The Week in Breach News: 09/15/21 – 09/21/21
Misconfiguration woes at Microsoft lead to a data breach, cybercriminals go 4 for 4 in hitting the world’s biggest shipping lines with ransomware, software and technology developers take a beating and why new data will help you overcome client doubts and objections about the value of security awareness training.
90% of MSPs have had clients hit with a ransomware attack in the last 12 months. Help your clients build stronger defenses with the insight in Ransomware Exposed! DOWNLOAD NOW>>
Austin Cancer Centers
Exploit: Ransomware
Austin Cancer Centers: Specialty Medical Clinic System
Risk to Business: 1.623 = Severe
Austin (Texas) Cancer Centers are notifying 36,503 patients of a data breach that forced it to shut down its IT networks. The cancer treatment network, which has eight locations, discovered that hackers had deployed ransomware onto its systems. Cybersecurity experts determined that hackers had made the intrusion and remained invisible since late July 2021.
Individual Risk: 1.702 = Severe
Exposed information may include Social Security numbers, names, addresses, birthdates, credit card numbers and health-related information. For patients affected, Austin Cancer Centers offers online credit monitoring services and fraud insurance with coverage up to $1,000,000.
Customers Impacted: 36,503
How It Could Affect Your Customers’ Business: Data from medical centers is always a valuable commodity for cybercriminals because it can provide PII, financial information and other profitable tidbits.
ID Agent to the Rescue: Two in five ransomware victims in 2020 were SMBs. No business is safe from this menace. Help your clients mount a strong defense with the insight gained in Ransomware Exposed. GET THIS EBOOK>>
TTEC
https://krebsonsecurity.com/2021/09/customer-care-giant-ttec-hit-by-ransomware/
Exploit: Ransomware
TTEC: Customer Support Provider
Risk to Business: 2.636 = Moderate
TTEC, a growing customer support provider, has been hit with a suspected Ragnar Locker ransomware attack. The company handles customer support calls on behalf of an array of major companies including Bank of America, Best Buy, Credit Karma, Dish Network, Kaiser Permanente, USAA and Verizon. Around September 12, company data was encrypted and business activities at several facilities were temporarily disrupted. The incident is under investigation.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business Ransomware is always a disaster. Ragnar Locker operators recently threatened additional repercussions to companies that contact law enforcement officials after a successful attack.
ID Agent to the Rescue: Gamify cybersecurity and information safety to make it interesting. Our Security Awareness Champion’s Guide helps explain complex risks in a fun way! DOWNLOAD IT>>
Walgreen’s
https://www.vox.com/recode/22623871/walgreens-covid-test-site-data-vulnerability
Exploit: Misconfiguration
Walgreen’s: Drugstore Chain
Risk to Business: 1.336=Extreme
Vox reports that the personal data of patients that had a COVID-19 test at Walgreens was stored incorrectly and exposed to anyone who cared to view it. The data exposure potentially affects millions of people who used Walgreens’ COVID-19 testing services over the course of the pandemic. The exposure came to light after a security expert checked for test results for a family member and noticed the issue. discovered the issues in March after a family member got a COVID-19 test. The vulnerability has been around since at least March 2021 when the expert discovered it, but likely longer
Individual Risk: 1.217=Extreme
Patient personal data exposed include each patient’s name, date of birth, gender identity, phone number, address and email. In some cases, test results are also available.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business When a company fails to keep highly sensitive data like this safe, it’s going to give customers and partners pause. It’s also going to cost them a fortune in penalties once regulators get finished with them.
ID Agent to the Rescue: See how to transform employees into security assets to become the real secret weapon that successful organizations deploy to fight cybercrime! WATCH NOW>>
Epik
Exploit: Hacking
Epik: Webhosting
Risk to Business: 1.227 = Extreme
Legendary hacktivist group Anonymous has struck again, this time claiming to have snatched gigabytes of data from Epik, a domain name, hosting, and DNS service provider for a variety of right-wing sites including Texas GOP, Gab, Parler and 8chan including extremist groups. The hacktivist collective announced in a press release that the data set, which is over 180GB in size, contains a “decade’s worth of data from the company.” It has been released as a torrent. Members of the whistleblower site, Distributed Denial of Secrets (DDoSecrets), have also made the data set available via alternate means. The Ars Technica story on the incident, linked above, is absolutely worth reading and includes the press release as well as other actions by Anonymous in the same vein. The group perpetrated this hack as part of its Operation Jane campaign.
Individual Risk: 1.305 = Extreme
It is unclear to what extent this hack exposed personal information for owners of sites hosted by Epik or other personal or financial data. However, reports from experts who have viewed the data say that it is highly likely that Epik customers and users should expect that their data has been stolen.
UPDATE: More than 15 million email addresses and accompanying personal details from Epik users have been leaked online under the banner of Anonymous. Source: https://www.govinfosecurity.com/web-hoster-epiks-breach-exposes-15-million-email-addresses-a-17572
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business Experts who have seen the stolen data contend that Epik was negligent in its storage of PII and passwords, making the hack easier for Anonymous.
ID Agent to the Rescue: Building cyber resilience helps insulate organizations from trouble. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>>
Microsoft
Exploit: Misconfiguration
Microsoft: Software Developer
Risk to Business: 2.801 = Moderate
The personal information of hundreds of thousands of users of Microsoft’s EventBuilder has been exposed in a misconfiguration snafu. Researchers who discovered the leak say that the data was exposed through an improperly configured Azure blob and was available for an unknown length of time. The mistake was quickly fixed.
Individual Risk: 2.727 = Moderate
Personal data for event registrants including names, email addresses and job titles was exposed in more than one million CSV and JSON files of EventBuilder driven events hosted through Microsoft Teams.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Human error is still the biggest cause of a data breach and this is one mistake goes to show that applies to every business – even the big dogs can fumble once in a while.
ID Agent to the Rescue Security awareness training doesn’t just boost phishing resistance. It also teaches employees to be mindful of other security blunders with passwords, compliance and more. SEE WHY YOU NEED TO SELL IT>>
Use this checklist to be sure that you’ve found and mitigated every cyberattack risk that your client faces! DOWNLOAD IT>>
France – CMA CGM
https://splash247.com/cma-cgm-hit-by-another-cyber-attack/
Exploit: Ransomware
CMA CGM: Maritime Freight Carrier
Risk to Business: 2.819 = Moderate
French container shipping giant CMA CGM has been hit by another cyber-attack. The company was breached about a year ago as well. A spate of attacks against maritime shipping companies has led to breaches at all four of the major players – Maersk, MSC, Cosco and CMA CGM – in the last 12 months. CMA CGM said its IT teams have immediately developed and installed security patches.
Individual Risk: 2.878 = Moderate
The company revealed that customer data had been stolen in this attack including regular customers’ first and last names, employer, position, email addresses and phone numbers.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business By land, sea or air, shipping companies have been favored targets of cybercriminals since the start of the pandemic.
ID Agent to the Rescue Over 80% of organizations felt the sting of cybercrime in 2020. See what cybercriminals are shopping for to better predict what will happen next in The Global Year in Breach 2021. READ IT>>
Learn to defend castles from cybercriminal invaders in our How to Build Your Cybersecurity Fortress webinar! WATCH NOW>>
Japan – Olympus
https://portswigger.net/daily-swig/olympus-insists-medical-services-uninterrupted-by-malware-attack
Exploit: Malware
Olympus: Medical Technology Developer
Risk to Business: 1.802 = Severe
Japanese medical tech behemoth Olympus has disclosed a cyber-attack that prompted the shutdown of certain IT systems last week. The company announced that it had been hit with “an attempted malware attack affecting parts of our sales and manufacturing networks in EMEA (Europe, Middle East, and Africa).”
Individual Impact: Olympus contends that no data was stolen.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Malware attacks like this are becoming increasingly more common as cybercriminals look at encryption over theft as a quick way to mount a successful attack and score a payday.
