Cyber Alert Monday 7-6-2020 – Prevention

Last week, healthcare data breaches keep climbing, Twitter apologizes for its breach, and Australian cyberattacks illustrate the importance of basic training and prevention.

twitter symbol on laptop threat prevention

Twitter's Personal Billing Data Breach

United States – Twitter 

Exploit: Accidental Data Sharing
Twitter: Social Media Platform 

Risk to Small Business: 2.602 = Moderate

Twitter sent a notification to business clients last week acknowledging a data breach that exposed the personal and billing information of some users. The breach occurred due to an issue that led to some users’ sensitive information being stored in the browser’s cache. Twitter explained that it recently became aware of this issue. Business users were warned that prior to May 20, 2020, if you viewed your billing information on ads.twitter or analytics.twitter your account’s billing information may be at risk.

Individual Risk: 2.602 = Moderate

Twitter did not release an estimate of the accounts affected, but it did specify that only business customers were at risk, and only a percentage of business customers had any details exposed. The leaked information potentially included email addresses, users’ contact numbers, and the last four digits of credit card numbers used for Ads accounts. Twitter business customers should monitor potentially affected payment accounts.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Information like this quickly makes its way to the Dark Web, setting businesses up for cyberattacks including spear-phishing attempts. In addition, failing to guard a business customer’s recurring payment information can negatively impact their relationship with that service provider. 

Compromised Patient Data

United States – AMT Healthcare

Exploit: Internal Email Account Compromise 
AMT Healthcare: Medical Care Solutions Provider

Risk to Small Business: 1.662 = Severe

AMT Healthcare revealed this week that it had experienced a data breach affecting a large pool of customers in December 2019 that was discovered through suspicious activity on an employee email account. The California-based company recently completed an investigation into the incident and contacted those who were affected. Potentially compromised data includes patient names, Social Security numbers, medical record numbers, diagnosis information, health insurance policy information, medical history information, and driver’s license/state identification numbers.

Individual Risk: 1.899 = Severe

Anyone that may be at risk of compromise was informed this week. Extremely sensitive data was compromised in this breach, and those affected should beware of the potential for fraud, identity theft, and spear-phishing attempts that this stolen data creates. A filing of the account posted to the breach portal at the U.S. Department of Health and Human Services noted that potentially affected patients are being offered free credit monitoring services. 

Customers Impacted: 47,767 

How it Could Affect Your Customers’ Business: When clients choose to do sensitive business with a company, they’re also trusting that company to guard their information. This imperative is even stronger for companies that collect health information. Not only does a data breach cost healthcare organizations patient confidence, but it also costs a fortune in HIPPA-related fines. 

Hackers Demand Payment to Release COVID-19 Research

United States – University of California San Francisco 

Exploit: Ransomware 
University of California San Francisco: Education and Research Institution

Risk to Small Business: 1.275 = Extreme

The University of California San Francisco (UCSF) confirmed this week that it paid cybercriminals $1.14 million to decrypt data following a ransomware attack. Although UCSF was able to detect the incident quickly, it was not fast enough to allow cybersecurity teams to quarantine the affected servers, and a significant portion of its medical school and research data was encrypted. The ransom was demanded to free essential COVID-19 research data that was captured in an intrusion on June 1. Reports indicate that UCSF was one of four academic institutions targeted in a single week by the Netwalker ransomware group.  

Individual Risk: No patient or personal data was reported as compromised at this time. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business:  Ransomware is a growing menace to every organization, and it’s not just sensitive business or financial data that Dark Web criminals are after. Research data has become an increasingly hot commodity. Paying ransoms to cybercriminals to decrypt research data sets a dangerous precedent. Collecting large sums will embolden other groups that can take down big fish to score big paydays. 

Risk Levels:

1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:    

Australian Cyberattacks Prove That Threat Resistance Training is Always a Good Investment For Prevention

Sophisticated cyberattack risks are growing throughout the world, and the attacker isn’t always just a group of opportunistic cybercriminals. A recent explosion of cyberattacks against targets in Australia has been reported to be linked to potentially malicious state-sponsored actors, creating a new level of worry for cybersecurity architects.  

Ransomware has become an even greater menace for Australian companies. Government officials have warned that ransomware that is delivered through spear-phishing attacks is suspected to be part of the overall larger attack picture in this wave of attacks. Therefore, it’s clear that frequent, high-quality phishing defense and resistance training is essential to protect a company from ransomware attacks. 

Ransomware is devastating to any business, as was recently demonstrated by two incidents at Australian drinks conglomerate Lion. Systems at the beverage company have been infected twice in the last month alone, freezing essential production and operations technology just as it began to ramp up its post-pandemic production.   

A dynamic solution like  BullPhish ID is the right choice for state-of-the-art phishing resistance training. BullPhish ID’s constantly updated educational tools allow staffers to learn through video and be tested on that knowledge with online quizzes – with pre-made phishing kits including the latest threats available in 8 languages for quick deployment. These features also make it an ideal vehicle for remote training because training shouldn’t stop just because staffers aren’t in the office.  

Updating a company’s cybersecurity stack to boost ransomware defense should always include upgrading phishing resistance training. Dark Web monitoring is a great place to start when constructing a strong cybersecurity defense, but every building block in that defense is important – and improved phishing resistance with BullPhish ID is an easy and affordable block to add.


A Note From Kobargo

An Ounce of Prevention is Worth a Pound of Cure

We’ve all heard this old saw, and it’s still popular for a reason: it’s right. Taking strong preventative measures now to protect your data saves both time and money later. More than 50% of businesses had a data breach in 2020 – and that’s a time-consuming money pit for any company. By taking the right preventative measures now, you can lower your risk of a data breach later.  

One of the most important preventative measures to take right away is updated training about current phishing threats. Right now, cybercriminals are using many new tricks to mount phishing attacks. While your staff may be aware that they shouldn’t open unexpected attachments, do they know not to click surprise links, or open unanticipated PDFs, or accept unverified Zoom invitations? Updated phishing training prepares them to resist these threats and protect your data.  

Coupling phishing resistance training with 24/7/365 Dark Web monitoring guards your data on two fronts. Not only are you preventing bad actors from getting a front door key to your data with improved phishing resistance, but you’re also making sure that cybercriminals aren’t sneaking in the back door either by watching for Dark Web threats. By combining multiple solutions that work together well, you can maximize the ways that your security solutions help prevent data loss – because strong, sensible preventative measures always pay off.


Contact Kobargo Technology Partners to schedule a free consultation today!

Comments are closed.

Sign up for our Newsletter


By submitting this form, you are consenting to receive marketing emails from: Kobargo Technology Partners, 12425 W. Bell Road, Surprise, AZ, 85378, http://www.kobargo.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact