Cyber Alert Monday 6-15-2020 – Oversights

Last week, glaring oversights lead to data disasters, ransomware puts governance out of action, and a new study shows the enormous cost of data breaches. 

two women working on computer with code, oversights

United States – Westech International

Exploit: Ransomware
Westech International: Nuclear maintenance subcontractor 

Risk to Small Business: 1.510 = Severe

Cybercriminals associated with the MAZE ransomware group exfiltrated company data before encrypting certain networks. The stolen files were subsequently posted online. Westech International is working on the oversights with cybersecurity experts to identify the scope of the incident and restore access to encrypted data. In the meantime, the company will likely face significant fallout as its business relies on an industry that demands the highest cybersecurity standards. 

Individual Risk: 2.279 = Severe

The company did not detail the specific information compromised in the breach, but the incident includes company emails and payroll information, which likely contain personal and financial data. Anyone impacted by this breach should immediately notify their financial institutions while taking steps to protect their personal information against misuse. 

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Stolen data can be quickly disseminated on the Dark Web. To combat data misuse and to prevent further cybersecurity incidents, today’s organizations need insight into this nefarious marketplace. With information traveling quickly among bad actors, it could be the difference between stopping further misuse and succumbing to a more problematic cybersecurity incident. 

United States – Joomla

Exploit: Unsecured database oversights
Joomla: Content management system 

Risk to Small Business: 1.708 = Severe

Developers failed to secure backup files on a cloud storage platform, leaving people’s personal data exposed to the internet. The storage platform doesn’t automatically encrypt data, but enabling these security features is simple, making these oversights an unforced error that was easily preventable. While the platform has secured the database, this breach will test users’ loyalty at a time when people are more willing than ever to leave businesses that can’t protect their information.    

Individual Risk: 2.675 = Severe

The data breach exposed personally identifiable information, including names, addresses, phone numbers, website addresses, business titles, encrypted passwords, IP addresses, and newsletters subscription preferences. Users should update their Joomla account passwords and any other account credentials using the same details. In addition, they need to carefully monitor incoming messages as this information is often used in phishing scams.  

Customers Impacted:  2,700

How it Could Affect Your Customers’ Business: Billions of account credentials are compromised every year. Companies committed to cybersecurity shouldn’t rely exclusively on password integrity to protect their most critical information. Instead, make account security tools, like two-factor authentication, accessible for all employees

United States – San Francisco Employees’ Retirement System (SFERS) 

Exploit: Unauthorized database access
SFERS: Public employee benefits program 

Risk to Small Business: 1.980 = Severe

An unauthorized user accessed a critical database managed by the program’s third-party vendor, causing a significant data breach. The breach, which occurred on February 24, 2020, wasn’t discovered until the end of March. An analysis of the incident couldn’t be completed until this month, leaving many people unaware that their information might be compromised. This data breach reveals the cybersecurity risk that accompanies third-party partnerships but also the often-lengthy delay between breach identification and notification.

Individual Risk: 2.602 = Moderate

The data breach did not compromise Social Security numbers or bank data, but it did include members’ names, addresses, dates of birth, and beneficiary information. This data can be used in a variety of different cybercrimes. Most notably, cybercriminals are using stolen data to craft spear-phishing messages that can result in even more problematic cybersecurity incidents.  

Customers Impacted: 74,000

How it Could Affect Your Customers’ Business: Third-party vendors are an inevitable part of doing business in 2020. However, these relationships expose companies to potential data breaches that are outside of their control. In this environment, having an extra layer of protection to prevent network or account access is a critical component of any defensive strategy.

Spain – 8Belts  

Exploit: Unsecured database
8Belts: Online learning platform  

Risk to Small Business: 2.161 = Severe

Developers failed to secure an Amazon Web Services S3 bucket, exposing users’ personal data to the open internet. The database includes both critical company files and users’ personal information, making it an especially problematic cybersecurity incident for the company. 8Belt frequently partners with prominent organizations to provide educational services, and this data breach could jeopardize those important relationships. In response, the company will need to undergo a significant PR effort to restore customer confidence, an effort that is undoubtedly predicated on the reprioritization of data privacy.

Risk to Small Business: 1.710 = Severe

This data breach impacts both staff and students of the online learning platform. It includes their names, email addresses, phone numbers, dates of birth, National ID numbers, and Skype IDs. Those impacted need to carefully scrutinize income messages, as compromised data often reemerges in convincing-looking spear-phishing campaigns that can compromise even more sensitive data.

Customers Impacted: 150,000

How it Could Affect Your Customers’ Business: Billions of records are routinely compromised through accidental and malicious data exposure. This data is fodder for phishing scams, which rely on personal information to craft authentic-looking messages that inspire engagement. In response, every company needs a robust, dynamic phishing scam awareness program to ensure that these malicious messages don’t compromise company data.

Risk Levels:

1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:    

Strong Cybersecurity Pays for Itself – Data Breach Oversights Costs Exceeded $1.2 Trillion for US Companies in 2019      

Data breaches have enormous consequences for companies, including recovery and repair expenses, reputational damage, potential regulatory penalties – all of which spell financial loss. This week, a new report illustrates just how significant the financial consequences of a data breach can be. In 2019, some major data breaches spelled disaster for heavyweight firms. With more than five-billion records compromised in 2019, breaches are estimated to have collectively cost companies $1.2 trillion, nearly double the sum from 2018. 

Healthcare was the most targeted sector in 2019, with 382 total breaches, a startling 100% year-over-year increase. It’s shaping up to be number one in 2020 as well. Unfortunately, the COVID-19 pandemic has incited cybercriminals to increase their attacks on the healthcare sector, which will certainly increase risks in the year ahead. In addition to healthcare, banking, insurance, education, government, and retail were among the top targets of cybercriminals. 

Taken together, personally identifiable information was the most sought after commodity. In response, it’s clear that companies need to take action to secure their systems and data now, especially as remote work compounds the risk of a cybersecurity incident. While today’s threat landscape is expansive and pervasive, every organization can improve its defensive posture by addressing the most prominent risks, including unauthorized access, phishing scams, and malware. 

https://www.techrepublic.com/article/data-breaches-cost-us-companies-more-than-1-2-trillion-last-year/ 


A Note From Kobargo

460 Million Records Reported Stolen in May   

A tally of May cybersecurity instances found that 460 million records were compromised last month, marking another staggering total in an already-historic year for cybersecurity oversights. However, the sum only represents the beginning of the problem, as many data breaches are going unreported as companies fear regulatory repercussions and customer blowback. In addition, many data breaches also expose reams of sensitive personal data, making it difficult to quantify the full scope of the problem. 

For businesses, this information has two prominent implications. First, there is a growing need to identify compromised data on the Dark Web. As more records are stolen and distributed in the dark corners of the internet, companies need eyes and ears to know if their information is among the mountain of stolen data.

What’s more, the sheer number of compromised records makes it more important than ever for organizations to put additional barriers between their IT infrastructure and bad actors. If your staffer is reusing a password from a compromised retail account or using their pet’s name to log in, that can put you at risk for a breach by making it easy for cybercriminals to find a way into your systems.

Dark Web ID can help keep oversights at bay and accounts secure by alerting you when your staff’s compromised information hits the Dark Web. This cost-effective solution gives you peace of mind and gives you an opportunity to mitigate threats (like your staffer’s unwittingly compromised login credentials) before they become disasters.

https://www.bleepingcomputer.com/news/security/over-460-million-records-exposed-in-breach-incidents-reported-in-may/


Contact Kobargo Technology Partners to schedule a free consultation today!

Comments are closed.

Sign up for our Newsletter


By submitting this form, you are consenting to receive marketing emails from: Kobargo Technology Partners, 12425 W. Bell Road, Surprise, AZ, 85378, http://www.kobargo.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact