Data Breach, Cyber Alert Monday 07-01-2019

Data Breach, Cyber Alert Monday: Last week, ransomware shuts down multiple U.S Healthcare Providers disrupting many services across the country..


NEO Urology: Healthcare provider for urology care services 

Exploit: Ransomware

Risk to Small Business: 1.666= Severe: Hackers gained access to NEO Urology’s network, encrypting the company’s files and disrupting many of their services. Employees were notified of the ransomware by a fax listing “” as a contact address for additional information. While their network was inaccessible, the practice reported operational losses of $30,000 – $50,000 per day, a significant sum that ultimately led them to pay the $75,000 ransom using Bitcoin. In this case, it was more affordable to pay the ransom than to experience the revenue losses that accompany an inaccessible network. Unfortunately, their willingness to pay could make them a target for additional attacks. 

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Every company needs a ransomware response plan that is both technological and philosophical. Many ransomware attacks originate through phishing scams or other malware, a maxim that underscores the importance of robust cyber-security initiatives. At the same time, developing adequate backup protocols can help companies avoid paying ransoms that neither guarantee a solution nor curtail bad actors from returning in the future.


Oregon Department of Human Service: State government agency supporting safety and health initiatives

Exploit: Phishing attack

Risk to Small Business: 1.444 = Extreme: When nine employees clicked on a phishing email, hackers gained access to their accounts, which collectively included more than two million emails containing personal information. The data breach occurred in January 2019, and it was first reported in March. However, the agency’s forensics investigation identified nearly twice as many impacted accounts as initially disclosed. Although phishing scams are entirely defensible, relying primarily on apathy and ignorance to trick unsuspecting recipients, the Oregon Department of Human Services is now responsible for providing 12 months of identity monitoring and recovery services as well as a $1 million insurance reimbursement policy to those who were impacted by the breach.

Individual Risk: 2 = Severe Risk: When hackers gained access to the employees’ email accounts, they received an incredible amount of personal information. This data could include names, addresses, birth dates, social security numbers, case numbers, personal health information, and other sensitive information. Oregon DHS is offering identity monitoring and recovery services to those impacted by the breach.

Customers Impacted: 645,000

How it Could Affect Your Business: Phishing attacks are on the rise, delivering malware that can cripple a company’s reputation and financial standing. Fortunately, they are also entirely defensible. With proper training, employees can be transformed into the strongest line of cyber-security defense, rather than an imminent liability. Given the high cost of a data breach, the relatively minor expense of a training program is an obvious solution for any organization.


ResiDex Software: Software provider for assisted-living, group facilities, and care-giving organizations

Exploit: Unauthorized network access

Risk to Small Business: 2.333 = Severe: When the software company was the victim of a ransomware attack on April 9th, it discovered unauthorized network access starting on April 2nd. ResiDex launched an IT forensics investigation, which determined that no company information was accessed in the attack. However, hackers could have gained access to the personal information of its clients. Not only will ResiDex have to bear the cost of updating its cyber-security standards, but the unquantifiable reputational damage will have continuing consequences as the company tries to attain new clients or maintain relationships with existing customers.

Individual Risk: 2 = Severe: Since ResiDex serves assisted-living, group facilities, and care-giving organizations, patients at these locations could have their information compromised in the breach. This could include names, social security numbers, and protected health information that was stored with the provider. The software company notified all impacted individuals, but this information can quickly spread on the Dark Web, and those impacted should attain proper identify and financial monitoring services to ensure that their information remains secure.

Customers Impacted: Unknown

How it Could Affect Your Business: When sensitive personal information is compromised in a data breach, companies have a responsibility to help their customers regain confidence in their data’s integrity. In addition to providing identity and financial monitoring services to those impacted, understanding if the exposed information is accessible on the Dark Web by hackers is a critical component of a strong breach response.


City of Riviera Beach: Ransomware

Exploit: Local government organization serving Riviera Beach, Florida

Risk to Small Business: 1.555 = Severe: When a single employee clicked on a malicious email link containing ransomware, the city’s entire computer network was encrypted by ransomware. The encryption prevented the city from using email, logging 911 calls, or even controlling their water utilities. After spending nearly $1 million on new IT infrastructure, the city ultimately decided to pay the ransom, which cost $600,000 in Bitcoin. The payment, which will come from the city’s insurance provider, became necessary when the city discovered that it didn’t have adequate backups to restore vital information to this equipment.

Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: No personal information was compromised in the breach.

In Other News:

Canadian Companies Unprepared for Cost and Consequences of a Data Breach 


Shred-it’s annual Data Protection Report, which evaluates the most prescient threats to data security, took aim at Canadian businesses and concluded that they have an overly optimistic outlook of today’s cyber-security landscape.

Consequently, many companies are not prepared to defend against a data breach, which could negatively impact revenue, employee, and customer retention.

The survey identified shifting consumer sentiments about data privacy and encouraged Canadian businesses to cater to the changing market dynamics by considering the reputational damage that accompanies a data breach along with other serious consequences.

Today, the stakes couldn’t be higher.

A single data breach can have devastating outcomes for companies of all sizes, and this year’s survey concluded that too many companies need to prioritize cyber-security as a critical component of overall business success. Partnering with us can patch holes in your cyber-security protocols while bolstering your defenses going forward!


A Note From Kobargo..

Three Billion Phishing Emails are Sent Every Day      Phishing attacks are wreaking havoc as they encourage unsuspecting recipients to hand over critical credentials that give hackers access to network infrastructure, personal financial accounts, and other important portals.


This type of cyber-security threat is ultimately the most defensible, since phishing attacks not only need to make it through email filters, but recipients have to directly act upon the message. Yet, they continue to inflict serious damage on small and medium businesses alike, becoming more common and complicated in today’s digital landscape.

According to a recent report, more than 3.4 billion phishing emails are sent each day, making it increasingly probable that an employee will accidentally engage with the message. This underscores the need for awareness and prevention training to disrupt these efforts. Given the high cost of recovering from a phishing attack, acquiring comprehensive training from trusted professionals (like us!) is a cost-effective way to equip your employees to defend against phishing attacks.


For More Info, Check Out Our Latest Video On Security Awareness Training, Available Today! 

Contact Kobargo Technology Partners to schedule a free consultation today!


The best online JS tools can be found at script beautifier, compressor, cheat sheet or just read the blog.

Read more
Data Breach, Cyber Alert Monday 06-24-2019

Data Breach, Cyber Alert Monday: Last week, cyber security breach hits the U.S. Customs and Border Protection Agency…



Emuparadise: Retro Gaming website

Exploit: Compromised password hashing algorithm.

Risk to Small Business: 1.555 = Severe: An outdated, compromised password hashing algorithm was exploited by hackers, causing user data to be compromised. Although the data breach took place on April 1, 2018, the damage was only recently revealed when accounts were provided to HavelBeenPwned. By failing to update their cybersecurity standards, Emuparadise will now face reputational erosion and incur significant costs associated with interrupted business processes and recovery.

Individual Risk: 2 = Severe: Emuparadise users can search HavelBeenPwned to view the status of their credentials. For those compromised, hackers gained access to email addresses, IP addresses, usernames, and passwords. Impacted individuals should be mindful that their credentials could be compromised, and they should be especially careful about using duplicate passwords on other services.

Customers Impacted: 1,131,229

How it Could Affect Your Business: A data breach predicated on outdated security standards is an unnecessary and self-inflicted wound that is entirely avoidable. Instead, every organization should routinely evaluate their cybersecurity standards, ensuring that they reflect industry standard best practices.


Lake City, FL: Ransomware

Exploit: Local government organization serving Lake City, Florida

Risk to Small Business: 2 = Severe: A malware attack delivered “triple threat” ransomware that targeted the city’s network systems, rendering many city services inaccessible. Although emergency services such as police and fire are operational, city email accounts, land-line phones, and credit card services were disabled. In the meantime, the city has been forced to write bills, receipts, and other services by hand. It’s a reminder that ransomware attacks are uniquely dangerous because they not only cost money to repair, but those impacted run the risk of disrupting business processes or losing valuable data.

Individual Risk: 3 = Moderate Risk: City officials believe that personal data, including online payment information, was not compromised in the breach. However, residents should monitor their accounts for suspicious activity.

Customers Impacted: Unknown

How it Could Affect Your Business: Local governments are a top target for hackers, and ransomware is becoming a commonly deployed method for extorting valuable city resources away from citizens. Therefore, every local government needs a comprehensive ransomware response plan before an incident occurs. Ransomware attacks are often initiated by phishing scams, signaling the importance of cybersecurity awareness and training at the front line.


United States Customs and Border Protection: Law enforcement agency operating under the authority of the Department of Homeland Security.


Exploit: Malicious cyber-attack

Risk to Small Business: 1.777 = Severe: A subcontractor violated the department’s policy and transferred copies of license plate and traveler images to their network where they were stolen in a malicious cyber-attack. In response, the agency is monitoring the Dark Web for evidence of this data, and they are reevaluating their cyber-security and privacy standards. Of course, these initiatives are simpler and more palatable when they are done proactively, rather than after an incident occurs. Consequently, the agency will now have to endure increased governmental oversight and media scrutiny.

Individual Risk: 2.428 = Severe: The stolen data included license plate and travel images from certain lanes at a particular border crossing. The agency isn’t providing any more specific information at this time, noting that it processes more than a million border crossings each day. However, they did indicate that no passport or other travel information was compromised in the breach.

Customers Impacted: 100,000

How it Could Affect Your Business: When sensitive personal information is compromised in a data breach, organizations have a responsibility to help those impacted recover from the incident. These responses vary significantly, but they should foundationally include understanding what happens to personal information after its stolen. Personal data can be quickly bought and sold on the Dark Web, so monitoring this environment is a staple of any comprehensive response that can begin restoring the organization’s reputation and protecting those that are affected.


Auburn Food Bank: Ransomware

Exploit: Charitable organization providing free food to families and individuals

Risk to Small Business: 2.111 = Severe: A ransomware attack struck the non-profit, charitable organization, encrypting all but one of its computers. This particular ransomware, GlobalImposter 2.0, cannot be decrypted, and victims must contact the hackers to negotiate a ransom. However, Auburn Food Bank is refusing to negotiate. Instead, they are seeking donations to replace their technology, which is roughly equal to the ransom demands.

Individual Risk: 3 = Moderate Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks are frequently initiated through phishing emails, but this incident occurred at 2:00 A.M., when no employees were in the office. Keeping in mind that such threats can arrive at any time and any place, organizations must prepare a response plan proactively and continuously evaluate their cybersecurity posture.


Evite: Unauthorized system access

Exploit: Social planning and e-invitation service

Risk to Small Business: 1.888 = Severe Risk: Hackers were able to access Evite’s network, which allowed them to download an inactive data storage file that contained the personal information of millions of their customers. Despite being notified of the breach on April 15th, the company is only now acknowledging the breach. Their slow response time and lax security standards will now require them to incur the fees of third-party cybersecurity analysts as well as cascading reputational costs that are difficult to quantify and even more challenging to repair. In the meantime, the company is encouraging users to reset their passwords, a modest first step for such a traumatic incident.

Individual Risk: 2.428 = Severe Risk: The compromised information could include names, usernames, email addresses, dates of birth, phone numbers, and mailing addresses. Fortunately, social security numbers and financial data were not included as part of the breach. However, since this information was already discovered on the Dark Web, those impacted by the breach should immediately attain credit and identity monitoring services to secure their credentials.

Customers Impacted: 1,000,000

How it Could Affect Your Business: When organizations are compromised in a data breach, their response becomes a critical metric in restoring their users’ trust. In this case, the company was slow to respond to the breach, delaying their messaging by several months. When exposed information makes its way to the Dark Web, timing is of the essence, and understanding what happens to the information accessed in the data breach can provide employees or customers with confidence in the integrity of their personal information or credentials. Partnering with an MSP can provide the insight necessary to achieve this.

In Other News:

Australian Universities at Significant Risk of a Cyber Attack   A recent audit of the IT environment for Australia’s universities found repeated failures to address identified weaknesses in their IT systems, making them especially susceptible to cyber attacks. Focused on just 10 universities, the audit identified one university…      

A Note From Kobargo..

Cyber Criminals Are Getting More Clever.. Security Awareness Training For Your Employees is Critical…     Security-minded internet users often look for certain signs – like the padlock accompany a web address or the “https” designation – to identify websites that are safe and secure. Those hallmarks of internet integrity are not as sure as they once were…     Read more

For More Information, Follow Us For A New Video On Security Training Awareness! Coming Soon

Contact Kobargo Technology Partners to schedule a free consultation today!


The best online JS tools can be found at script beautifier, compressor, cheat sheet or just read the blog.

Read more
Data Breach, Cyber Alert Monday 06-17-2019

Data Breach, Cyber Alert Monday: Last week, medical information continued to be an easy target for hackers and phishing scams became increasingly difficult to defend.


Broome County: Local government in the Binghamton, New York metropolitan area

Exploit: Credential harvesting phishing email

Risk to Small Business: 2 = Severe: A phishing email compromised the email and PeopleSoft accounts of several county employees, ultimately exposing sensitive personal information and impacting the county’s payroll system. The county became aware of the breach on January 2nd, when hackers attempted to change an employee’s direct deposit information. In this case, a simple security vulnerability now requires the county to absorb the costs of post-breach management, a fee that is considerably higher than proactively training employees and implementing safeguards. Such a recommendation seems like a no-brainer, especially when analyzing the modest budgets of many local government systems.
Individual Risk: 2.571 = Moderate: The breach compromised data from 13 different agencies and third-party affiliates, including names, dates of birth, contact details, social security numbers, financial information, credit card information, medical record numbers, patient identification numbers, diagnosis and treatment, and health insurance credentials. Anyone affiliated with the impacted departments should immediately seek identity and credit monitoring services. Moreover, since the hackers attempted to alter an employee’s direct deposit information, those impacted should monitor their records for abnormalities.
Customers Impacted: Unknown
How it Could Affect Your Business: Phishing scams are quickly becoming normative for local governments and SMBs. In this case, a single phishing scam had cascading consequences for a local government, which is now tasked with repairing its technological infrastructure while undergoing the arduous process of restoring the constituents’ confidence in their data stewardship. Since phishing scams are entirely preventable, partnering with a third-party training solution is a veritable must-have in today’s digital environment.

Quest Diagnostics: Clinical laboratory company with operations in the United States, the United Kingdom, Mexico, and Brazil.

Exploit: Unauthorized network access

Risk to Small Business: 1.556 = Severe: A collection firm partnering with Quest Diagnostics encountered a data breach that directly impacted nearly 12 million of the lab’s patients. In response, Quest is partnering with a third-party cybersecurity organization to ensure proper breach notification standards are followed. Even though the event precipitated at a separate organization, Quest Diagnostics will bear the financial and reputational burden of a data breach that has compromised the most sensitive information in people’s lives: the type that is related to their health.

Individual Risk: 2.286 = Severe: The scope of this incident is astounding, and it includes patient information, financial data, social security numbers, along with other medical data. While test results were not included in the breach, this extensive trove of valuable information can quickly make its way to the Dark Web, and those impacted by the breach should attain the services necessary to know what happens to their information after it’s compromised
Customers Impacted: 11.9 million

How it Could Affect Your Business: Caring for customers in the wake of a data breach should be any company’s top priority. Although Quest Diagnostics is working diligently to notify those impacted by the breach, much more is required to adequately make reparations. Since sensitive personal information has a significant market on the Dark Web, providing services to help customers understand what happens to their data is an excellent place to start.

Lewes Board of Public Works: Public works department in Lewes, Delaware
Exploit: Software vulnerability

Risk to Small Business:  1.666 = Severe: The Department of Homeland Security notified the Lewes Board of Public Works that a software vulnerability allowed hackers to copy customer information from their network. The board responded by isolating their customer information system and developing improvements to prevent a similar attack in the future. It’s unclear why the board’s own cybersecurity apparatus didn’t identify the threat, requiring a federal agency to intervene and communicate knowledge of the breach. Now, the board is faced with repairing its reputation while ensuring that their customers can successfully protect their personal data and financial information.

Individual Risk: 2.429 = Severe: Hackers gained access to customers’ personal information including their names, email addresses, payment card information, bank account details, account numbers, and more. Those impacted by the breach are encouraged to monitor their credit card and banking statements for possible misuse and to reset their account passwords.

Customers Impacted: Unknown

How it Could Affect Your Business: Customers shouldn’t be expected to navigate a data breach on their own. Despite their public communication, the Lewes Board of Public Works hasn’t offered any services to support customers impacted by the breach. By providing adequate assistance or showing initiative through awareness and training, companies can ensure that their customers can recover from a breach. In a world that is becoming increasingly cyber-vigilant, this can have the dual benefit of restoring brand reputation and trust in the wake of a cybersecurity incident.

Opko Health: Medical testing company focused on diagnostics and pharmaceuticals

Exploit: Unauthorized network access
Risk to Small Business: 1.666 = Severe:: A data breach at the company’s former collections vendor has compromised personal information for hundreds of thousands of the company’s customers. The lab recently switched its collections services to another provider and requested that the compromised collections agency stop pursuing requests on its customers. Despite the fact that the breach originated with a third-party provider, Opko Health is now responsible for restoring order and supporting their customers in the aftermath of the breach

Individual Risk: 2.288 = Severe: This particular incident is incredible in its scope and duration. Unauthorized activity occurred between August 1, 2018 and March 30, 2019, and hackers gained access to customers’ names, credit card numbers, bank account information, email addresses, addresses, phone numbers, and account information.

Customers Impacted: 422,600

How it Could Affect Your Business: Even when data breaches don’t originate on-site, a holistic response plan is critical. Not only do companies need to reevaluate the cybersecurity priorities of their trusted partners, but they must train their employees to avoid such an incident from ever occurring. Working with a qualified MSP that leverages identity monitoring solutions can help mitigate the damage of a data breach.

In Other News:

Phishing Scams Are Getting More Sophisticated 
Phishing scams, already a significant headache for companies of all sizes, are becoming more complicated. A recent study found that nearly half of all phishing attacks are polymorphic, meaning that they can implement slight but significant changes to multichannel formats and become more difficult to detect or prevent.
For instance, polymorphic phishing scams will use different email addresses, content, subject lines, sender names, or other features. Therefore, recipients are forced to fend off various versions of the same attack.
Phishing scams, which are frequently used to deliver malicious malware and ransomware, rely on users’ ambivalence to be successful, and they are defendable with proper training and preparation like Kobargo Technology Partners training. With polymorphic phishing scams on the rise, yesterday’s technical safeguards are being bypassed through sophistication, and the importance of cybersecurity awareness continues to grow in magnitude.

A note from Kobargo:

Unpatched Vulnerabilities Are a Top Threat 
Today’s cybersecurity landscape is incredibly daunting, and IT administrators have a tough job on their hands. One of their most significant tasks, according to a recent study, is patching security vulnerabilities and getting their employees to update their software.
Different organizations take unique approaches to this problem, including scanning for vulnerabilities, running simulations, and collaborating with MSPs to identify and solve for possible pain points, but the challenge is ubiquitous throughout all sectors and among companies of all sizes.
Taken together, more than 1/4 of organizations endured a data breach because of an unpatched vulnerability, highlighting their need for technical support in this area.
To put it simply, it’s challenging enough to account for the multifaceted cybersecurity challenges facing organizations every day; don’t let solved problems be the reason for failure. Get the support you need from trusted MSPs to ensure that your defensive posture is as strong as possible.
Contact Kobargo Technology Partners to schedule a free consultation today!

Read more
Data Breaches, Cyber Alert Monday 06-10-19

Data Breaches, Cyber Alert Monday: Last week, malware infects POS systems of US fast-food chain, ransomware continues to impact local governments, and a phishing scam tricks Office 365 users.


Flipboard: News aggregator service and mobile app
Exploit: Unauthorized database access
Risk to Small Business: 2 = Severe: Hackers accessed a database containing users’ account information on two separate occasions during a span of nine months. The company notified law enforcement of the breach and hired a third-party investigative firm to audit their security standards and develop better standards for the future. However, this incident will inflict a significant black eye on their reputation, and the company will be required to spend time and money to secure their platform and restore trust.
Individual Risk: 2.571 = Moderate: It’s unclear if the hackers downloaded users’ personal information, but the hacked database includes user names, hashed and salted passwords, email addresses, and digital tokens associated with Google, Facebook, and Twitter accounts. Although Flipboard has reset all user passwords and disconnected or deleted all tokens, impacted individuals should be mindful that their credentials could be compromised. Flipboard users should be especially careful about using duplicate passwords on other services.
Customers Impacted: Unknown
How it Could Affect Your Business: Data breach incident responses are becoming increasingly commonplace. Apologies, investigations, and updates are typical responses from organizations, but they don’t have to become the norm. Extensive breaches similar to Flipboard’s should encourage companies to prioritize their cybersecurity initiatives and avoid breaches from occurring in the first place.

Checkers Drive-in Restaurants Inc.: Fast food chain operating in 28 states
Exploit: Malware
Individual Risk: 3 = Moderate: There is no indication that personal information was compromised as part of this breach.
Customers Impacted: Unknown
Risk to Small Business: 2 = Severe: Hackers successfully infected 102 of the company’s point-of-sale systems with malware that stole customers’ payment information. The restaurant chain has elicited the support of law enforcement authorities and third-party security experts to remove the corrupted software from their systems. They will now face the considerable costs of digital infrastructure repair and reputational costs that could discourage people from visiting their restaurants
Individual Risk: 2.285 = Severe: Attackers gained access to information stored on the credit or debit cards’ magnetic strips. This includes cardholder names, payment card numbers, verification codes, and expiration dates. This extensive payment information can quickly make its way to the Dark Web or be redeployed as a payment method on other websites. All customers should review their account statements for suspicious activity while also procuring credit monitoring services.
How it Could Affect Your Business: Any company reliant on point-of-sale exchanges with their customers must be especially vigilant about protecting the integrity of these systems. Not only is it incredibly costly to repair the technological infrastructure, but the cascading consequences of reputational damage can be even more profound. Companies can (and should) demonstrate their commitment to protecting their employees and customers by taking proactive measures to prevent future breaches.

City of Laredo: Local government organization serving Laredo, Texas
Exploit: Ransomware

Risk to Small Business: 2.111 = Severe: A ransomware virus encrypted the city’s document management system, requiring a total shutdown of the city’s computers. Fire, police, and utility and health departments were the first to be restored, but agencies were required to work offline while authorities cleared each individual computer and were forced to interrupt business processes.

Individual Risk: No personal or employee information was compromised in this attack.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks on local government and small businesses are on the rise, and everyone needs a response plan in place before an incident occurs. In this case, quick action prevented the virus from spreading deeper into the system, and the city’s ransomware insurance will help defer the costs of a breach. At the same time, many ransomware attacks are initiated by phishing scams, which means that every company should include training on cybersecurity best practices as a part of their ransomware preparedness plan.

People Inc.: New York’s largest non-profit organization providing services for seniors, families, and individuals with developmental disabilities

Exploit: Employee email account breach
Risk to Small Business: 1.555 = Severe: A compromised email account gave hackers access to an extensive amount of client and patient information. Security officials believe that a brute force attack exploited a weak employee password, and a simple password reset secured the account. However, it was later discovered that the company knew of the breach as early as February, which makes their recent acknowledgement of the incident especially alarming.

Individual Risk: 2 = Severe: The compromised email account included vast amounts of client and patient information. Names, addresses, social security numbers, financial data, medical information, health insurance information, and government IDs were all accessible to hackers. This information can quickly spread on the Dark Web, and clients or patients should be vigilant about acquiring identity and credit monitoring services as a precaution against credential misuse.

Customers Impacted: 1,000

How it Could Affect Your Business: This incident underscores the importance of cybersecurity best practices in any organization. A simple oversight gave hackers access to a single account, which compromised the information of 1,000 people. Every organization needs to prioritize training and oversight as a cybersecurity must-have. This data breach, like many others, was entirely preventable, and no organization wants to bear the financial and reputational burden of an avoidable oversight.

In Other News:

Stolen NSA Tool May Be Responsible for Rash of Ransomware Attacks 
Ransomware attacks on local governments have become alarmingly prevalent, and they may have an unlikely source – a cyber weapon developed by the U.S. National Security Agency (NSA). In 2017, the NSA lost control of one of its most impactful weapons, code-named EternalBlue, and it now lies in the hands of independent bad actors and state sponsored hackers.
The impact on local governments has been immense. While some cities refuse to pay the ransom, many are left with little choice but to pay up to restore access to their digital infrastructure. At the same time, the additional security costs have made it difficult for cash-strapped governments to combat the threat.
With so much on the line, a comprehensive ransomware response plan has never been more important. Since most ransomware originates as phishing scams sent to employee email accounts, this also means that proper training can be worth its weight in gold, or at least in Bitcoin.

A note from Kobargo:

Office 365 Users Targeted in Phishing Campaign 
Users of Microsoft’s popular Office 365 software might be the victims of the latest phishing campaign making its rounds online.
Some users are receiving notifications purporting to be from “Office 365 Team” notifying recipients of an “unusual volume of file deletion” on their accounts.
When recipients click on the “View alert details” link, a fake Microsoft login page appears that captures users’ login credentials. The attackers are using Azure, a popular hosting site that makes it more difficult to distinguish questionable URLs in a phishing attack.
For Microsoft users, login screens only derive from,,, or The growing sophistication of these attacks makes it even more difficult for users to differentiate a phishing attack from a real message.
However, comprehensive training can stop phishing scams in their tracks by empowering customer and employees with cybersecurity training and awareness. Contact Kobargo Technology Partners to schedule a free consultation today!

Read more
Data Breach, Cyber Alert Monday 06-03-19

Cyber Alert: Last week, the tech unicorn Canva endured a significant data breach and local government agencies were under attack.


The Georgia Institute of Technology (Georgia Tech): Public research university based in Atlanta, Georgia
Exploit: Unauthorized database access
Risk to Small Business: 1.555 = Severe: Hackers were able to infiltrate the Institute’s databases that were storing sensitive personal information on current and former students and employees. After identifying an unauthorized user sending queries through an Institute web server, Georgia Tech began an investigation and executed a few countermeasures to secure their ecosystem. Not only will Tech be on the hook for providing credit and identity monitoring services to affected individuals, but they will also deal with scrutiny from current students, employees, and even alumni.
Individual Risk: 2.285 = Severe: According to an official statement from Georgia Tech, the information accessed varies by individual, but it could include names, addresses, Institute ID numbers, dates of birth, and social security numbers. This breach could extend to students, faculty, staff, alumni, applicants, and affiliates. Anyone with ties to Georgia Tech should enroll in identity theft protection services and stay vigilant for potential compromises or fraud attempts.
Customers Impacted: 1,265
How it Could Affect Your Business: Failing to understand your organization’s threat landscape can have significant consequences in today’s digital environment. In this case, hackers had access to the university’s database for nearly four months, making it evident that their security standards were not adequate to address relevant threats. Particularly when your university is seen as a premier technological institution, failure in this regard is entirely preventable, embarrassing, and unacceptable.


Louisville Regional Airport Authority: Municipal corporation responsible for owning, operating, and developing Louisville International Airport and Bowman Field

Exploit: Ransomware
Risk to Small Business: 2.111 = Severe: Hackers were able to install ransomware on the airport’s network system, encrypting localized files for two airports, the Louisville Muhammad Ali International Airport and Bowman Field. Fortunately, the organization was prepared for such an incident, and they are restoring their files from backups rather than paying the ransom. While the ransomware was restricted to localized files that are unaffiliated with the organization’s operations or security systems, it’s always concerning when critical infrastructure is tangentially impacted by security vulnerabilities.
Individual Risk: 3 = Moderate: There is no indication that personal information was compromised as part of this breach.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is a growing threat among SMBs. Since it is often injected into a company’s network through phishing scams or other employee errors, consider partnering with an MSP that has the tools to train employees and prevent phishing attacks.

Perceptics: Maker and distributor of license plate readers, under-vehicle cameras, and driver cameras
Exploit: Network compromise
Risk to Small Business: 1.444 = Extreme: A hacker using the pseudonym “Boris Bullet-Dodger” gained access to the company’s database and exfiltrated hundreds of gigabytes of data, which he subsequently published on the Dark Web. In total, more than 65,000 files were stolen including data directly from employee laptops. In total, the data breach included information from the access databases, ERP databases, HR records, Microsoft SQL Server data stores, business plans, financial figures, and personal information.
Individual Risk: 2.142 = Severe: The trove of data released by this hack compromised personal information, and the extent of the hack makes it difficult to know precisely what data was taken. However, evidence that hackers accessed employees’ desktops, denoted through the presence of music stored on user computers, suggests that the information exposed could be extensive.
Customers Impacted: Unknown
How it Could Affect Your Business: Responding to a breach of this scope is complicated. Managing the PR fallout is a significant responsibility, but an organization’s most important function is to support those whose information is posted on the Dark Web. In the event of a data breach, knowing what happens to your data is critical, and partnering with a qualified MSP can make all the difference.

Shubert Organization: Theatrical producing organization and owner of theaters in Manhattan and New York City
Exploit: Employee email account breach
Risk to Small Business: 1.777= Severe: Hackers gained access to several employee email accounts containing sensitive personal information. The data breach occurred last February, and it’s unclear why the company either took so long to identify the intrusion or to communicate the incident with stakeholders. Regardless, it underscores the importance of strong defenses, as the company is now responsible for providing credit monitoring services for 24 months. However, this pales in comparison to the incalculable reputational damages that can occur with the magnitude of this breach.
Individual Risk: 2.285 = Severe: Although the company can’t confirm that the intruder accessed personal information, the affected accounts included customers’ names, credit card numbers, and credit card expiration dates.
Customers Impacted: Unknown
How it Could Affect Your Business: While every company is responsible for putting up strong defenses again cybercriminals, bad actors are highly motivated and continually operate with an advantage. Therefore, it’s crucial for companies to differentiate themselves through their support services to help impacted individuals in the wake of a data disaster.

Team Viewer: Developer of proprietary software for remote desktop control, desktop sharing, online meetings, web conferencing, and file transfers
Exploit: Malware
Risk to Small Business: 2.222 = Severe: TeamViewer has acknowledged a malware attack that gave hackers access to the company’s servers, which included their software’s source code. According to an official release by the company, the threat was detected before hackers could steal any data or code. However, this incident took place in 2016, which makes their timing problematic. Consequently, the company will face heightened media scrutiny and reputational damage that could exceed the scope of the actual breach.
Individual Risk: 3 = Moderate: The company contends that personal information was not compromised during the breach, but users should be mindful of the company’s security posture, especially given the potentially sensitive information conveyed through their services.
Customers Impacted: Unknown
How it Could Affect Your Business: Regardless of actual outcomes resulting from the data breach, this episode makes it clear that TeamViewer does not prioritize clear and timely communication when it comes to their cybersecurity initiatives. While data security needs to be a top priority for every organization, communication and customer support are a close second, along with being the most controllable part of any cyber defense plan.

Canva: Graphic design website providing amateur and professional web/media design tools
Exploit: Database server compromise
Risk to Small Business: 1.555 = Severe: A now-prolific hacking group accessed Canva’s network, compromising information for millions of users. According to the hacker’s message after the breach, the theft includes extensive records up until May 17th. The company’s quick response and high cybersecurity standards will help mitigate the damage of the breach, but they are now responsible for understanding what happens to their users’ data when it’s published on the Dark Web.
Individual Risk: 2.149 = Severe: The scope of this breach is incredible, but it will impact users differently. Compromised information could include usernames, real names, email addresses, and location information. Fortunately, the passwords for 61 million users were hashed, making them more difficult to decrypt. The company encourages users to change their account passwords and to update passwords from other accounts that may be using redundant credential.
Customers Impacted: 139 million
How it Could Affect Your Business: Even companies with the best cybersecurity standards can still fall victim to a devastating data breach. Partner with an MSP that can determine where information ultimately ends up (hint: the Dark Web!) so that your customers, employees, and profit margins are always protected from cybersecurity threats.

A Note From Kobargo:
Mobile Banking Malware Increases by 58% 
According to a recent report by Kaspersky Lab, mobile banking malware is on the rise. The first quarter saw instances of mobile banking malware more than triple, and there was a 58% increase in modifications to banking trojans.
A single piece of malware, dubbed Asacub malware, accounts for more than half of the banking trojans detected during this time, attacking approximately 8,200 users a day.
In the first three months of the year, cybersecurity researchers identified 29,841 different modifications of banking trojans, underscoring the complex tasks that companies have when defending their digital infrastructure.
As more and more financial services are conducted online, it’s a troubling sign to see an uptick in the scope and complexity of mobile-focused malware attempts. It’s also a reminder that companies can’t win this battle alone. They need to partner with skilled MSPs like Kobargo Technology Partners to help them identify and eliminate the latest threats to their businesses.

Contact Kobargo Technology Partners to schedule a free consultation today!

Read more