Data Breach, Cyber Alert Monday 05-13-19

Cyber Alert:  Last week, software companies were put under siege by ransomware and a flaw in Google Chrome may lead to phishing scams.



Partners in Care: Healthcare provider based in Bend, Oregon
Exploit: Phishing Attack
Risk to Small Business: 1.777 = Severe: A phishing attack compromised an employee’s email account towards the end of 2018, providing hackers with access to patients’ health information between November 17 and December 12. After completing a manual email review, the company concluded that sensitive patient information was exposed during the breach.
Individual Risk: 2 = Severe: Although it is unclear how many records were compromised in the breach, hackers were able to access patients’ personal information including names, birth dates, medical records, and social security numbers. Patient records related to diagnosis, medications, and insurance details were also revealed. The organization notified those impacted by the breach and are encouraging them to monitor their account statements for suspicious activity.
Customers Impacted: Unknown
How it Could Affect Your Business: Companies managing sensitive healthcare information are expected to have mechanisms in place to protect their patients, so a preventable data breach is particularly egregious. While phishing scams are used to gain access to a company’s IT infrastructure, they can be prevented through training and monitoring tools.


Citrix: Multinational software company providing application and software services

Exploit: Password Spraying
Risk to Small Business: 2.333 = Severe: Hackers took advantage of weak employee passwords and gained entrance to the company’s network via password spraying. Once inside, they were able to access internal documents and information on former and current employees for about six months. The bad actors were expelled from the network, and the company took measures to improve the company’s password security.
Individual Risk: 2.248 = Severe:  As part of an ongoing investigation, it was revealed that financial information and social security numbers of employees were at risk, in addition to internal business assets. Even worse, the company also disclosed that hackers were able to view personal information of employees’ beneficiaries and dependents. Current and former employees are encouraged to sign up for identity protection services to monitor their credentials.
Customers Impacted: Unknown
How it Could Affect Your Business:  Recovering from a data breach that not only compromises employee information but also that of their dependents and beneficiaries can be an arduous process. Employees lose trust and goodwill in their employer, and it becomes difficult for them to discern the long-term consequences once personal data is accessed. Therefore, proactively providing identity monitoring services can go a long way in demonstrating a commitment to employees while mitigating security risks for the company as a whole.

Microsoft: Multinational technology company based in Redmond, Washington
Exploit: Account takeover attack
Risk to Small Business: 2.111 = Extreme: Hackers used many different maneuvers including brand impersonation, social engineering, and phishing scams to gain access to the email accounts of Office 365 users. Once inside, the cybercriminals implemented a variety of inbox rules to hide their behavior as they sent thousands of emails intended to facilitate spear phishing, BEC attacks, and malvertising campaigns.
Individual Risk: 2.284 = Severe: While hackers gained access to user email accounts, it appears that their primary purpose was to proliferate the scam by sending emails to unsuspecting recipients. However, users with compromised Office 365 accounts should immediately change their passwords while also being mindful of the potential for data misuse.
Customers Impacted: 4,000
How it Could Affect Your Business: Email account compromises are the center of many data breaches today, and it’s time that small businesses take notice. The good news is, securing employee and user accounts can be achieved by partnering up with the right cybersecurity training solution.

Docker Hub: Online platform for procuring container applications
Exploit: Unauthorized database access
Risk to Small Business: 1.777 = Severe: When an unauthorized third party breached Docker Hub’s database, they gained access to sensitive data including usernames, passwords, and other account features. Although the company immediately notified users of the attack, the hackers gained extensive system access, ultimately compromising nearly 200,000 accounts. Even worse, it’s possible that the software applications that users built on the platform could be impacted by the breach.
Individual Risk: 2.571 = Moderate: The organization insists that financial information was not accessed during the breach, but hackers did gain extensive information about Docker Hub customers. Anyone with a Docker Hub account should enroll in identity and financial monitoring services.
Customers Impacted: 190,000
How it Could Affect Your Business: Docker Hub is being scrutinized for avoiding the implementation of industry’s security best practices, such as two-factor authentication, which could have allowed them protect users from this breach. Small businesses operating in the B2B space need to ensure that they are doing everything possible to protect customer data by partnering up with MSPs with state-of-the-art cybersecurity technology.

St. Ambrose Cathalic Parish: Local Catholic Parish based in Brunswick, Ohio
Exploit: Fraudelent email scam
Risk to Small Business: 2.444 = Severe: Bad actors sent fraudulent emails on behalf of a construction company that was contracted to complete work on the church building. The emails claimed that the parish was two months behind on project payments and included instructions for wiring payment to an external bank account. To execute the fraud, hackers first gained access to the email accounts for the construction company, extending the cybersecurity event beyond just the church.
Individual Risk: 3 = Moderate: There is no indication that any personal information was compromised in this breach.
Customers Impacted: 1
How it Could Affect Your Business: As this episode demonstrates, email scams can be a convincing way to execute fraud, and companies need to educate their employees about the signs of deception while also equipping them with training in best practices to avoid being a victim of a cybercrime. Unfortunately, events like this are incredibly commonplace and can happen to anyone, but companies are still responsible for protecting their systems.

A Note From Kobargo:
E-retail theft is a lucrative business 
Traditionally, payment credentials stolen from brick-and-mortar stores were able to command a higher price on the Dark Web than card-not-present data (also known as CNP). However, it seems like the market dynamics have recently shifted, as this information is now being used to target online retailers.
Consequently, the demand for these credentials is far outpacing supply, driving up the price. The economics can be explained by the recent US migration towards chip-based payment cards, which offer a superior level of fraud protection for in-store purchases.
Such news has broad implications for both consumers and companies operating in today’s digital ecosystem. Security has to be a constant priority, since payment trends will give way to new threats, and tomorrow’s vulnerabilities will not be the same as those existing today. In order to keep a continuous pulse on your employee and customer data, consider partnering up with an MSP that implements proactive Dark Web monitoring.
Protect your business from a Data Breach. Contact Kobargo Technology Partners to schedule a free consultation today!



sign up for our newsletter

Be the first to hear about our services, collaborations and online exclusive content. Join the Kobargo Family email list!

    [md-form spacing="tight"]

    [md-text label="E-mail"]


    [md-submit style="outlined"]



    By submitting this form, you are consenting to receive marketing emails from Kobargo Technology Partners. You can revoke your consent to receive emails at any time by using the SafeUnsuscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact.