Data breach, cyber alert Monday 04-08-2019

LAST WEEK, US HEALTHCARE PROVIDER GETS BREACHED 3 TIMES AND THIRD-PARTY RANSOMWARE PARKS CANADIAN AGENCY FOR DAYS.

LAST WEEKS CYBER ALERT, HACKS, ATTACKS, BREACHES AND MORE...

 

Verity Medical Foundation: Healthcare provider based in San Jose, CA.

Exploit: Employee phishing scam.

Risk to Small Business: 2.333 = Severe: VMF recently notified its patients of another security breach it suffered on January 16th of this year, immediately following two similar phishing incidents. A hacker was able to compromise an employee’s Office 365 account for several hours and send phishing emails internally and externally to gather usernames and passwords. Although the organization maintains that there is no evidence of patient information being accessed, they will now face scrutiny by the media and patients, along with being forced to deploy mandatory training for employees.

Individual Risk: 2.571 = Severe: Aside from account usernames and passwords, protected health information including DOBs, patient identification numbers, phone numbers, addresses, health plans, treatments received, SSNs, and even insurance details may have been exposed. While the company believes that it was unlikely that the attacker was after the data, affected patients should enlist in identity monitoring and additional security measures.

Customers Impacted: 14,894 patients
How it Could Affect Your Business: The compounding effects of back-to-back breaches can amount to serious losses for organizations. Even worse, employee phishing attacks are entirely preventable through the implementation of security training and education. If breach occurs, businesses are forced to enroll their employees in such programs anyway, and likely at a higher cost. By then, however, the damage will have already been done.

 Earl Enterprises: Hospitality industry giant that owns Buca Di Beppo, Planet Hollywood, Earl of Sandwich, and other restaurant brands

Exploit: Malware installation on point-of-sale (POS) systems

Risk to Small Business: 2 = Severe: In a press release published last Friday, the company announced that hackers had planted malware on POS systems, affecting over 100 restaurants between May 23, 2018, and March 18, 2019. After noticing a mysteriously large card dump in February, cybersecurity researchers realized that this incident is related to a database that is already available for sale on the Dark Web. In addition to dealing with customer churn and brand degradation, the company will now have to do its best to protect the users whose card information is up for grabs on the Dark Web.

Individual Risk: 2.428 = Severe: Credit and debit card numbers, expiration dates, and cardholder names were exposed in the incident and will eventually be sold to the highest bidder on the Dark Web. Anyone who dined at Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology, or Tequila Taqueria should consider cancelling their cards, monitoring their financial reports, and changing their passwords.

Customers Impacted: 2.15 million cardholders
How it Could Affect Your Business: In the wake of a breach, understanding how fraudsters plan on using stolen data is crucial to risk mitigation. If Earl Enterprises had worked with security providers capable of monitoring the Dark Web, the company would have been able to identify the threat earlier and act accordingly.

Canadian Internet Registration Authority: Canada's not-for-proft agency that manages domain registry

Exploit: Ransomware infection to third-party system

Risk to Small Business: 2 = Severe: On March 26th, the CIRA’s parking garage suffered from a ransomware attack, allowing anyone to enter without a security check and park for free. The compromise persisted for two days, resulting in systems being locked with a ransom note displayed by the attackers. Since the parking garage company Precise Link did not have a backup of the files, restoring the systems will come at an incredibly high cost.

Individual Risk: 2.482 = Severe: It is unclear if the hackers gained access to employee data, but the risk for citizens should be little to none.

Customers Impacted: To be determined
How it Could Affect Your Business:Vendors that serve as third-party service providers for large firms should be wary of upcoming attacks. As hackers shift their focus towards the smallest vulnerabilities within an organization, they will certainly consider targeting the third-party companies that manage their data. To avoid future compromises, companies should work with a security solution that employs a Dark Web monitoring tool which can be crucial in determining if stolen information is trading hands between.

Toyota: Japanese car maker

Exploit: IT System breach.

Risk to Small Business: 2.333 = Severe: Toyota announced another data breach last week, making it the second incident within the past few months. After breaching the Australian arm of the company, this time hackers targeted main offices in Japan to access sales information for up to 3.1M customers. The company has yet to determine if details were extracted vs. just accessed but explained that customer financial information was not stored on the compromised servers. Additionally, they are uncertain if the hacks were perpetrated by the same group, yet security experts believe that APT32 cyber criminals are the likely culprits. Furthermore, it is being speculated that the hacker scheme involved leveraging the data gained in the Australian breach to execute the latest attack on the company’s Japan office headquarters.

Individual Risk: 2.571 = Moderate: Details regarding what information was exposed are still being determined, but Toyota customers should watch out for suspicious activities on their personal and payment accounts. Also, looking back to see what information was provided to the car maker can help determine the level of risk that may be involved.

Customers Impacted: 3.1 million users
How it Could Affect Your Business: Just because a company has been hacked before does not mean that it won’t be targeted again. In this case, it is quite possible that the fraudsters intended to extract valuable information from the Australian breach of Toyota in order to access their main offices. To keep systems airtight, companies must reevaluate what data is shared across working groups, departments, and offices, along with emphasizing the importance of adhering to cybersecurity best practices when it comes to their employees.

Protect your business from a Data Breach. Contact Kobargo Technology Partners to schedule a free consultation today!

No Comments Yet.

Leave a reply

Sign up for our Newsletter


By submitting this form, you are consenting to receive marketing emails from: Kobargo Technology Partners, 12425 W. Bell Road, Surprise, AZ, 85378, http://www.kobargo.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact