Last week, compromised email accounts expose IT infrastructure, a Disney+ data breach exposed credentials to the Dark Web, and cybersecurity incidents are expected to rise this Holiday season.
United States - Select Health Network
Exploit: Unauthorized email account access
Select Health Network: Indiana-based collection of healthcare providers
Risk to Small Business: 1.444 = Extreme: An employee’s compromised email account credentials were used to access sensitive data for thousands of patients. The data was accessed between May 22 and June 13, and it’s unclear why it took the company so long to identify the breach and to report it to patients. Regardless, a small vulnerability will likely result in a sizeable blowback in the form of regulatory scrutiny, brand erosion, and potential financial repercussions.
Individual Risk: 2.142 = Severe: Hackers had access to patient data, including names, addresses, dates of birth, member identification numbers, treatment information, health insurance details, medical history information, and medical record numbers. In addition, some patients’ Social Security numbers were accessible. Those impacted by the breach should know that their credentials could have already been misused, and they should take steps to evaluate their data integrity while also ensuring long-term security.
Customers Impacted: 3,582
How it Could Affect Your Customers’ Business: Small security lapses can have serious consequences, as evidenced by the expansive breach resulting from one compromised employee account. However, companies have an obligation to support their customers after a breach and identifying what happened to their data after it was stolen is a good place to start. Taking the right course of action to support customers after a breach can go a long way towards repairing the reputational damage that can have far-reaching repercussions.
United States - Solara Medical Supplies
Exploit: Compromised email account
Solara Medical Supplies: Supplier of diabetes-related treatment products
Risk to Small Business: 1.444 = Extreme: An unauthorized third-party gained access to several employee accounts containing patient and employee data. The breach was first discovered on June 20th, and the compromised data was exposed between April 2nd and June 20th. In response, the company reset account passwords, and Solara is updating its policies to ensure that a similar scenario doesn’t occur again in the future. Unfortunately, such maneuvers won’t help patients whose data was already stolen in the breach. Moreover, the company’s lengthy response time will certainly invite increased regulatory scrutiny while giving consumers fodder for criticism during the recovery effort.
Individual Risk: 2.142 = Severe: Personal information, including names, addresses, dates of birth, Social Security numbers, employee identification numbers, medical information, health insurance information, financial information, credit/debit card numbers, password information, Medicare/Medicaid numbers, and billing information were all at risk. This comprehensive data set can quickly be distributed on the Dark Web, where it can be used to execute even more egregious cybercrimes. Those impacted by the breach should take every precaution to ensure that their data isn’t being misused.
Customers Impacted: 82,577
How it Could Affect Your Customers’ Business: Preventing a data breach begins with accounting for your vulnerabilities. One of the easiest yet most important cybersecurity initiatives that businesses should undertake is tightening up security around company email accounts. Whether your business fortifies credentials with strong, unique passwords and two-factor authentication or it integrates active monitoring protocols to evaluate data movement, password protection is quickly becoming a “can’t miss” component of any data security strategy.
New Zealand - Disney+
Exploit: Compromised user accounts
Disney+: Media streaming service
Risk to Small Business: 1.888 = Severe: Thousands of Disney+ customers had their login credentials stolen and distributed on the Dark Web. While the data breach isn’t limited to Australian users, it coincided with the Australian launch of the streaming service, which means that the brand’s reputation was damaged before users had an opportunity to judge the service based on its merits. In a crowded marketplace, brand erosion can quickly degrade competitiveness, and these negative headlines will not help Disney’s competition against Netflix and other streaming services.
Individual Risk: 2.142 = Severe: It’s unclear how hackers gained access to user accounts. Some customers admitted to reusing passwords that could have been compromised in other attacks, but some used unique passwords. It’s possible that users had credential-stealing malware installed on their computers or that they responded to a phishing attack. Regardless, account details include their most sensitive personal information, and they should take every precaution to ensure that their data remains secure. At the same time, users should double-check the originality of every account password, as it’s an easy way to thwart many hacking attempts.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Even as the cost of a data breach continues to rise exponentially, quantifiable costs aren’t the only expense that companies should consider. Brand erosion is a real problem, as customers are increasingly willing to walk away from platforms and services that can’t protect their data. No matter how you look at it, having thousands of people complaining about your service online is a terrible day for business, and could have long-term costs for the service’s viability.
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
In Other News:
Cybersecurity Instances Expected to Rise this Holiday Season
It’s the unwanted gift that keeps on giving. A breach inflicts serious financial and reputational damage on any victim, and new data suggests that such attacks will be on the rise during the holiday season. Hackers have zeroed in on vulnerabilities in websites that collect and store customers’ PII or payment information, ready to be exploited by increased web traffic and distracted IT staff.
The study found that the average website relies on 31 third-party integrations, each providing a unique opportunity to find vulnerabilities that can compromise users’ information. Indeed, third-party partnerships can often be a weak point in companies’ IT development.
However, rather than waiting to be the next victim, SMBs should take the time now to evaluate their cybersecurity posture and ensure that they are ready to address and defend the most prescient threats for their business. For some, this holiday season will be spent wishing they were more prepared to protect their IT, while others will be thankful that they already did.
A Note From Kobargo
Cybercriminals Targeting Office 365 Admin Credentials with Phishing Attacks
Office 365 is often used as a starting point for many phishing scams because of its popularity in the business community. Now cybercriminals are upping their game, using information readily available on the internet to target business administrators with phishing scams in hopes of attaining the Office 365 login credentials.
In launching such targeted attacks, hackers hope to gain access to IT infrastructure using credentials that can provide full access. In addition, admin accounts can often be used to infiltrate other user accounts, or hackers can use admin accounts to create new accounts that can be further used to distribute phishing campaigns.
Ultimately, it underscores the importance of training all employees about the risk of phishing attacks and of keeping them abreast of the latest trends and tactics. Since hackers are nimble with their tactics, businesses need to be dynamic in their training, always ready to stymie their efforts.