DATA BREACH, Cyber Alert Monday 04-01-2019

This week, a Dutch academic publisher is exposed, US sleep companies snooze on payment fraud, UK police face ransomware attack and Uber might be spying on us (again)…

Oregon Department of Human Services (DHS): State agency of Oregon.
Exploit: Employee phishing scam.
Risk to Small Business: Severe: Last Thursday, the Oregon DHS announced that it suffered a data breach after nine employees opened phishing emails and exposed their accounts to hackers. As a result, the social security and personal information of an undecided number of citizens could have been exposed. Along with having to inform the affected individuals, the state’s largest agency will be forced to upgrade security efforts and likely conduct cybersecurity training for employees.
Individual Risk: Moderate: The privacy breach could have included first and last names, addresses, DOBs, SSNs, and case numbers related to DHS programs. State residents should monitor their credit reports for possible payment fraud but will remain at risk.
Customers Impacted: To be determined
How it Could Affect Your Business: In the wake of numerous phishing attacks resulting in privacy breaches, organizations storing personal information must take notice and begin protecting individuals. Employee phishing scams are entirely preventable with proper cybersecurity training, which can effectively mitigate the risk of breach. The case and ROI for phishing security solutions becomes intuitive when we consider the potential damages and costs.
MyPillow and Amerisleep: Pillow and mattress companies in the US.
Exploit: Magecart attack on website checkout pages.
Risk to Small Business: Severe: After being targeted as early as 2017, both online retailers faced card skimming attacks. In this scheme, hackers will insert malicious code into website checkout pages and covertly swipe customer payment information. Although MyPillow discovered the first compromise almost immediately, it argued that the second attack did not result in the loss of information. On the other hand, Amerisleep has not responded to comments. Depending on what further investigations reveal, it is possible that the sleep companies will face hefty fines for their delay in responding as well as scrutiny from online shoppers.
Individual Risk:  Severe :As you can imagine, any information provided on a checkout page is up for grabs during a Magecart attack. This could include first and last names, addresses, credit card numbers, and more.
Customers Impacted: To be determined.
How it Could Affect Your Business: Most recent Magecart attacks such as those on British Airways and Newegg were targeted towards larger firms, but now hacking groups are shifting their focus to small businesses. Skimming schemes are especially dangerous since they can be hard to trace, yet able to extract valuable customer information. Once cybercriminals can get their hands on such data, they will move to the Dark Web to make profits or conduct payment fraud.
Canada-Natural Health Services: Largest referral network of medical cannabis users.
Exploit: Breach of medical records.
Risk to Small Business: Severe: Between December 4, 2018, and January 7, 2019, attackers gained access to the electronic medical records (EMR) system containing personal health information. The company was forced to notify its B2B clients, which could result in turnover and a degradation of trust.
Individual Risk: Severe: Exposed information included patient’s personal information, medical diagnoses, and referral data. At the same time, no patient prescriptions, credit card information, or SSNs were involved.
Customers Impacted: To be determined
How it Could Affect Your  Business: Organizations that store large amounts of personal data on behalf of B2B clients should be especially vigilant for cyber-attacks, given the amount of information at stake. In the event of such a breach, a security solution that employs a Dark Web monitoring tool can be crucial in determining if stolen information is trading hands between cybercriminals.
UK Police Federation: Organization that represents 119,000 police officers across England and Wales.
Exploit: Ransomware attack
Risk to Small Business: Severe: A ransomware attack hit computers at the federation’s Surrey headquarters on March 9, encrypting several databases and email systems. This led to a disruption in services, along with the deletion of all backup data. The organization will be forced to rebuild its systems and ensure that data was not compromised.
Individual Risk: Moderate Risk:  Currently there is no indication that data was extracted from their systems, but the attack has severely damaged the organization’s infrastructure.
Customers Impacted: Undisclosed
How it Could Affect Your  Business: The National Crime Agency is investigating the attack, but the police federation believes that it was not targeted specifically and was victim to a larger campaign. As the threat of ransomware continues to evolve, companies must avoid getting caught in the crosshairs by arming themselves with cybersecurity training and protocols.
Health Service Executive (HSE): National health service website.
Exploit: Unauthorized adtech.
Risk to Small Business: Severe: Webpage users are having their data “continuously and invisibly leaked to commercial actors,” including sensitive topics with health-related information. A study of adtech installed on public health service websites found that 73% of HSE landing pages contained ad trackers. Although organizations are not being held responsible for this type of data exposure, consumers are easily spooked. Because of the study and the looming threat of GDPR compliance fines, the HSE is in the process of redesigning its website.
Individual Risk: SevereCookies placed on the website could be used to infer sensitive information about user health information. These companies can build profiles and sell them to third-party marketers, insurers, credit raters, and more. Nevertheless, this news only brings mid-level risk since the companies involved are typically not malicious in nature.
Customers Impacted: To be determined.
How it Could Affect Your Business:  The business of leveraging customer data for precision marketing is coming under scrutiny, especially with the introduction of GDPR in Europe. As the public becomes more aware of how their data is being used, companies must adapt by implementing security solutions to protect their consumers.
Group of Italian Investors: Independent investors.
Exploit: Crypto fraud via social engineering.
Risk to Small Business: Severe: The Italian authorities recently arrested a computer expert who was able to exploit communication channels and false identities from the Dark Web to defraud crypto investors. The hacker posed as a representative of a reputable Swiss investment firm to earn the trust of the victims. Although no individual business faces risk, more crypto-related breaches may result in an eventual downturn in investments.
Individual Risk: Severe: Investors in the crypto market should be wary of such hacks, since crypto transactions are typically untraceable and irreversible. Nevertheless, personal and payment information is not at stake, so the individual risk of future breaches is not impacted.
Customers Impacted: Unknown.
How it Could Affect Your  Business: This incident is proof of how identities on the Dark Web can be leveraged by hackers to conduct payment fraud via social engineering. To stop such exploits from occurring in the first place, companies must protect employees and customers by investing in security solutions that can guard against phishing and privacy-related attacks.
Elsevier: Scholarly paper publisher and analytics company
Exploit: Server misconfiguration.
Risk to Small Business: Severe: Login credentials for users were exposed after the company’s servers were misconfigured, affecting students and teachers at universities across the world. Since it was a human error attack, Elsevier was able to secure the leaky server quickly and is issuing password reset links to users. Like other B2B breaches, such an exposure is certainly bad for business and can result in the loss of clientele.
Individual Risk: Moderate: User email addresses and passwords may have been compromised, which could jeopardize other accounts where the same passwords are used. Those affected should change their passwords across all accounts immediately.
Customers Impacted: To be determined
How it Could Affect Your Business: Organizational data can be leveraged by hackers and put up for sale on the Dark Web or used to conduct payment fraud. With the knowledge that cybercriminals are looking for targets with limited security controls and valuable data, small businesses need to work with security providers to protect themselves and their customers.
Uber: Transportation network company headquartered in San Francisco, California.
Exploit: Spyware.
Risk to Small Business: Severe: A rogue employee deployed a “secret spyware program” to help Uber get a competitive advantage against local businesses in Australian markets. Dubbed Surfcam, the software was developed in 2015 and scraped driver and vehicle data. The company spokesperson is denying any claims, but this is now the second time Surfcam has been mentioned after similar allegations were made in Singapore.
Individual Risk: Moderate: Although the spyware program is likely using rider data to optimize marketing efforts on behalf of Uber, it can have serious consequences for competitors and consumers in the long run. At the same time, users do not face immediate threat.
Customers Impacted: Unknown
How it Could Affect Your Business: The improper use of data is making headlines across the world, and companies must do everything they can to avoid being involved. The stewardship of personal and payment information should be at utmost importance for small businesses and can be accomplished by partnering with the right security solution.
Protect your business from a Data Breach. Contact Kobargo Technology Partners to schedule a free consultation today!



sign up for our newsletter

Be the first to hear about our services, collaborations and online exclusive content. Join the Kobargo Family email list!

    [md-form spacing="tight"]

    [md-text label="E-mail"]


    [md-submit style="outlined"]



    By submitting this form, you are consenting to receive marketing emails from Kobargo Technology Partners. You can revoke your consent to receive emails at any time by using the SafeUnsuscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact.