Data Breach, Cyber Alert Monday 04-29-19

Cyber Alert: Last week, Chipotle accounts might be getting hacked and the Weather Channel is struck by ransomware.

LAST WEEK'S CYBER ALERT, HACKS, ATTACKS, BREACHES AND MORE...

Chipotle: American chain of fast casual restaurants

Exploit: Credential stuffing

Risk to Small Business: 1.888 = Severe: Several individuals took to Twitter and Reddit to report that their Chipotle accounts were being used to place unauthorized orders at locations across the country. However, many of the customers maintain that their passwords were unique to Chipotle, which could rule out the possibility of a credential stuffing attack and shift the blame directly on Chipotle. In response, Chipotle officials stated that they don’t believe their network was breached or that personal data was revealed to outside entities. This is the company’s second data security incident in two years, and they have yet to roll out two-factor authentication for their customers.

Individual Risk: 2.571 = Moderate: In credential stuffing attacks, hackers leverage personal information retrieved from past data breaches to breach new accounts. Chipotle account holders should enlist in identity monitoring solutions and reset their passwords to protect their information going forward.

Customers Impacted: To be determined.

How it Could Affect Your Business: Being able to rule out a credential stuffing attack is crucial to identifying the source of a breach. Without the help of an MSP or an MSSP that offers Dark Web monitoring solutions, it becomes incredibly difficult to track how compromised data is being leveraged by hackers. When developing digital platforms, companies of all sizes need to plan to protect their customer data by taking every precaution to ensure that their information is never compromised.

 

Navicent Health: Second largest hospital in Georgia and part of the Central Georgia Health System.

Exploit: Employee e-mail breach

Risk to Small Business: 1.777 = Severe: In a recent data breach notice, Navicent Health disclosed that they learned about a breach originating with their employees’ corporate email accounts, which were accessed by an unauthorized third party. Although no evidence of identity theft was revealed, the company was forced to take responsibility, notify patients, and offer free identity protection services, while also pledging to improve their security infrastructure moving forward.

Individual Risk: 2.857 = Severe Navicent doesn’t believe any of the accessed data is being used to perpetuate identity theft or other cybercrimes, but the compromised emails did include sensitive patient data including their names, birthdays, addresses, medical information, and social security numbers.

Customers Impacted: Unknown

How it Could Affect Your Business: Companies charged with handling personal health information (PHI) need a comprehensive understanding of their IT infrastructure, including potential vulnerabilities. Since HIPAA compliance and patient trust are both on the line, any company managing PHI should prioritize risk assessment and prevention. Employees should be the first line of defense, as they manage patient data on a daily basis, and they must be armed with proper cybersecurity awareness training to prevent future incidents.

 

Verint: Global cybersecurity firm offering analytics, surveillance, and business IT service

Exploit: Ransomware attack

Risk to Small Business: 2.111 = Severe: Verint is an international cybersecurity firm headquartered in the US, and the ransomware is currently contained within their Israel offices. The company reacted quickly, issuing an on-screen message that instructs employees to immediately shut down devices if they receive a ransomware message. However, the erosion of brand reputation has the potential to spread like wildfire, especially among cybersecurity experts and customers who catch wind of the incident.

Individual Risk: 2.857 = Severe: Ransomware attacks typically affect businesses because they prevent users from accessing files until a ransom is paid. However, when hackers gain access to a company’s network, there is always a risk of revealing personal information. At this time, there is no indication that Verint employee or customer information was compromised.

Customers Impacted: Unknown

How it Could Affect Your Business: This incident is a reminder of the difficulty of managing and maintaining an international IT infrastructure. Fortunately, Verint’s security software immediately detected the breach and made employees aware of best practices for combating a ransomware attack, but a lot more could have been done. Companies should invest in solutions that can proactively and continuously monitor hacker marketplaces for compromised employee or customer data. Especially in the case of companies conducting business in cybersecurity and IT infrastructure, the risk associated with damaged brand quality is too high.

 

The Weather Channel: Television network airing 24-hour coverage of weather

Exploit: Ransomware attack

Risk to Small Business: 2.333 = Severe: The Weather Channel’s daily morning show AMHQ was unable to air at its regular time because of a ransomware attack that temporarily incapacitated the network. The downtime lasted for more than 90 minutes, and viewers saw pre-recorded footage during this time.

Individual Risk: 3 = Moderate: It is not currently believed that any personal information was revealed in the ransomware attack.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware is a serious problem for companies of all sizes. Critical information and operations can be cut off until the ransom is paid. Businesses must establish security protocols and source advanced security solutions in order to appropriately respond in the event of a ransomware attack.

 

Augusta: The city capital of Maine, which provides services to 18,000 residents

Exploit: Computer virus

Risk to Small Business: 2.333 = Severe: A malicious software infiltrated and damaged the city’s computer network system and individual devices, shutting down all offices for an extended period of time. Not only did the virus prevent officials from using servers and computers, but it debilitated the machines used by emergency dispatchers, which required manual tracking of emergency vehicles and responses. The phone system and public safety radio system did remain operational during the ordeal, ensuring no disruption to public safety. Additionally, all services related to the computer network including billing, tax records, and general assistance were completely offline. City officials believe the incident was perpetrated by an inside threat who wanted to destroy, not capture, government data.

Individual Risk: 2.714 = Moderate: City officials don’t believe that any personal information was compromised in the attack, but they do admit that this information has become inaccessible. Individuals with data stored on the city network should be mindful of the vulnerability by taking precautions to ensure data parity.

Customers Impacted: Unknown

How it Could Affect Your Business: The notion that this incident could be perpetrated by an insider threat is a reminder than any single employee can do significant damage to a company’s IT infrastructure. Having contingency plans in place is a veritable must-have, but companies should also be prepared to provide support to any individuals impacted by the breach.

 

A Note From Kobargo:

How Will You Handle Ransomware?

Ransomware attacks are one of the scariest and most reported cyber-security threats, and a recent report found that most victims are now prepared to pay the ransom.

The Telstra’s 2019 Security Report surveyed 320 Australian businesses, more than half of which paid ransomware attackers to retrieve their data. Interestingly, 77% of those companies successfully recovered their information after paying the ransom.

In some ways, this is a good thing. Nobody wants to lose their data to hackers. However, it also incentivizes bad actors, making it possible for them to continue victimizing more people. Having a plan to combat and address ransomware is quickly becoming a critical component of any cyber-security strategy, and it’s one that demands more than just a cache of Bitcoin for a rainy day.  Kobargo Technology Partners will prepare you with the tools to fight back.

Protect your business from a Data Breach. Contact Kobargo Technology Partners to schedule a free consultation today!

No Comments Yet.

Leave a reply

Sign up for our Newsletter


By submitting this form, you are consenting to receive marketing emails from: Kobargo Technology Partners, 12425 W. Bell Road, Surprise, AZ, 85378, http://www.kobargo.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact