Data Breaches, Cyber Alert Monday: Last week, malware infects POS systems of US fast-food chain, ransomware continues to impact local governments, and a phishing scam tricks Office 365 users.

LAST WEEK’S HACKS, ATTACKS, DATA BREACHES AND MORE…

Flipboard: News aggregator service and mobile app
Exploit: Unauthorized database access
Risk to Small Business: 2 = Severe: Hackers accessed a database containing users’ account information on two separate occasions during a span of nine months. The company notified law enforcement of the breach and hired a third-party investigative firm to audit their security standards and develop better standards for the future. However, this incident will inflict a significant black eye on their reputation, and the company will be required to spend time and money to secure their platform and restore trust.
Individual Risk: 2.571 = Moderate: It’s unclear if the hackers downloaded users’ personal information, but the hacked database includes user names, hashed and salted passwords, email addresses, and digital tokens associated with Google, Facebook, and Twitter accounts. Although Flipboard has reset all user passwords and disconnected or deleted all tokens, impacted individuals should be mindful that their credentials could be compromised. Flipboard users should be especially careful about using duplicate passwords on other services.
Customers Impacted: Unknown
How it Could Affect Your Business: Data breach incident responses are becoming increasingly commonplace. Apologies, investigations, and updates are typical responses from organizations, but they don’t have to become the norm. Extensive breaches similar to Flipboard’s should encourage companies to prioritize their cybersecurity initiatives and avoid breaches from occurring in the first place.

Checkers Drive-in Restaurants Inc.: Fast food chain operating in 28 states
Exploit: Malware
Individual Risk: 3 = Moderate: There is no indication that personal information was compromised as part of this breach.
Customers Impacted: Unknown
Risk to Small Business: 2 = Severe: Hackers successfully infected 102 of the company’s point-of-sale systems with malware that stole customers’ payment information. The restaurant chain has elicited the support of law enforcement authorities and third-party security experts to remove the corrupted software from their systems. They will now face the considerable costs of digital infrastructure repair and reputational costs that could discourage people from visiting their restaurants
Individual Risk: 2.285 = Severe: Attackers gained access to information stored on the credit or debit cards’ magnetic strips. This includes cardholder names, payment card numbers, verification codes, and expiration dates. This extensive payment information can quickly make its way to the Dark Web or be redeployed as a payment method on other websites. All customers should review their account statements for suspicious activity while also procuring credit monitoring services.
How it Could Affect Your Business: Any company reliant on point-of-sale exchanges with their customers must be especially vigilant about protecting the integrity of these systems. Not only is it incredibly costly to repair the technological infrastructure, but the cascading consequences of reputational damage can be even more profound. Companies can (and should) demonstrate their commitment to protecting their employees and customers by taking proactive measures to prevent future breaches.

City of Laredo: Local government organization serving Laredo, Texas
Exploit: Ransomware

Risk to Small Business: 2.111 = Severe: A ransomware virus encrypted the city’s document management system, requiring a total shutdown of the city’s computers. Fire, police, and utility and health departments were the first to be restored, but agencies were required to work offline while authorities cleared each individual computer and were forced to interrupt business processes.

Individual Risk: No personal or employee information was compromised in this attack.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks on local government and small businesses are on the rise, and everyone needs a response plan in place before an incident occurs. In this case, quick action prevented the virus from spreading deeper into the system, and the city’s ransomware insurance will help defer the costs of a breach. At the same time, many ransomware attacks are initiated by phishing scams, which means that every company should include training on cybersecurity best practices as a part of their ransomware preparedness plan.

People Inc.: New York’s largest non-profit organization providing services for seniors, families, and individuals with developmental disabilities

Exploit: Employee email account breach
Risk to Small Business: 1.555 = Severe: A compromised email account gave hackers access to an extensive amount of client and patient information. Security officials believe that a brute force attack exploited a weak employee password, and a simple password reset secured the account. However, it was later discovered that the company knew of the breach as early as February, which makes their recent acknowledgement of the incident especially alarming.

Individual Risk: 2 = Severe: The compromised email account included vast amounts of client and patient information. Names, addresses, social security numbers, financial data, medical information, health insurance information, and government IDs were all accessible to hackers. This information can quickly spread on the Dark Web, and clients or patients should be vigilant about acquiring identity and credit monitoring services as a precaution against credential misuse.

Customers Impacted: 1,000

How it Could Affect Your Business: This incident underscores the importance of cybersecurity best practices in any organization. A simple oversight gave hackers access to a single account, which compromised the information of 1,000 people. Every organization needs to prioritize training and oversight as a cybersecurity must-have. This data breach, like many others, was entirely preventable, and no organization wants to bear the financial and reputational burden of an avoidable oversight.

In Other News:

Stolen NSA Tool May Be Responsible for Rash of Ransomware Attacks 
Ransomware attacks on local governments have become alarmingly prevalent, and they may have an unlikely source – a cyber weapon developed by the U.S. National Security Agency (NSA). In 2017, the NSA lost control of one of its most impactful weapons, code-named EternalBlue, and it now lies in the hands of independent bad actors and state sponsored hackers.
The impact on local governments has been immense. While some cities refuse to pay the ransom, many are left with little choice but to pay up to restore access to their digital infrastructure. At the same time, the additional security costs have made it difficult for cash-strapped governments to combat the threat.
With so much on the line, a comprehensive ransomware response plan has never been more important. Since most ransomware originates as phishing scams sent to employee email accounts, this also means that proper training can be worth its weight in gold, or at least in Bitcoin.

A note from Kobargo:

Office 365 Users Targeted in Phishing Campaign 
Users of Microsoft’s popular Office 365 software might be the victims of the latest phishing campaign making its rounds online.
Some users are receiving notifications purporting to be from “Office 365 Team” notifying recipients of an “unusual volume of file deletion” on their accounts.
When recipients click on the “View alert details” link, a fake Microsoft login page appears that captures users’ login credentials. The attackers are using Azure, a popular hosting site that makes it more difficult to distinguish questionable URLs in a phishing attack.
For Microsoft users, login screens only derive from microsoft.com, live.com, microsoftonline.com, or outlook.com. The growing sophistication of these attacks makes it even more difficult for users to differentiate a phishing attack from a real message.
However, comprehensive training can stop phishing scams in their tracks by empowering customer and employees with cybersecurity training and awareness. Contact Kobargo Technology Partners to schedule a free consultation today!