verizon/Ponemon DBIR 2021 report.
ID Agent to the Rescue: Powered Services can help you remind your clients that security tools shouldn’t be overlooked with high-quality plug-and-play sales and marketing tools. LEARN HOW>>
Taiwan – Adata
Exploit: Ransomware
Adata: Computer Chip Maker
Risk to Business: 1.801 = Severe
The Ragnar Locker ransomware gang has announced that they’ve acquired more than 700GB of archived data stolen from Taiwanese memory and storage chip maker ADATA. A set of 13 archives, allegedly containing sensitive ADATA files, have been publicly available at a cloud-based storage service, at least for some time. According to reports, the largest archive is close to 300GB, and the second largest is 117GB and the archives likely contain corporate financial information, non-disclosure agreements and sales data.
Individual Impact: There has not yet been confirmation that consumer personal or financial information has been compromised in this incident but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: That’s a huge trove of data that will be very popular in hacker marketplaces and a pain for ADATA for years to come.
ID Agent to the Rescue: Improve every company’s defensive capability by increasing its cyber resilience. This eBook shows you where to start conversations about cyber resilience with your clients. DOWNLOAD NOW>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
Go Inside the Ink to Get the Inside Scoop on Cybercrime
Are you up to date on the latest news that can impact your business and your customers? Here’s a recap:
- 10 More Facts About Passwords That You’ll Want to See
- Companies Are Missing a Piece of the Security Puzzle
- 10 SMB Cybersecurity Statistics That Every Business Owner Needs to See
- Widespread Credential Exposure is the Fallout of the Massive LinkedIn Data Breach
- How Often Should Businesses Run Cybersecurity Awareness Training?
- The Week in Breach: 06/23/21 – 06/29/21
Prevent Password Problems with These Tools
Passwords are a continual pain for IT security teams. From constantly resetting them to dealing with vulnerabilities caused by poor password hygiene, password management is critical for creating a safe environment in a volatile risk landscape. These resources can help you guide your customers through password pitfalls to security success.
Build Better Passwords – Strong, well-crafted passwords are vital to keeping businesses safe. learn how to make them. DOWNLOAD NOW>>
Is This Your Password? – Show your clients how bad passwords are born with terrible password lists plus password fixes. DOWNLOAD NOW>>
Guarding the Gate – See why Passly is perfect for any business with affordable protection and robust features at a great price. WATCH WEBINAR>>
See how to grow your business with a new revenue stream in the time it takes to drink a cup of coffee. LEARN MORE>>
3 Reasons Why Security Automation Will Transform Your MSP
Automation is the buzzword in tech circles today, especially when it comes to security. That’s for a very good reason. Security automation gives businesses a big boost for a very small investment. It also gives MSPs ways to grow their businesses without expanding their payroll. Plus, the right automated solutions take care of many tasks that are irksome for both MSPs and customers automatically, removing burdens and adding extra peace of mind. All in all, it’s no wonder that security automation is on trend right now. You’ll think so too after you learn more from these three examples that clearly show why it’s the next big thing.
Background: What’s So Awesome About Automation?
Today’s tumultuous world economy is a rollercoaster ride for every business. Every department in most organizations is feeling the pinch of tightened budgets and everyone is trying to do more with less, including secure their systems and data. That’s why savvy businesses are looking toward security automation as the solution to compensate. They’re on the right track too – experts agree that security automation is the number one way to reduce a company’s attack surface.
It’s also a key factor in developing and improving cyber resilience. In fact, IBM reports that 84% of leading cyber-resilient organizations spend more than 20% of their IT budget on tools that facilitate use of artificial intelligence, machine learning or robotic process automation. That is ultimately money well spent if there’s an incident, because the same report notes that companies that have invested in security automation have a four-fold advantage in stopping a targeted cyberattack.
Did you catch all of the growth-focused MSP tips at MSP Growthfest? Listen to the recording now to be sure. LISTEN NOW>>
5 Essential Facts to Keep in Mind
In the IBM/Ponemon Institute Cost of a Data Breach 2020 Survey, the benefits of always-on AI technology in preventing and remediating breaches fast were clear:
- With fully deployed security automation, companies averaged 175 days to identify a breach and 59 days to contain it, for a total incident resolution time of 234 days.
- Without security automation, companies averaged 228 days to identify a breach and 80 days to contain it, for a total incident resolution time of 308 days.
- AI and security automation enabled organizations to respond to breaches nearly 30% faster than companies without those technologies deployed.
- A robust suite of AI and automated security solutions reduces the mean response time to a breach by 79%.
- 80% of leading organizations use security automation.
Automation Empowers Security Teams to Thrive
It’s indisputable that security automation packs big benefits for MSPs in terms of staffing and efficiency. It starts saving you money right off the top and continues to put cash in your pocket overtime. All in all, IBM notes that security automation can save more than 80% of the cost of manual security besides the array of benefits that it offers for your security team. For example, they’ll be much less stressed and much more productive when you reduce their alert volume with automated processes. More than 90% of business leaders say that automation is a must-have to manage large alert volumes with small IT teams.