ID Agent to the Rescue: Gain the knowledge and develop the skills needed to increase your confidence and your client’s faith in your expertise in cybersecurity in an insightful webinar. LEARN MORE>>
Get the cheat codes to defeat cybercrime in our eBook The Security Awareness Champions Guide GET IT NOW>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
The information that we publish about our featured breaches each week is accurate at press time. As we all know, cybersecurity events can have many twists and turns that are not immediately apparent. Don’t hesitate to reach out with tips or information about a breach that you think we should see: CONTACT THE NEWSROOM>>
Solve five of the most exhausting remote and hybrid security problems fast with this handy infographic! DOWNLOAD IT>>
Go Inside the Ink to Get the Inside Scoop on Cybercrime
Are you up to date on the latest news that can impact your business and your customers? Here’s a recap:
- Cryptocurrency Risk and 3 More Nasty Security Threats to Watch
- What is Ransomware & How Can You Stop It?
- Leveling Up Your Cyber Resilience is a Game-Changer
- 10 Cybersecurity Statistics That Can Help You Prevent a Data Breach
- Phishing Has Doubled US & UK Data Breaches (Plus Cyber Insurance Rates)
- The Week in Breach News: 09/08/21 – 09/14/21
Kaseya Patch Tuesday: NEW! Patch notes & bug fixes for September 2021 are up: SEE PATCH INFO>>
Resource Spotlight: Help Your Clients Create a Strong Defense Against Ransomware
As more businesses in more industries come under fire from ransomware groups, you and your clients may benefit from a refresher course in how it works and how to stop it.
Ransomware Exposed
Go deep into the heart of today’s ransomware landscape with the latest statistics. You’ll get a look at how ransomware gangs operate, who makes money and how they do it and new types of ransomware that may be coming to an inbox near you. Plus, benefit from defensive strategy tips and tools to protect your clients from ransomware attacks.
GET THIS BOOK>>
Ransomware 101
Our most popular eBook is the perfect resource to use yourself or share with customers to give anyone a solid grasp of the basics of ransomware. Cut through the hype to the core facts about today’s nastiest threat including how ransomware attacks hit a business, examples of the dangers that every company faces from this devastating cyberattack and how to secure systems and data.
READ THIS EBOOK>>
4 Ways to Safeguard Your Clients from Ransomware Attacks
ID Agent’s Amelia Paro and Miles Walker from Graphus bring you a webinar that gives you an edge in keeping your clients safe. Learn what you can do to make sure that every employee in your client’s business feels like an essential part of the security team as well as why dark web monitoring is a ransomware defense essential and the benefits of security automation.
WATCH THE WEBINAR>>
Did You Miss…? Enterprise & SMB clients: Get pricing info fast with our pricing calculator! TRY IT NOW>>
Protection from cybercrime danger is easy when you deploy your secret weapon: security-savvy employees! WATCH WEBINAR>>
Security Awareness Training Works to Fight Phishing
This Data Can Help You Sell More of It
Your customers’ employees are facing more complex, socially engineered threats than ever before, bringing things like ransomware and business email compromise right to their doorsteps Precipitate increases in every area of phishing-related cybercrime clearly show the danger that every business faces. It seems like triple-digit increases in phishing attack numbers and tales of ransomware horror all over the news would be enough to convince business owners that security awareness training is a necessity. But with budgets tight, it may be difficult for you to convince them that security awareness training is both a necessary expense and a strong long-term investment that can protect their businesses from phishing. Fresh data and some impressive new statistics might be exactly what you need to get the message across: security awareness training works.
Zero Trust security is the key to keeping your clients safe – and the cornerstone is access management. We can help. LEARN MORE>>
Understanding The Great Wall of Objections
Although cybersecurity mishaps can cost a business a pretty penny or even drive it out of operation permanently, as we recently reported, far too many business owners are content to keep their heads in the sand until the problem is at their doorstep – or in an employee’s inbox. Why? Massive overconfidence combined with a limited understanding of the danger that their businesses actually face from cybercrime. Many SMB owners think cybersecurity and cyberattacks are only problems for big companies and won’t impact them. An IBM report noted that 60% of SMB owners feel that their business will not face any kind of cybersecurity incidents in the next year, a dangerously incorrect assumption.
