Last week, a massive security breach leaks thousands of police records going back two decades, ransomware strikes again, and insider threats climb devastating business.
Security Breach Exposes Thousands
United States – Netsential
Exploit: Unauthorized Database Access
Netsential: Web Development Firm
Risk to Small Business: 1.272 = Extreme
A security breach at this Texas-based web development company led to the exposure of hundreds of thousands of potentially sensitive files from U.S. police departments. Dubbed “BlueLeaks”, this massive data breach contained 270 gigabytes of information going back 24 years, from August 1996 through June 19, 2020. Files contained names, email addresses, phone numbers, PDF documents, images, and video, CSV, and ZIP files related to criminal investigations. Some of these files also contained sensitive financial information as well as personally identifiable information and images of suspects from law enforcement and government agency reports.
Individual Risk: 1.405 = Extreme
While there is no estimation of how many individual records were exposed, anyone who suspects that their information may have been affected should monitor their personal and financial accounts for potential fraud and beware of spear-phishing attempts.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: One compromised credential can lead to a data breach that has a devastating impact on any business, destroying the trust that partners have in a company’s commitment to making and maintaining secure, high-quality software -especially when it’s intended to handle sensitive information.
Attackers Cause Outage
United States – SB Tech
SB Tech: Online Gambling Technology Provider
Risk to Small Business: 2.302 = Severe
In an SEC filing made as part of a three-way merger including Diamond Eagle Acquisition Corporation last week, DraftKings noted that SB Tech had been hit with a ransomware attack in March 2020 that caused an approximate one-week outage its online sports and casino betting capability. It also caused online betting sites that used the platform to suffer service outages. As a result, DEAC renegotiated the merger to include a $30 million fund to fend off future litigation and costs associated with the attack.
Individual Risk: No individual data were reported compromised
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: The results of a cyberattack aren’t just problematic immediately – they can affect future business transactions. While the attack did not stop this merger, it did add potential additional cost and could cause future partners to think twice.
Dark Web Data
Australia – BigWorld Technology
Exploit: Unauthorized Database Access
BigWorld Technology: Massively Multiplayer Online Game Developer
Risk to Small Business: 1.997 = Severe
Usernames, passwords, email addresses, phone numbers, and IP addresses belonging to players of popular adventure MMO Stalker Online recently appeared on the Dark Web. Game developer BigWorld Technology admits the passwords were stored in MD5, a known insecure secure encryption algorithm. Two databases were found on underground sites by cybersecurity researchers, one containing around 1.2 million records and another of 136,000 records. Bad actors had also set up a shop on Shoppy.gg hawking the data, which was operational for more than a month and has since been shut down.
Individual Risk: 2.215 = Severe
While no financial information was reported compromised in the breach, Stalker Online does involve microtransactions making account data compromise a risk. Players may also be at risk of identity theft and should reset their credentials immediately.
Customers Impacted: 1.3 million
How it Could Affect Your Customers’ Business: This breach was discovered by white hat actors outside the company. If they hadn’t reported it, who knows how long it would have been before affected users were informed of the potential risk. Failure to secure customer information is bad enough, but failure to even notice that a breach has occurred is devastating to customer confidence.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
In Other News:
Cybersecurity News Reports That Insider Threats Have Grown by 47%
Insider threats are a top cybersecurity risk for any company, and that risk is growing rapidly. Recently in the news, statistics from the Ponemon Institute report show that insider threats have climbed by 47% over the last two years. Whether they come from malicious sources or just simple human errors, insider threats have the potential to devastate a business.
Malicious insiders are finding it very profitable to sell data on the Dark Web, especially COVID-19 healthcare and research data. An expanding market for credentials tempts staffers into taking advantage of lucrative opportunities to sell their access credentials, especially if they’re highly privileged. Over 25% of cyber attacks caused by insider threats come from malicious insiders.
Unintentional insider threats are less ominous and more common. More than 60% of breaches caused by insider threats are caused by staffers who aren’t trying to damage the company – they just made a mistake. Unfortunately, that mistake can be the door to a data breach that results in your information hitting the Dark Web, plus and expensive and time-consuming recovery, sometimes with regulatory penalties topping it off.
For your clients, Learning how to define insider threats and having some examples of potential threat vectors to consider can help demonstrate why this is an issue that they should take seriously. Creating an effective defense against insider threats includes choosing a dynamic cybersecurity risk protection platform with multiple solutions that work together to mitigate the risk of a bad actor gaining access to systems and data.
Malicious insiders will almost always be looking for a way to profit off of the data or access that they’re selling, and they’re most likely to turn to the busy data markets on the Dark Web. With a solution like Dark Web ID, companies can find out fast if their data or credentials appear in Dark Web markets because of our 24/7/365 monitoring and analysis – empowering them to act to solve a problem before it becomes a catastrophe.
Fight back against insider threats to avoid data disasters.
A Note From Kobargo
Improving Passwords Improves Your Defenses From A Security Breach
One of the top concerns that many businesses have when making a cybersecurity plan is how to protect themselves from cybercriminals. But that’s not the right thing to have at the top of your cybersecurity checklist. More cybersecurity incidents like a data breach are caused by human error than anything else – and one of the worst errors that many staffers make is creating a terrible password. Weak passwords can put you in jeopardy of a security breach.
Bad, weak, cracked, or compromised passwords are the bread and butter of cybercrime. Login credentials are currency, especially for privileged users. The fastest, cheapest, and easiest way to immediately improve your cybersecurity is to teach and enforce good password hygiene, from creation to storage.
Using ID Agent provides several resources to help educate your users on making and storing secure passwords. ID Agent’s new eBook details some common mistakes that users make when creating passwords. We’ve provided an analysis of several of the biggest password pitfalls of 2020 in our blog.
Our Password Education Package provides great information about how to make stronger passwords including the whitepaper “Building Better Passwords” – and our Top 50 Worst Passwords List to see how yours stacks up.
Contact us for an expert analysis of how you can update your security plan to include solutions like Dark Web ID to mitigate the damage caused by bad passwords and maintain data security compliance to protect your company from threats at a price that doesn’t threaten your budget.