Cyber Alert Monday 4-6-2020 – Social Distancing

Last week, phishing attacks reel in a bountiful catch in the healthcare sector, how social distancing makes companies vulnerable to a data breach, and cybersecurity tips for working from home. 

Its a cybercriminals dream for you to post personal info on social media

United States – Tandem Diabetes Care

Exploit: Phishing scam
Tandem Diabetes Care: Medical device manufacturer

Risk to Small Business: 2.555= Severe

Five employees fell for a phishing scam that gave hackers access to email accounts containing customer data between January 17 and January 20, 2020. Although the company acted quickly to secure the compromised employee accounts, they were unable to recoup the stolen information. Given the sensitive nature of their industry, Tandem Diabetes Care will likely face increased regulatory scrutiny and hefty financial penalties.

Individual Risk: 2.428 = Severe

Although Tandem Diabetes Care has expressed in the integrity of their data storage, hackers likely had access to names, contact information, service-related details – even some patients’ Social Security numbers were exposed in the breach. Victims should consider enrolling in credit and identity monitoring services.   

Customers Impacted: 140,000

How it Could Affect Your Customers’ Business: In response to this breach, Tandem Diabetes Care is updating its email security protocols to prevent a similar incident in the future. However, phishing scams account for a significant portion of all data breaches, and preparing for these attacks should be a built-in component of every organization’s defense strategy.

United States – University of Utah Health 

Exploit: Phishing scam
University of Utah Health: Research and teaching hospitalr

Risk to Small Business: 1.889= Severe

A phishing scam provided hackers with access to the University of Utah Health’s network for more than a month, beginning on January 22, 2020. In addition, the healthcare provider discovered malware on its network that allowed hackers to access patient data. Although the University of Utah Health responded quickly, bad actors still had prolonged access to company and customer data, including HIPPA-protected healthcare records – creating financial, reputational, and regulatory consequences both now and in the future.

Individual Risk: 2.428= Severe

The compromised accounts included patients’  names, dates of birth, medical record numbers, and clinical data. This information can be used to craft authentic-looking spear phishing campaigns. Victims should carefully evaluate all digital communications, and consider enrolling in identity and credit monitoring services to ensure that this information isn’t being misused in other ways.  

Customers Impacted: Unknown.

How it Could Affect Your Customers’ Business: Like many companies responding to a data breach, the University of Utah Health is promising changes to its defensive posture to prevent a similar breach in the future. However, companies should assume that malware attacks and phishing scams are an “if” not a “when” proposition, and they should prepare their defensive posture accordingly.

United States –  Tupperware  

Exploit: Malware attack
Tupperware: Home products line

Risk to Small Business: 2.334= Severe

Hackers infiltrated Tupperware’s online store, injecting payment skimming malware into the checkout process. The malicious script was active for at least five days, and it effectively mimicked Tupperware’s official payment form. After shoppers entered their data into the fake form, a “time out” error appeared, redirecting customers to the actual payment page and disguising the theft, which allowed it to go undetected.    

Individual Risk: 2.428= Severe

The payment skimming malware collected customer data entered including names, addresses, phone numbers, credit card numbers, expiration dates, and CVV codes. This data could allow hackers to commit financial theft or identity fraud. Those impacted by the breach should immediately notify their banks, as they will likely need to be issued new payment cards and carefully monitor their accounts for misuse.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: The COVID-19 pandemic has heightened the already-important online shopping experience for many businesses, and online shopping is a singular respite in an otherwise bleak outlook for retailers. Companies can’t afford to lose customers because of a cybersecurity vulnerability. Many customers indicate that they will not return to an online store after a data breach, which means that companies looking to capitalize on their online stores need to make sure this avenue is secure

European Union – Norwegian Cruise Line 

Exploit: Phishing scam
Norwegian Cruise Line: Cruise tourism provider

Risk to Small Business: 2.334 = Severe

A Norwegian Cruise Line employee was reeled in by a phishing scam that compromised the personal details of thousands of independent travel agents. The information was then posted on Dark Web forums, making it widely accessible to bad actors. The company, already reeling from the COVID-19 crisis, has now damaged its relationship with partners that are critical to its recovery. 

Individual Risk: 2.714= Moderate

The data breach includes plain text passwords and email addresses for thousands of travel agents. While many are associated with TUI and Virgin Holidays, it also covers independent agents and those working with other organizations. Those impacted by the breach should immediately reset their login credentials while also monitoring their accounts for unusual or suspicious activity. 

Customers Impacted: 27,000

How it Could Affect Your Customers’ Business: This incident underscores the heightened risk and outsized consequences of falling for scams during the COVID-19 crisis. With more employees working remotely and a general, pervasive sense of uncertainty overshadowing many companies, there is a higher risk of damage from cyberattacks including phishing and ransomware encountered (and interacted with) by anxious employees.

Risk Levels:

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:

Expert Cybersecurity Tips for Working From Home During a Time of Social Distancing

The COVID-19 pandemic has brought about an unprecedented work-from-home experiment as social distancing measures require millions of employees around the world to work from home. As we’ve already seen, this presents unique cybersecurity challenges for both companies and their employees. To help you secure data while working remotely, here are four simple steps that every company and employee can take

1. Use a trusted VPN. These services can provide a layer of protection by encrypting network traffic and making it more difficult for bad actors to spy on your activity. Choose a reputable VPN provider, as a number of VPN scams have tricked employees into downloading malicious software that steals their login credentials

2. Enable two-factor authentication. Account security is critical, especially when entire companies are working remotely. Enabling two-factor authentication is an affordable and effective way to keep company accounts secure at all times.  

3. Refrain from using personal devices. Many employees may be tempted to use personal devices for work-related tasks, especially when working from home. It’s always possible that these devices contain malware or other exploits that could compromise company data.  

4. Look out for Phishing Scams. Cybercriminals are always looking for ways to capitalize on our vulnerabilities. At this moment, COVID-19-related phishing scams abound, targeting employees’ sense of isolation and vulnerability to capture critical information.  


A Note From Kobargo

Social Distancing Puts Company Data at Risk 

As the COVID-19 pandemic continues to cause chaos for businesses, we continue to be committed to helping keep your data secure. To that end, we’ve compiled several resources to help you navigate this unique terrain, and if we can serve you in any way, please don’t hesitate to contact us.     

This week, we wanted to highlight a cybersecurity vulnerability that is especially prescient as many people work from home and practice social distancing. According to a study by the Better Business Bureau, the FINRA Investor Education Foundation, and the Stanford Center on Longevity, people are more likely to fall for a scam when they are socially isolated.  

Cybercriminals are already taking advantage of our new digital environment sending a flurry of phishing and other fraudulent messages meant to compromise personal and company data, and isolated employees are more vulnerable than usual to these attack methodologies. Therefore, in addition to preparing employees for this troubling trend, make an effort to reach out to employees, coworkers, and family members to make personal connections during this challenging time.


Contact Kobargo Technology Partners to schedule a free consultation today!

Read more
Data Breach, Cyber Alert Monday 3-30-2020 Cybercrime

Last week, cybercrime makes COVID-19 recovery more difficult, unsecured databases give away millions of records, and resources you need to protect data during this challenging time. 

Cyberattacks on employees

Switzerland – World Health Organization

Exploit: Phishing scam
World Health Organization: United Nations agency responsible for international public health  

Risk to Small Business: 1.888= Severe:

Hospital workers are receiving an email purportedly from Dr. Tedros Adhanom Ghebreyesus, director of the World Health Organization (WHO). The email contains a personalized message using the recipients’ valid username and an innocuous-looking attachment. Unfortunately, it’s a phishing attack –  when the attachment is opened, it installs malware capable of stealing credentials from the computer. According to cybersecurity researchers, the messages specifically prey on the altruism of recipients, by purporting to include information about novel, preventative drugs and COVD-19 cures.

Individual Risk: 2.571 = Moderate:

At this time, there are no reports of recipients falling for this scam. However, anyone who does click on the attachment has likely allowed malware to compromise their credentials. In that case, they should immediately take steps to remove the malware, reset account passwords, and notify their employers of the incident.  

Customers Impacted: Unknown.

How it Could Affect Your Customers’ Business: In 2020, clever spear-phishing emails are par for the course when it comes to anticipated attack vectors, and the bad guys are making them look more authentic all the time. Rather than allowing employees to fall for these scams, possibly compromising company and customer data along the way, keep them alert for trouble by providing regular phishing scam awareness training that accounts for the latest trends and encompasses all of the possible vulnerabilities.
**We’ve learned that even more cyberattacks have been mounted against WHO during this crisis, easily double the usual number. A group of hackers known as DarkHotel is suspected in one of the most major recent live attacks. More than 2000 Corona-virus themed websites are being created each day as cybercriminals rush to take advantage of the opportunity to breach data and steal passwords that is presented to them by the chaos of this pandemic.

United States – Open Exchange Rates

Exploit: Unauthorized database access
Open Exchange Rates: Currency data provider

Risk to Small Business: 1.777= Severe:

While investigating a network misconfiguration, Open Exchange Rates discovered that an unauthorized user was accessing their network. Ultimately, it was determined that the hacker had been accessing their database for nearly a month, beginning on February 9, 2020, and ending on March 2, 2020. The company believes that hackers extracted sensitive user information. In response, Open Exchange Rates has disabled the passwords for all accounts created before March 2, 2020.

Individual Risk: 2.285= Severe:

A copious amount of personal data was compromised in the attack, including user names, addresses, encrypted and hashed passwords, IP addresses, country of residence details, and website addresses. In addition to resetting their account passwords and updating their credentials on any other website using the same information, Open Exchange Rates is warning customers that this information can be used to execute targeted spear-phishing attacks. Therefore, those impacted by the breach should carefully monitor their online accounts for suspicious activity.

Customers Impacted: Unknown.

How it Could Affect Your Customers’ Business: Although it’s a relatively small operation, Open Exchange Rates provides an API that is used by several prominent financial service providers. As a result, the costs of repairing this breach will be compounded by reputational damage that could impact its relationship with these critical partners.

United States – TrueFire   

Exploit: Malware attack
TrueFire: Online music school

Risk to Small Business: 1.555= Severe:

On January 10th, TrueFire identified unauthorized access to its database by a mysterious user who was active for more than six months. It’s unclear why the company waited until March to disclose the incident to its customers. The breach compromised users who made online purchases between August 3, 2019, and January 14, 2020. Although the company didn’t explicitly categorize the breach, payment skimming malware is likely responsible for the theft, which included users’ personal and financial data from their online purchases of classes and services.    

Individual Risk: 2.571= Severe:

The breach compromised customers’ personal and financial data, including names, addresses, payment card numbers, card expiration dates, and security codes. TrueFire is encouraging victims to monitor their financial statements for unusual activity, but they should do much more. Those impacted by the breach should immediately notify their financial institutions of the incident, and they should strongly consider enrolling in a credit and identity monitoring service to provide long-term oversight of this critical information. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Customers increasingly prefer shopping online rather than going to physical stores. Especially now, as the COVID-19 pandemic forces people to stay home, online stores are a vital lifeline for SMBs to continue generating revenue while people stay off the streets. Therefore, protecting the checkout process must be a top priority, as many customers will be gone for good if their personal or financial data is compromised through mishandled data on the merchant’s end when they make online purchases.

United States – College of Dupage  

Exploit: Accidental data exposure 
College of Dupage: Academic institution

Risk to Small Business: 1.555= Severe:

The College of Dupage accidentally exposed the 2018 W-2 forms of current and former employees. In a statement, the school identified the risk of data misuse as low. In reality, even one cybercriminal misusing this information could pose significant consequences for a potential victim. The breach occurred as the College of Dupage is preparing to move its services online due to the spread of COVID-19, forcing the cancellation of in-person classes – a  timely reminder that in uncertain times information security will still be top-of-mind for end-users, whether they are consumers, staffers, patients, or students. 

Individual Risk: 2.142= Severe:

W-2 forms contain personally identifiable information, including names, addresses, and Social Security numbers. College of Dupage is offering free identity monitoring services to those impacted by the breach, and victims should take advantage of it to ensure that their information remains secure both now and in the future.  

Customers Impacted: 1,775

How it Could Affect Your Customers’ Business: In response to the incident, the College of Dupage is updating its data management standards to prevent a similar incident from occurring in the future. Unfortunately, these updated protocols will not undo the damage for the nearly 2,000 victims of this data breach. Rather than waiting until a cybersecurity incident occurs, companies should prioritize a reevaluation of their practices to ensure that customer and company data is secure before a breach occurs.

Risk Levels:

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:

Canadian Healthcare System Inundated by Cybercrime Attacks 

The stress created by an emergency like the Coronavirus pandemic is a golden opportunity for hackers. As the Canadian healthcare system grapples with surging treatment demands related to COVID-19, their IT systems are also grappling with a significant uptick in cyberattacks from bad actors trying to steal data and breach systems at healthcare organizations in a critical time.  

The threat is so severe that some organizations have called on the government to enact national cybersecurity standards and provide emergency funding to help defend patient data. We’ve reported on several Canadian health institutions impacted by data breaches this year, and in 2019, nearly half of all Canadian data breaches were healthcare-related.

According to several officials, many Canadian healthcare providers are midway through their cybersecurity upgrade roadmaps. Their slow progress means that many of their defenses are outdated and inadequate to meet today’s quickly evolving threats to data and systems.

Don’t wait for your organization’s Doomsday scenario to unfold. Get support now to prevent phishing scams, malware, and other cyber threats from compromising company data. Partnering with cybersecurity experts can help you get your defenses against cyberattacks up to speed faster before a breach occurs.


A Note From Kobargo

How to Avoid Data Breaches While Working From Home

The COVID-19 pandemic has reshaped the way we work practically overnight, as many people are working from home for the foreseeable future. Unfortunately, bad actors are taking advantage of these circumstances by increasing phishing attacks targeting home workers. Taking action now to secure your data and keep your staff alert about threats is the best way to protect your company’s data and systems from opportunistic cybercriminals.   

According to a recent assessment, Italy saw a sharp spike in phishing scams as workers quickly shifted from in-office work to home-based arrangements. Around the globe, more than 40% of all workers are currently working from home, a significant jump even in just the past week. In addition to phishing scams, cybersecurity researchers identified a spike in malicious remote access attempts.  

Cybercriminals are taking advantage of the jump in employees teleworking to mask their activity and gain access to company data. The US Department of Homeland Security recommends that organizations remain vigilant about equipping employees to identify phishing scams and that they enable two-factor authentication to protect accounts from unauthorized access. 

At ID Agent, we recognize that this is a uniquely challenging time for your organization and your employees. To address your data security concerns in these quickly changing times, we’ve compiled several resources to help your data stay safe. If we can be of service, don’t hesitate to reach out. Throughout this crisis, we are committed to keeping your company and customer information secure. 

Don’t forget to follow us on social media for our latest news, events, product updates and more!


Contact Kobargo Technology Partners to schedule a free consultation today!

Read more
Data Breach, Cyber Alert Monday 3-23-2020 COVID-19

Last week, a ransomware attack impacts COVID-19 care, what happens when a company ignores basic security protocols, and mitigating cybersecurity risks during the Coronavirus pandemic.

average downtime due to ransomeware

United States – Whisper 

Exploit: Unsecured database.
Whisper: Privacy-focused messaging app.  

Risk to Small Business: 2.111 = Severe:

Developers overlooked basic security protocols when they left a database containing customer information unprotected by even a password, and hackers pounced. As a result, 900 million files dating back to the company’s launch in 2012 were made available online. Although the company was quick to secure the database, its reactive efforts will do little to assuage the doubts and concerns of its privacy-minded customer base.  

Individual Risk: 2.571 = Moderate:

Users’ names were not stored in the exposed database, but nicknames, ages, ethnicities, genders, hometowns, group memberships, and location data were all available. Some personal information was highly sensitive and could be used to execute spear phishing campaigns or targeted ransomware attacks. 

Customers Impacted: Unknown.

How it Could Affect Your Customers’ Business: Ransomware attacks not only negatively impact productivity and manufacturing, they also negatively impact growth. Companies like Visser Precision have many high-profile and mission-critical clients. Cybersecurity incidents can put those organizations at risk, making them less likely to do business with companies that have data security issues.

United States – Champaign-Urbana Public Health District

Exploit: Ransomware.
Champaign-Urbana Public Health District: Healthcare service provider.  

Risk to Small Business: 2.111 = Severe:

A ransomware attack disabled the healthcare provider’s website as concerns over Coronavirus (COVID-19) are reaching a fever pitch. While the incident spared the provider’s email accounts, health records, and patient records, it limited the agency’s ability to communicate with patients. The Champaign-Urbana Public Health District has begun using its social media accounts to communicate with the public, and they’ve launched a backup website to replace the disabled page. This is an expensive and potentially harmful incident at a time when quickly communicating information can be a matter of life and death. 

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown.

How it Could Affect Your Customers’ Business: The particular malware strain that infected the Champaign-Urbana Health District targets enterprises running Windows 10. It’s a reminder that ransomware is on the rise and companies can take simple steps to ensure that malware doesn’t enter their system through outdated software, phishing attacks, or other vulnerabilities.

United Kingdom – Anteus Tecnologia  

Exploit: Exposed database.
Anteus Tecnologia: Developer and distributor of fingerprint identification systems

Risk to Small Business: 1.888 = Severe:

A cyberattack on February 20, 2020, compromised customers’ personal data and payment information but didn’t impact customer funds. The company admitted that the breach occurred because of a known vulnerability, raising questions about the priority of data security at the fintech startup. Now Loqbox is poised to experience significant customer blowback and regulatory scrutiny as it falls under the purview of Europe’s GDPR.

Individual Risk: 2.142 = Severe:

In addition to precise fingerprint data, the database also contained the email addresses and phone numbers of employees who store their information with the company. Those impacted by the breach should take every precaution to secure their data and beware of potential instances of fraud resulting from this compromised information. 

Customers Impacted: 76,000

How it Could Affect Your Customers’ Business: Today’s regulatory landscape promises steep penalties for companies that fail to protect customer information. In this environment careless errors, like failing to password protect a database, are especially egregious to regulators and customers – and all companies need to ensure that data security is a day-one, top-down priority.  

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:

Hackers Collect Millions from Stolen Payment Card Records  

In an increasingly digital-first world, payment card skimming malware has been a growing threat to both customers and retailers – and a profitable business for the bad guys. Unfortunately, that trend is unlikely to abate anytime soon. According to cybersecurity researchers, hackers recently hauled in $1.6 million from selling 239,000 stolen payment cards on the Dark Web.  

The card information was stolen throughout 2019 from as thousands of retailers fell victim to malware. In this web-skimming incident, attackers used malicious JavaScript to steal payment data at checkout from stores hosted on the Volusion cloud platform. Unfortunately, the high yield is likely to incentivize other cyber-criminals to pursue payment card skimming, creating a serious liability for companies and customers processing payments online.  

Customers routinely demonstrate an unwillingness to shop at online retailers after a data breach. Making cybersecurity at the point of sale a top priority could be the difference between a flourishing online store and a floundering operation. Any business planning to implement online sales needs to have a strong cybersecurity strategy that works mitigate some of the risk of this means of attack including regular malware assessments and Dark Web monitoring


A Note From Kobargo

Free Coronavirus (COVID-19) Cybersecurity Support Resources!

The Coronavirus (COVID-19) pandemic continues to disrupt the normal flow of business. We know that this is causing challenges for our Partners and clients, and we’re committed to doing everything that we can to support you. We’ve put together some resources that address cybersecurity threats during this difficult time, and we’ll keep providing you with news and tips about protecting data and systems during this crisis to read and share in our blog.   

We’re on top of staying responsive to this rapidly evolving threat environment and monitoring the Dark Web. If we can be of service don’t hesitate to contact us – we’re still working to stay one step ahead of the bad guys.  

Check out CISA Insights here.

Don’t forget to follow us on social media for our latest news, events, product updates and more!


Contact Kobargo Technology Partners to schedule a free consultation today!

Read more
Data Breach, Cyber Alert Monday 3-16-2020 Coronavirus Scam

Last week, ransomware puts contracts at risk, big security errors lead to big fines, and the rise of Coronavirus-related phishing scams.

United States – Visser Precision

Exploit: Ransomware.
Visser Precision: Parts manufacturer for space and defense contractors.

Risk to Small Business: 2.111 = Severe:

Visser Precision was infected with data exfiltrating ransomware that stole proprietary information before encrypting IT systems. Based on documents published online, it appears that hackers obtained company data, including a list of clients, nondisclosure agreements, and some development plans. This incident reflects a growing trend in ransomware attacks – cybercriminals are increasingly stealing company data before encrypting critical IT systems, and organizations don’t detect it until it’s too late.

Individual Risk: No personal information was compromised in this breach.

Customers Impacted: Unknown.

How it Could Affect Your Customers’ Business: Ransomware attacks not only negatively impact productivity and manufacturing, they also negatively impact growth. Companies like Visser Precision have many high-profile and mission-critical clients. Cybersecurity incidents can put those organizations at risk, making them less likely to do business with companies that have data security issues.

United States – Riverview Health

Exploit: Accidental data sharing.
Riverview Health: Healthcare provider.

Risk to Small Business: 2.333 = Severe:

On January 14, 2020, an employee inadvertently sent notification letters that intermixed patients’ names and addresses. The messages were delivered to the appropriate addresses, but they included the incorrect patient name. In today’s digital landscape, even small clerical errors can have significant consequences as both customers and regulators look to punish companies that fail to secure personal information.

Individual Risk: 2.714 = Moderate

Patients’ names and addresses were compromised in the breach. Riverview Health maintains that the risk of data misuse is very low, but victims should still be aware that this information can be used for nefarious purposes and take precautions to ensure that their information is secure.

Customers Impacted: 2,610

How it Could Affect Your Customers’ Business: The biggest threat to your data isn’t cybercriminals, its human error. With customer blowback and regulatory penalties increasing, every organization needs to take steps to mitigate the risk posed by staff mistakes. Implementing protocols and increasing training about the pitfalls presented by phishing attacks and data sharing errors can significantly reduce your organization’s exposure to a data breach.

United States – J Crew

Exploit: Unauthorized database access.
J Crew: Clothing retailer.

Risk to Small Business: 2.111 = Severe:

J Crew identified a data breach that took place in April 2019. In response, the company has disabled all impacted accounts and advised all customers to reset their account credentials. The incident follows cybersecurity lapses at other prominent retailers at a time in which many consumers are shunning companies that don’t secure their information. The lengthy identification and reporting time will likely open the organization up to additional regulatory scrutiny that could further erode its brand reputation and bottom line.

Individual Risk: 2.428 = Severe:

Hackers accessed customers’ account login credentials, email addresses, and passwords. Partial payment card data and order information was also compromised. The company has closed the impacted accounts, but all J Crew customers should take steps to protect their personal information.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: With threats coming from multiple directions, every organization must enact strong cybersecurity defenses to ensure that they are ready to address potential threats and keep their clients’ data safe – and avoid the brand-eroding fallout that comes from a cybersecurity disaster. In doing so, they can minimize the consequences of a breach, keep customer data off the Dark Web, and promote rapid recovery.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:

60% of UK Consumers Impacted By a Data Breach in 2019

As expected, 2019 was a devastating year for data breach victims. As more year-end studies are completed and released, we’re learning more about who was affected the most. According to a recent report, nearly 60% of UK consumers were impacted by a data breach last year, a staggering total that underscores the personal implications of the more than 7,000 data breaches that affected UK companies in 2019.

The report noted the potential consequences of such an extensive breach environment, including cybercriminals using the sensitive personal and financial information that they collect from users as a gateway to deploy other cyberattack tactics like spear-phishing that can compromise sensitive information, data, and systems even more severely.

Although the number of breaches hasn’t increased significantly, the amount of compromised records has escalated. The number of records that have been compromised has tripled since 2018, surpassing 15 billion this year. This 300% year-over-year increase should encourage companies to seek solutions that can monitor the Dark Web for their data to preempt further hacking attempts. At the same time, training employees to identify and neutralize increasingly sophisticated spear-phishing campaigns is an absolute prerequisite for a capable defensive posture in 2020. https://securityboulevard.com/2020/02/almost-60-of-uk-consumers-affected-by-data-breaches-in-2019/


A Note From Kobargo

Coronavirus Phishing Scams Capitalizing on Fear & Urgency

As concern over the Coronavirus (COVID-19) spreads around the globe, hackers are exploiting the atmosphere of panic and fear created by the pandemic to steal peoples’ personal information. According to a recent report, more than 4,000 Coronavirus-related domains have been registered since the beginning of the year. Experts consider 3% to be outright malicious, and 5% are categorized as suspicious – more than double the usual number. Hackers are likely to target organizations with phishing attacks in an attempt to steer employees toward these malicious sites where they can steal critical data.

The World Health Organization has already issued a warning about Coronavirus-related phishing attacks that purport to be from to their organization, and CISA has released several warnings about the emerging threat of COVID-19 related phishing scams. Taken together, it’s a reminder that while phishing scam awareness training is an effective defense against cybercrime, security education isn’t a static endeavor. It must always adapt to address today’s shifting threats in order to keep your organization a step ahead of tomorrow’s bad actors.

https://www.vox.com/recode/2020/3/5/21164745/coronavirus-phishing-email-scams


Contact Kobargo Technology Partners to schedule a free consultation today!

Read more
Data Breach, Cyber Alert Monday 3-9-2020 Phishing

Last week, C-suite executives are compromised, failure to password protect customer data leads to breach, and phishing scam awareness begins to improve.

United States – Slickwraps

Exploit: Unprotected database. 
Slickwraps: Producer and distributor of hardware skins.

Risk to Small Business: 2 = SevereThe company’s databases lacked basic protections that exposed customer data to the internet. Slickwraps cited the long-term trust of its customers as a vital component of its business model, making this episode an especially problematic event for the business. The problem is compounded by the fact that an internet user tried to alert the company about the breach multiple times. Ultimately, Flickwraps discovered the breach after it was posted on Twitter.

Individual Risk: 2.428 = SevereThe company’s unsecured database exposed customer details to the internet. This included names, email addresses, physical addresses, phone numbers, and purchase histories. The breach does not extend to customers who accessed the online store as a guest, and it did not include financial data. Those impacted by the breach should be aware that this information can be used in spear-phishing attacks or for other malicious purposes. They should be especially vigilant in monitoring online communications.

Customers Impacted: 850,000

How it Could Affect Your Customers’ Business: Slickwraps has been extremely apologetic after the breach. However, this contrite posture is no replacement for simple steps that they could have taken to secure company and customer data from day one. Customers and regulatory authorities expect companies to follow basic best practices when dealing with sensitive data, and the company’s apologetic tone is unlikely to help avoid negative fallout from the incident.

United States – Clearview AI

Exploit: Unauthorized database access.
Clearview AI: Facial recognition software provider.

Risk to Small Business: 2.111 = SevereHackers obtained a copy of the company’s entire client list, which, given the sensitive nature of their work, is an especially egregious breach of data. In addition to the client list, hackers also obtained information identifying the number of accounts that clients set up and the number of searches conducted on the platform. In response, the company cited the inevitability of data breaches in the 21st Century, a platitude that is unlikely to placate the company’s clients. Indeed, Clearview AI is already enduring significant media scrutiny and customer blowback that could have significant implications for the company’s bottom line and future prospects.

Individual Risk: At this time, no personal information was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business:  Data breaches may be an unfortunate reality in the 21st Century, but that doesn’t mean that they have to be inevitable. Adjusting your defensive posture to address the most probable threats can significantly lessen the likelihood of a breach. At the same time, having the right policies and procedures in place to respond to a breach will mitigate the damage, allowing your company to meet any cybersecurity challenge.

United States – Pacific Specialty

Exploit: Phishing scam.
Pacific Specialty: Insurance provider.

Risk to Small Business: 1.444 = ExtremeSeveral employees fell for a phishing scam that compromised customers’ personal data. The attack allowed hackers to access some employee accounts between March 20, 2019, and March 30, 2019. However, the insurance provider wasn’t aware of the breach until November 7, 2019, and did not identify details until January 14, 2020. In response, the company has hired a cybersecurity team to update its data privacy practices, and reset all employee login credentials while enabling two-factor authentication on its accounts. Nevertheless, the company will end up paying much more than they would have if they had invested in basic security solutions.

Individual Risk: 1.857 = SeverePersonally identifiable information was compromised in the breach. This includes customers’ names, Social Security numbers, drivers’ licenses or government-issued IDs, financial information, payment card data, medical details, and health insurance credentials. Pacific Specialty is offering 12 months of credit and identity monitoring service to victims.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Phishing scams are a known threat to every company, and organizations that are committed to data security will take steps to prevent this common attack methodology from negatively impacting customer data. Selecting strong, unique passwords for every account and enabling two-factor authentication can thwart cybercriminals, even when employees act upon a phishing scam, making them an obvious security feature for every organization. Of course, they can only prevent a breach if they are implemented before an incident occurs.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:

A New Scam Targets Data Breach Victims

The costs associated with a data breach are well-documented, but they carry unique implications for each individual impacted by a data loss event. Now, a new scam is targeting data breach victims who are looking to recoup financial losses or exact justice. This scam originates from a website claiming to be run by the US Trade Commission, and it promises to provide financial compensation for data breaches involving personal data.

Unfortunately, the US Trading Commission does not exist, and the fraudulent website is collecting personal information, including names, credit card numbers, and Social Security numbers, which the website claims will be used for identification purposes. While the website boasts many hallmarks of a phishing scam, it can be enticing for victims to provide this information out of desperation or frustration.

Unfortunately, there isn’t a magic cure after a data breach hits. Instead, companies need to focus on their defensive strategies before an attack. For instance, securing accounts using two-factor authenticationtraining employees to spot phishing scams, and assessing your network for unseen vulnerabilities are all steps that companies can take to help ensure that a breach doesn’t occur in the first place.


A Note From Kobargo

Phishing Scam Awareness is On the Rise. So Are Phishing Scams.

This week marks the 100th issue of ID Agents Week in Breach newsletter. From the beginning, we’ve provided a weekly rundown of the most prescient cyber threats impacting SMBs, and phishing scams always make the top of the list.

Phishing scams, and their various iterations, including pharming, smishing, and vishing, account for a growing number of cybercrimes, according to the FBI’s latest Internet Crime Report. The latest iteration found a 59% increase since 2015. Similarly, business email compromise, which often includes elements of phishing scams, is up 160%.

However, the report doesn’t only include bad news. It found that 96% of people are aware of the possibility of a phishing scam, and 88% were able to accurately explain the threat. Unfortunately, many people only view phishing scams as an email threat, which, as we explained in a blog post last year, only accounts for one attack vector among many.

Ultimately, it appears that phishing scam awareness training is proving to be an effective tool to educate people on a growing threat category that impacts everyone. 


Contact Kobargo Technology Partners to schedule a free consultation today!

Read more

CATEGORIES

YOU MAY ALSO LIKE