Please fill in the form below to subscribe to our blog

The Week in Breach News: 11/10/21 – 11/16/21

November 17, 2021

Hackers manage a shocking breach that leads to ATO at the FBI, beer production goes flat after a cyberattack at S.A. Damm, Robinhood takes a beating and welcome good news about business security spending creates new MSP opportunity.

Learn how to defeat terrifying cybersecurity monsters to keep systems & data safe in a dark world! READ IT IF YOU DARE!>>

Federal Bureau of Investigation (FBI)

Exploit: Account Takeover

 Federal Bureau of Investigation (FBI): Federal Government Agency 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.417= Severe

A shocking email security breach at the US Federal Bureau of Investigation (FBI) led to the takeover of a user account. The cybercriminals that accomplished the feat were able to use that compromised email account to send tens of thousands of fraudulent emails warning recipients of impending cyberattacks. Messages reached celebrities like Jay Z and journalists including investigative reporter Brian Krebs. The Bureau later confirmed that its Law Enforcement Enterprise Portal (LEEP) was compromised in a cyberattack Friday. FBI officials were quick to stress the fact that the malicious emails originated from an FBI-operated server that was solely dedicated to pushing notifications for LEEP and not part of the FBI’s corporate email service.

Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business: This incident shows that no organization is immune to a cyberattack, and even the best defenses can fail.

ID Agent to the Rescue: Building cyber resilience helps insulate organizations from trouble like this. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>> 

West Virginia Parkways Authority

Exploit: Ransomware

West Virginia Parkways Authority: State Government Agency 

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.822=Severe

A suspected ransomware attack snarled operations at the West Virginia Parkways Authority last Friday. Officials announced that a cyberattack had hit the agency’s internal computer systems, knocking out email, telephones, and various non-critical applications for several hours. According to the statement, no data was extracted or exposed in the incident which only impacted operational technology. Systems have since been restored and the incident is under investigation.

Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Using ransomware against infrastructure targets to shut down their operations has become much more common.

ID Agent to the Rescue: Learn more about how ransomware is evolving, what we predict that you’ll see next and how to protect your clients in Ransomware ExposedGET THIS EBOOK>>   


Exploit: Phishing (Vishing)

Robinhood: Financial Services Platform 

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.542=Extreme

Financial services platform Robinhood is in the news again after disclosing a data breach on 11/03. The company blamed the security incident on vishing. Threat actors obtained access to the organization’s customer support systems by obtaining systems access over the phone. This is the same technique that proved successful in the 2020 Twitter hack. According to reports, after accessing the data, the cybercriminals then demanded an extortion payment to keep the data safe. No word on the amount of this demand. The incident is under investigation.

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.312=Extreme

The company disclosed that it estimates a total of seven million users are apparently affected by this breach. Threat actors accessed email addresses for five million customers and a separate list of full names for two million customers. Robinhood says that the bad guys gained access to varying levels of user information including in-depth PII including full names, date of birth and zip code for around 310 users, and extensive records for a subset of 10 users.

Customers Impacted: Unknown

How It Could Affect Your Customers’ Business Vishing threats are popping up more frequently as cybercriminals look to vary their approach to obtaining credentials in unexpected ways.

ID Agent to the Rescue:  Help your clients build a powerful defense against today’s top cybersecurity threat, phishing, with the knowledge and threat intelligence you’ll gain in our eBook The Phish FilesDOWNLOAD IT>> 

Hewlett Packer Enterprise (HPE)

Exploit: Credential Compromise

Hewlett Packer Enterprise: Business Technology Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.615= Severe

Hewlett Packer Enterprise (HPE) just informed customers that use its Aruba networking unit that their information may have been exposed in a cyberattack on its Aruba Central cloud environment in late October. The company outlined the incident in a statement to the press “On 2 November, HPE discovered that an access key to data related to the network analytics and contact-tracing features of Aruba Central, our cloud-based network management and monitoring solution, was compromised and used by an external actor to access the environment over a period of 18 days between 9 and 27 October 2021.” HPE went on to specify that the data in question included “identifying device media access control (MAC) addresses, IP addresses, device operating systems type and hostnames, and user names for Wi-FI networks where authentication is used, as well as dates, times, and physical Wi-Fi access points (APs) to which devices connected.” The incident is under investigation

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Cybercriminals will do anything to obtain a legitimate user credential because it gives them the keys to the kingdom, enabling them to do massive damage quickly.