The most recent CNBC /Momentive Small Business Survey expands on that unfortunate conclusion, and the results were no less disturbing. Even with skyrocketing data breach increases, a stunning 56% of the SMB owners surveyed said they are “not very concerned” about being the victim of a cyberattack in the next 12 months, and among those, 24% said they were “not concerned at all.” Many also dismissed the seriousness of today’s biggest risks. The same survey discovered some even more disturbing findings. The SMB owners were generally quite confident (59%) that even if they were hit with a cyberattack, they’d quickly resolve it. Only 37% were “not very confident” and only 11% were “not confident at all.”
Employees are also overconfident, but not about whether or not their company will face a cyberattack this year. They’re overconfident in their ability to sniff out malicious messages – but they’re not confident in their colleagues’ acumen. In a cybersecurity threat awareness survey, 92% of employees said that they feel at least moderately confident in their ability to sniff out a scam email. But in the same survey, only 84% felt that their colleagues could do that too. That age-old assertion that only older workers click on suspicious messages doesn’t stand up to the test either — 60 % of surveyed employees in the 16-24 age group admitted to opening dodgy emails.
Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>
The Facts
If you’re looking for a data point to use in your next pitch or client newsletter to encourage them to take security awareness training programs seriously, these ready-to-cut-and-paste facts about the danger businesses face and the efficacy of security awareness training just might fit the bill.
- 85% of social engineering actions that lead to a data breach are done via email.
- 74% of IT managers said that their companies had been successfully phished in the last year
- 75% of organizations in the US were hit by a phishing attack that resulted in a data breach in 2020
- An estimated 55% of ransomware attacks now involve companies with fewer than 100 employees.
- 60% of companies go out of business within six months of experiencing a cyberattack
- 94% of malware including ransomware is delivered by email
- Business email compromise rose by 14% overall in 2020 and up to 80% in some sectors
- IT teams are facing a 64% year-over-year increase in ransomware threat volume
- Ransomware attacks are up by 150% in 2021 over record-breaking numbers in 2020
- 90% of incidents that end in a data breach start with a phishing email
One Successful Cyberattack is More Than Any Business Can Afford
The 2021 Ponemon Cost of Phishing Study helps shed light on some of the massive hits that companies can take to their revenue in the event of a successful phishing attack. The biggest takeaway from this report is the colossal increase in the cost of a phishing attack for businesses. Researchers say that the cost of phishing attacks has almost quadrupled over the past six years, with large US companies losing an average of $14.8 million annually (or $1,500 per employee) to phishing.
Phishing is the gateway to many more dangerous attacks that can cost your clients a fortune. Add a side of ransomware to that phishing and it ratchets up the expense dramatically. Ransomware losses in 2021 are already up more than 300% over the same period last year, beating 2020’s record-setting pace, But that’s not even in the same realm as the threat that’s 64 times worse than ransomware: Business Email Compromise (BEC). Analysts at the FBI’s Internet Crime Complaint Center (IC3). FBI cybercrime analysts determined that BEC schemes were the costliest cybercrime reported to IC3 in 2020, clocking in at 19,369 complaints with an adjusted loss of approximately $1.8 billion.
See how to fix staffing problems, fill security gaps and make more money fast with security automation. LEARN MORE>>
Security awareness training can also help businesses avoid an expensive phishing-related data breach – the most common kind. In a recent report, researchers discovered that just under 75% of organizations in the United States were hit by a successful phishing attack that resulted in a data breach in the last 12 months. To no one’s surprise, phishing continues to top the list as the undisputed king of data breach risks. The Verizon/Ponemon Institute Data Breach Investigations Report 2021 crowned phishing as the champion of causes of a data breach for the third year in a row, and that’s without including ransomware in the category anymore (it has become such a breakout star that ransomware has its own category now).
Need more ammunition to support the idea that phishing leads to a data breach that can cost your client a fortune? There’s no question that data breaches are growing more expensive and the increase in cost is nothing to sneeze at. IBM’s Cost of a Data Breach Report 2021 was dire in terms of dollars and cents when it comes to the cost of a data breach, climbing from 3.86 million in 2020 to $4.24 million in 2021 – the highest average total in the 17-year history of the report. That’s without accounting for the constantly rising regulatory penalties that businesses face around the world.
Is Your Password a Zero or a Hero? Learn the difference and how you can strengthen yours in Build Better Passwords. GET IT>>
Training Has an Impressive ROI
There’s no room for doubt that a cyberattack will clobber any business it hits. Training is essential for preventing employees from doing risky things, as many SMBs discovered when they suddenly went remote last year. But with a limited budget available for any IT concerns, how good of an investment is security awareness training? The ROI on security awareness training is also something that should attract a hard-to-convince client or prospect’s attention: On average, smaller organizations (under 1,000 employees) can enjoy an ROI of 69% from a training program. The ROI is even bigger for larger organizations (1,000+ employees) at 562%.
But businesses aren’t following through on keeping up with the refreshment of training that is needed to secure that ROI – more than half (55%) of organizations don’t provide awareness training on a frequent basis. Security awareness training isn’t a one-shot deal, as illustrated by research conducted by the Advanced Computing Systems Association (USENIX). In the study, employees received security awareness training focused on phishing identification. They were then asked to identify phishing emails at various intervals, ranging from 4-12 months after the training. The researchers learned that at 4 months after the initial training, employees were still easily able to spot phishing emails. After 6 months, though, employees began forgetting what they had learned.
Dive into a stream of new revenue with The Tools and Techniques for MSPs to Close More New Clients. WATCH NOW>>
Teaching Employees to Stop Phishing Reduces Risk Dramatically.
A recent report on ZDNet just detailed why teaching employees to detect email threats is a critical security tool. Cybersecurity researchers studied over 200,000 emails that were flagged as potential phishing messages by employees from organizations of an array of sizes worldwide in the first half of 2021. In the end, they found that 33% of the suspicious message reports that employees made could be classified as phishing. The employees submitted an average of 2.14 emails each during the period of the research. Researchers also estimate that employees at organizations with 1,000 seats report an estimated 116 emails per month.
Teaching employees what to look for pays off as well. The most common reason that the users in the survey gave for reporting emails was a suspicious link, which was cited in almost 60% of the cases, and closely followed by spotting incorrect or unexpected senders. Participants also took note of suspicious attachments. Some words and phrases set off alarm bells as well, especially when they involved poor spelling, grammar or usage. Subject lines that featured lures like “Warning”, “Your funds has” or “Message is for a trusted” were quick to drive employees to hit report. All in all, security awareness training makes employees significantly more likely to catch clues like these that an email might be dangerous – and that can be the difference between profit and tragedy for any business.
Go inside the world of hackers and see how it really works with these true tales of cybercrime undercover operations! WATCH NOW>>
How Can You Protect Your Clients?
BullPhish ID is the ideal solution to use for regular security awareness and phishing resistance training with all of your clients! This powerhouse solution packs everything needed to conduct efficient, effective security awareness training that gets the job done at an excellent value. You’ll enjoy:
- Affordable and scalable training that empowers your MSP to enhance your security stack
- An enhancement to your stack that enables you to realize ROI fast
- Smooth delivery of a superior customer experience that can be white-labeled from start to finish
- Automated campaign management capabilities make setting up and running campaigns a snap for your staff
- Training around the latest threats with new kits added monthly
- Simple, clear progress reports that help you quickly demonstrate the value of training
- See why you and your clients will love BullPhish ID in this video just for MSPs: https://youtu.be/_LAaXGWi-A4
It’s a dangerous world out there for all of your clients and your MSP. Connect with one of our solutions experts to see how the ID Agent digital risk protection platform will benefit you and your customers.
Help your clients stay off of cybercriminal hooks with the expert tips and strategies that we share to combat phishing in our webinar The Phish Files. LISTEN NOW>>
JUST ANNOUNCED: “Parks and Rec” Actor Nick Offerman is coming to Connect IT Global!
We have exciting news to share! Have you ever wanted to have a scotch with Ron Swanson? Who doesn’t? That’s why we’re thrilled to bring you the next best thing!
The legendary Nick Offerman, of Parks and Rec fame, will be kicking off Day 2 of our Connect IT Global with an act sure to leave you in stitches. Will he BBQ on stage? Will he whittle us a canoe out of a majestic piece of redwood? Who knows, but you have to be there to experience it!
We anticipate a sellout crowd and we want you to be in it! If you want your chance to see this legend in person
Choose from three ticket options:
- In-person tickets + training – $850
- Virtual tickets + training – $299
- Virtual ticket – $99
Act fast – our phenomenal rate on hotel rooms for this event ends 09/23 2021.
REGISTER NOW!
Want to Borrow Our Sales and Marketing Teams? OK!
Get expert sales and marketing help to power up your MSP in a flash with Powered Services Pro. LEARN MORE>>
Sep 22-23: ASCII Success Summit: NY/NJ REGISTER NOW>>
Sep 23-25: Big BIG REGISTER NOW>>
Sep 27: Your Cybersecurity Sales Secret Weapon REGISTER NOW>>
Sep 28: IT Security Certification Series: Digital Risk Master Class REGISTER NOW>>
Sep 28: Customer Spotlight with CloudTech 24 REGISTER NOW>>
Sep 28-29: Robin Robins Road Show: Dallas REGISTER NOW>>
Oct 05: Connect IT Local: San Francisco REGISTER NOW>>
Oct 06-07: CompTIA EMEA Member and Partner Conference REGISTER NOW>>
Oct 07: Connect IT Local: Seattle REGISTER NOW>>
Oct 13: DattoCon NOW REGISTER NOW>>
Oct 19-22: Connect IT in Las Vegas! REGISTER NOW>>
Oct 21-22 Robin Robins Roadshow: Newark REGISTER NOW>>
Oct 27-28: ASCII Success Summit: Orlando REGISTER NOW>>
Oct 28-29: Robin Robins Road Show: Chicago REGISTER NOW>>
Nov 02-03:Robin Robins Road Show: Las Vegas REGISTER NOW>>
Nov 02-03: ASCII Success Summit: Washington DC REGISTER NOW>>
Dec 07: Connect IT Local: Atlanta REGISTER NOW>>
Dec 08-09: ASCII Success Summit: Anaheim REGISTER NOW>>
Dec 09: Connect IT M&A Symposium: Miami REGISTER NOW>>
Go inside the world of hackers and see how it really works with these true tales of cybercrime undercover operations! WATCH NOW>>
It’s the Truth: Security Awareness Training Works
Everyone’s trying to control their spending these days as businesses start to climb back from the tumult caused by the global pandemic. As you start that climb you may be reviewing your budget to make sure that you’re not wasting money somewhere. But when you’re reviewing your expenditures, don’t put security awareness training on the chopping block – it could be the difference between life and death for your business.
Many business owners think cybersecurity and cyberattacks are only problems for big companies and won’t impact them. An IBM report noted that 60% of SMB owners feel that their business will not face any kind of cyberattack including threats like ransomware in the next year, a dangerously incorrect assumption. An estimated 55% of ransomware attacks now involve companies with fewer than 100 employees.
But with a limited budget, you’re certainly looking at the ROI on your business spending. So how good of an investment is security awareness training? It’s a very good investment with an impressive ROI. On average, smaller organizations (under 1,000 employees) can enjoy an ROI of 69% from a training program. The ROI is even bigger for larger organizations (1,000+ employees) at 562%.
The most important factor is this one: Businesses that conduct regular security awareness training are up to 70% less likely to have a cybersecurity incident. Beginning or revamping your training program is easy with an affordable, effective solution like BullPhish ID. By giving your employees training in the phishing threats that they actually face every day using customized content and other threats like ransomware and credential compromise, you can ensure that the smart money is on your business staying safe from cybercrime.
ID Agent Partners: Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Please send an email to [email protected] to let us know – we love to hear about how our content works for you!
We’d love to hear your story of security success with ID Agent. Contact our marketing/pr team to set up a meeting with our staff to tell the world about your experiences in our next case study! To learn more about how the ID Agent Digital Risk Protection Platform can secure your prosperity, book a personalized demo today.