One more important way that security automation juices up your security team is by acting as another set of hands without expanding the payroll. By freeing up personnel to do jobs that actually require human ingenuity instead of drudge work, security automation dramatically improves the performance of your SOC, increasing caseload capacity by 300% or more and enabling your skilled technicians to respond to a whopping 80% more call tickets.
Is your email domain protected against phishing? Are your customers? Find out now with the Graphus Domain Checker. CHECK NOW>>
Automation Affordably Improves Your Customers’ Security
Strong, smart security is the maxim of 2021 as the threat landscape continues to evolve and produce nasty surprises. Bringing automation into the conversation around security solutions allows you to demonstrate to your customers that your MSP is on the leading edge of providing top-tier security. An essential way to do that is to help your clients improve their cyber resilience – and 42% of companies in a cyber resilience survey cited security automation as a major factor in their success at improving their cybersecurity posture.
The benefits of automation really add up fast. Just by adding an automated phishing defense solution, your clients will immediately gain a 40% improvement in the number of threats spotted and stopped by their email security before they ever reach an employee inbox. Plus, they’ll have tools in place to reduce their incident response time and recovery expenses – security automation enabled organizations are a leap ahead of those that aren’t with a nearly 30% faster response time and savings of up to 50% of the cost of recovery.
Add to Your Team Without Adding to Your Payroll
Last week, we took a look at the ins and outs of the IT skills shortage. That’s a debilitating challenge that you can overcome through automation. You can only cultivate the number of customers that your staff can handle. Just under 70% of executives that were surveyed about the cost/benefit proposition of security automation said that AI and automation technology was crucial to them optimizing the value of their existing tools and personnel. it also makes you less likely to have to find new people to replace employees lost to burnout. Over 75% of those survey respondents said that adding AI maximized the efficiency of security staff while also increasing morale and decreasing turnover. Ultimately, an estimated 46% of IT professionals agree that AI and automation is the key to alleviating the IT skills shortage.
Adding automated security packs plenty of quality-of-life perks too. One immediate benefit that your clients and your security team will also love is automated password resets. On average, 20% to 50% of all IT help desk tickets each year are for password resets. That means that about a quarter to a half of what you’re paying for help desk staffing is solely going to pay for password resets. No IT staffer is going to be very happy chained to the password reset queue, which makes them more likely to jump ship and that’s the last thing any MSP needs. The number one reason that IT support staff quit is stress, and ballooning ticket volumes play a huge role in that calculation.
Automatically Better Security is Within Reach
Best of all, security automation isn’t even expensive for you or your clients. Now is the time to peruse your options for adding security automation to your offering. Let us help you choose solutions with awesome automation capability that you and your clients will love at a price that will make everyone smile.
Learn more about automated password resets as part of the amazing array of secure identity and access tools that you can deliver with Passly. CHECK PASSLY OUT>>
Learn more about automating your email security with the powerful protection of AI-powered Graphus and its patented algorithms. SEE THE POWER OF GRAPHUS>>
Contact an ID Agent expert today for a customized demo of the automation features that are built into our security solutions. SCHEDULE YOUR DEMO>>
Protection from cybercrime danger is easy when you deploy your secret weapon: security-savvy employees! WATCH WEBINAR>>
July 15 Robin Robins Producer’s Club REGISTER NOW>>
July 21 ASCII Success Summitt REGISTER NOW>>
July 27 Quarterly Product Update Webinar REGISTER NOW>>
July 29 4 Ways to Safeguard Your Clients from Ransomware Attacks REGISTER NOW>>
Get Stronger Defense Without Weakening Your Bottom Line, Automatically
Cybersecurity can be a bit of a rollercoaster ride, and 2021 is proving to be no exception. But just as the bad guys are planning new kinds of attacks, on the other side of the equation we’re innovating new security technologies to fight back – and this particular innovation is an absolute game-changer
Security automation has many benefits to offer for your business. An automated phishing defense solution will catch 40% more email threats than a conventional one or an old-fashioned SEG. Tired of filing password reset requests? Why not automate that process to accomplish the task instantly. Plus, automatic warnings for exposed credentials give you peace of mind.
Best of all, automated security technology isn’t expensive. Many modern solutions like Graohus automated email security and Passly for secure identity and access management have automated features baked right in. Strong, smart security can be automatic – and experts agree that security automation is the number one way to reduce a company’s attack surface. It’s time to put security automation to work for your business today.
ID Agent Partners: Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Please send an email to [email protected] to let us know – we love to hear about how our content works for you!
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!
Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>
See Graphus in action in an on-demand video demo WATCH NOW>>
Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!
We’d love to hear your story of security success with ID Agent. Contact our marketing/pr team to set up a meeting with our staff to tell the world about your experiences in our next case study! To learn more about how the ID Agent Digital Risk Protection Platform can secure your prosperity, book a personalized demo today.