ID Agent to the Rescue: Make sure you’re protecting your client’s credentials with strong security. That starts with building strong passwords with our Build Better Passwords eBook. GET IT>>

Zero Trust security is the key to keeping your clients safe – and the cornerstone is access management. We can help. LEARN MORE>>

United Kingdom – Simplify Group

Exploit: Hacking

Simplify Group: Conveyancing & Property Services

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.512= Severe

UK property services giant Simplify Group has been experiencing a cyberattack that impacted operations at many of its divisions. The company operates brands like Premier Property Lawyers, My Home Move and DC Law. The outage was a spanner in the works for new and prospective homebuyers, including some that were mid-move, and they were quick to take to social media. Some systems have been restored and the incident is under investigation.

Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Operational disruption from a ransomware attack is just as likely as data theft and sometimes even more damaging.

ID Agent to the Rescue Build cyber resilience with the Security Awareness Champion’s Guide by explaining complex risks in a fun way that will be memorable to employees! DOWNLOAD IT>>

Spain – S.A. Damm

Exploit: Ransomware 

S.A. Damm: Brewing  

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.595 = Extreme

Operations went flat at Spanish brewer S.A. Damm after a ransomware attack crippled production. The company disclosed that the cyberattack hit the brewery on Tuesday night and for a few hours the plant in El Prat de Llobregat, which produces 7 million hectolitres of beer a year, was “entirely paralyzed”. Operations were partially restored quickly and the rest of the recovery is expected to be completed soon.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business Ransomware gangs have been stopping production in factories rather than stealing data in the hopes of scoring a quick ransom from desperate businesses.

ID Agent to the Rescue That email looks legit, right? Cybersecurity horrors lurk around every corner, lying in wait for unwary organizations. Learn how to defeat them in our new eBook Monsters of Cybersecurity. DOWNLOAD IT NOW>>

Dive into how to reduce your client’s risk of phishing fast with the tips in The Phish Files. DOWNLOAD NOW>>

1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.

nation-state federal hack phishing described by a man in a hoodie sillohuettes adgains a world map with "hacked" stamped on it

Are your clients really protected from cyberattacks? Our Cybersecurity Risk Protection checklist will tell you the truth! GET IT>>

Go Inside the Ink to Get the Inside Scoop on Cybercrime

Are you up to date on the latest news that can impact your business and your customers? Here’s a recap:

Kaseya Patch Tuesday: Patch notes & bug fixes for October 2021: SEE PATCH INFO>> 

Two New Infographics to Share for International Fraud Awareness Week and Computer Security Day

Celebrate International Fraud Awareness Week (11/14 – 11/20) by sending your clients this new infographic Can You Spot the Phishing Email that can help them sniff out the most common type of cyber fraud they’ll face. DOWNLOAD IT>>

National Computer Security Day is November 30. Grab the new Computer Security To-Do List infographic and give your clients a handy resource for building both strong security and a strong security culture. DOWNLOAD IT >>

Did You Miss…? Learn about modern cyber risk management with a cyber insurance expert! WATCH NOW>>

Get the cheat codes to defeat cybercrime in our eBook The Security Awareness Champions Guide GET IT NOW>>

Businesses Spending Boost Brings MSPs Opportunity 

Elevated Cybercrime Risk is Opening Up Wallets

Businesses around the world are still recovering from the impact and aftereffects of the global pandemic. A challenging economy isn’t helping matters either. Those conditions have made business leaders cautious, and that caution usually includes a tight grip on the purse strings. But recent increases in the frequency, severity and expense of cyberattacks along with clear examples of just how much damage a cyberattack can do has given business leaders pause, making them reconsider their spending attitudes – and that means that opportunities for profit are in the forecast for MSPs.  

Are you ready to slay the Monsters of Cybersecurity? This checklist tells you what you’ll need to succeed! GET CHECKLIST>>

A recent study by Balbix sets out some surprising but welcome findings about how businesses are considering their cybersecurity spending moving into 2021. Their researchers concluded that 80% of IT and security professionals plan to increase spending on their cybersecurity posture management over the next 12-18 months, an unexpected outcome in a time of economic uncertainty. Although a projected jump in spending is good news for MSPs, it’s worth taking a deeper look at why that spending might be increasing. What could be driving this attitude, and can MSPs expect to see it continue? 

Sky-High Cybercrime Rates Foster Fear 

It’s no secret that cybercrime is at an all-time high, growing quickly from last year’s record numbers and expanding exponentially in some sectors. Combined with widespread media attention in the wake of high-profile cyberattacks, business leaders know that they need to shut down every avenue of attack that they can to avoid the expense and damage of a cyberattack on their organization.  

Cybercrime Risk in 2021 By the Numbers 

Business leaders are also cognizant of the need to avoid the spotlight when it comes to cybersecurity. A major incident draws the scrutiny of regulators, government officials, consumers and business partners, creating lasting reputation damage. Researchers at Forbes Insight reported that 46% of organizations had suffered reputational damage as a result of a data breach and 19% of organizations suffered reputation and brand damage as a result of a third-party security breach. Consumer attitudes to a data breach aren’t much better. A recent survey by Arcserve, shows that 70% of consumers believe businesses aren’t doing enough to ensure cyber security. Nearly 2 out of every 3 consumers would likely avoid doing business with a business that had experienced a cyberattack in the past year.   

Zero Trust security is a piece of cake when you’re sure you’re giving access to the right people at the right levels. SEE HOW TO DO IT>>

Cybercrime Costs Are Exploding 

It goes without saying that cybercrime is expensive. In the 2021 IBM/Ponemon Annual Cost of a Data Breach Report, researchers noted a steep climb in the dollars and cents part of the price that companies pay if they experience a data breach, and it’s not happy news. The average cost of a breach in 2021 is estimated at $4.2 million per incident, the highest ever recorded in the 17 years of the study. Insurance against cybercrime risk is also growing significantly more expensive. Cyber insurance prices are rising accordingly,  up by 56% in the US and 35% in the UK.   

There’s a reason why an estimated 60% of businesses shutter after a cyberattack: cybercrime will explode a company’s budget for years, draining resources in every direction. A full picture of the cost of a data breach may not been seen for years. In fact, it can take more than two years for the dust to settle. Around 61% of the cost of a data breach is paid in the first year after impact, But the hits keep coming for two years or more. An estimated 24% of the cost of a data breach comes due in the 12 to 24 months following the incident. Just when you thought you’d taken care of everything, more costly surprises are in store. In fact. the bills for the final 15% of the cost of a data breach can arrive more than two years later – and that doesn’t include regulatory penalties

But cybercrime doesn’t just cost businesses money if they’re unfortunate enough to fall victim to a cyberattack. Cybercrime also leads to lost productivity. A Ponemon Institute study looked at the high price that businesses are paying for phishing even when it is unsuccessful. In an average-sized U.S. corporation of 9,567 people, the company can expect to lose 63,343 hours to phishing every year. How? Researchers determined that every employee wastes an average of 7 hours a year to phishing scamsCredential compromise also wastes a great deal of expensive time. Ponemon researchers determined estimate a total of 2,050 hours of tech time investigating and responding to one credential compromise incident, totaling 10,906 hours per year. Assuming an average annual rate of $63.50 for tech support, researchers determined that generated a total estimated annual cost of $692,531, an increase from $381,920 in 2015 ($62).   

phishing email imitating famous brands dangers represented by a cartoon hacker in a hoodie at a laptop with an eye mask on done in shades of blue, Batman style.

Is Your Password a Zero or a Hero? Learn the difference and how you can strengthen yours in Build Better Passwords. GET IT>>

 Too Many Tools & Too Few Answers 

Businesses are also spending too much money on technology that provides them with too few answers about their security posture and potential threats. Many businesses are just at sea when it comes to figuring out their risk, especially executives who tend to have the power of the purse. An estimated 25% of SMB owners admitted that they don’t even know where to start when it comes to securing their businesses. The tools that businesses are using to assess their defenses are likely a huge contributor to that problem. Here’s a shocker: almost 75% of respondents surveyed by Balbix are still using manual processes like spreadsheets to keep track of their security posture.  

For too many companies, boosting their security has meant buying new solutions as quickly as they can in the hope that one of them will be the magic bullet that they need to reduce their risk. Unfortunately, more solutions does not equate to more security, as many organizations are discovering. Experts estimate that 70% of businesses have more than ten security tools to manage that are supposed to help them analyze their security hygiene and posture. The IT professionals that manage those tools are simply overwhelmed. They say that only 22% of that abundance of tools is vital to primary security objectives, and almost half of the security tools that are available to them are just clutter. Only about 47% of existing IT security tools at an organization are even used daily.   

Unfortunately, this overabundance of tools does not equate to a commensurate increase in threat intelligence. IT teams are swamped with problems that their available tools aren’t solving. When looking at vulnerability management, researchers determined that 30% of IT professionals said they were having trouble keeping up with the volume of open vulnerabilities at their organization. A further 29% knew that security automation was beneficial, but they were unable to automate the process of vulnerability discovery, prioritization, dispatch to owner and mitigation with their current array of tools. Plus, 36% said that although they believe that cyber risk quantification is one of the most important security hygiene and posture management metrics, they’re unable to accurately measure it. 

We’re invested in your success! Learn about best-in-class marketing & sales support from Kaseya Powered Services. WATCH NOW>>

Areas of Opportunity 

All of these factors combine to create a challenging security landscape for businesses – and a wealth of opportunities for MSPs, especially those who are looking to build their security business. Businesses are well aware that they need to enhance their security. A report in Yahoo Finance disclosed that only a measly 27% of cybersecurity professionals feel the general state of business cybersecurity is “improving dramatically.” Researchers determined that when it comes to the way that business leaders are thinking about security right now, the outlook is pretty dismal. Only 3 in 10 are “completely satisfied” with their organization’s approach to cybersecurity. 

What are those IT professionals most worried about, and what are they looking at as areas of investment for their organizations? The concerns that are top of mind for survey respondents are the volume and variety of attacks, cited by 49% and 43% of respondents respectively. Other factors that IT professionals said had to be considered when developing and implementing new security policies or considering new security investment are privacy concerns (40%), greater reliance on data (38%) and quantifying security issues (34%). 

90% of MSPs have had clients hit with a ransomware attack in the last 12 months. Help your clients build stronger defenses with the insight in Ransomware Exposed! DOWNLOAD NOW>>

Give Your Clients Strong Security and a Great Value

Take advantage of this opportunity to expand your security business by offering your clients strong security at a great value. with the ID Agent digital risk protection platform. 

BullPhish ID  maximizes your client’s training spend by offering lessons on topics like phishing, compliance, password safety, security hygiene and more in one place. Plug-and-play complete training modules and phishing simulations are ready to rock or add value with customized content that reflects the unique industry risks that employees face daily.   

Dark Web ID  gives you and your clients superior real-time visibility into their credential compromise risks, with simple, clear reports that show real-time dark web risk. 24/7/365 always-on monitoring alerts IT teams fast when protected business and personal credentials, including domains, IP addresses and email addresses, appear on the dark web.

Passly reduces credential compromise risk and help clients move toward zero-trust security with this powerhouse identity and access management bargain. Essentials like multifactor authentication, single sign-on and secure shared password vaults make credentials more secure, and automated password resets will make everyone happy. 

See these solutions in action in short demonstration videos:  

Don’t just take our word for it. ID Agent solutions help MSPs drive revenue fast. Hear what our partners have to say about the benefits of teaming up with ID Agent: 

Don’t let cybercriminals put the brakes on your client’s race to success. Boost your cyber resilience to keep your engine running in any conditions. LEARN MORE>>

Nov 17: WEBINAR: Cybersecurity Attacks Demystified for MSPs REGISTER NOW>>

Nov 25: WEBINAR: Phish & Chips EMEA REGISTER NOW>>

Nov 30: Close More Deals! The MSP Recipe for Success REGISTER NOW>>

Dec 07: Connect IT Local: Atlanta REGISTER NOW>>

Dec 08-09: ASCII Success Summit: Anaheim REGISTER NOW>>

Dec 09: Connect IT M&A Symposium: Miami REGISTER NOW>>

dark web economy represented by the words dark web in white on a black background blurred like a faint tv transmission

Are you ready to take back control of cyberattack risk from the villains on the dark web? This webinar shows you where to start. WATCH NOW>>

 Better Insight Gives You Better Defense 

In today’s dangerous cybersecurity landscape, your business needs every advantage that it can get to stay a step ahead of the bad guys. One way to make sure of that is to ensure that you’re getting the best possible intelligence on what threatens your business in order to make sure that your defenses are ready for trouble. 

That means it’s essential that you get accurate threat management reporting from the solutions that you rely on every day. When you rely on a solution like Dark Web ID to measure your company’s current risk of credential exposure on the dark web, you’re not just getting a generalized report of what might be a problem. You’re getting a detailed report of what is a problem in real-time, letting you know exactly where you stand. 

Adding security solutions to your defensive build-out won’t help you gain threat intelligence. Experts estimate that many enterprises maintain 19 different security tools, with only 22% of such tools serving as vital to primary security objectives – and less than half of those are even used daily. Instead, choose solutions that give you comprehensive yet easy-to-read reports in order to get a real handle on your company’s risk.  

Do you have comments? Requests? News tips? Compliments? Complaints 9or compliments)? We love to hear from our readers! Send a message to the editor.

ID Agent Partners: Feel free to reuse this post (in part or in its entirety) When you get a chance, email [email protected] to let us know how our content works for you!

let us help secure you against passwords reuse with contact information and the ID Agent logo on grey.

Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!


Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>

See Graphus in action in an on-demand video demo WATCH NOW>>

Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!