Breach Clarity Data Breach Report: Week of March 23

Each week Breach Clarity, recently acquired by Sontiq, compiles a list of what it considers to be notable data breaches—those that are worth highlighting because of the increased intensity of the risk to personal information. The Breach Clarity score identifies the level of risk on a scale of 1 to 10—the higher the score, the more severe the breach and level of risk.

What we’ve consistently found is smaller breaches that more easily fly under radar often expose victims to concentrated identity risk. Targeted scams have received a new degree of scrutiny over the past year as stimulus payments and other government benefits have offered lucrative opportunities for identity criminals. Just like any fraud scheme, there is an effort-return spectrum for scams ranging from scattershot phishing campaigns to highly personalized spear phishing attacks designed around one specific victim. Throughout the life cycle of various scams, breaches can provide perpetrators with a variety of tools to deceive victims.

At the most basic level, large breaches of contact information provide pre-built spam lists that scammers can take advantage of, even with little to no customization for each victim. Ironically, in some cases it is the scammers themselves who are breached, as in the case of the River City Media spam list breach that exposed 1.37 billion email addresses – one of the largest breaches ever. In the case of high-profile megabreaches, the simple existence of the breach acts as a platform for scammers, who take advantage of victims’ concern for their identity to harvest personal information through phishing websites or spam email campaigns promising information or restoration services. One step removed from personalized spear phishing schemes, fraudsters can include supposedly private pieces of information – passwords or biographical details – within automated scam emails to give a patina of legitimacy to their message.

With the growing sophistication of anti-fraud tech, we can expect scams to become a progressively more prevalent tactic for identity criminals. Just as with the rise of ransomware over the last few years, cybercriminals are realizing that it is frequently more economical to get victims to pay directly than to engage in complex monetization schemes, and breaches are making it easier than ever before.

New breaches added: 32

Colorado Retina Associates, P.C.
BreachIQ Score – 10
Unauthorized access to an employee email account at Colorado Retina Associates exposed personal information contained in messages and attachments that passed through the account. For most victims, the exposed data involved some combination of contact information, clinical information (dates of service, diagnoses, prescriptions, etc.), and health insurance information. A small number of victims also had Social Security numbers, financial information, or credit and debit card information exposed as well.

What should you do? Any time a breach exposes data that is this sensitive, victims should take the time to make sure that they have put essential protections in place across all aspects of their identity. This includes locking or freezing your credit report; using strong authentication on your bank accounts, email, and other important services; and making sure that you have set up alerts for suspicious activity on your accounts.

Exposed medical information can provide valuable background information on victims that is particularly useful for scammers. Victims of this breach should be on high alert for individuals contacting them claiming to be from their bank, insurance, healthcare provider, or other trusted organizations.  If you receive a suspicious call or email, you should end the call and contact the organization directly.

More Information

Sachs Sax Caplan
BreachIQ Score – 7
Unauthorized access to email accounts as well as other unspecified systems at Sachs Sax Caplan (SSC) exposed personal information contained in messages and attachments that passed through the account. Exposed information varies by individual and can include Social Security numbers, driver’s license numbers, financial account information, credit and debit card numbers, and more.

What should you do? This breach carries a high risk of account takeover – unauthorized access to victims’ bank accounts. Setting up strong authentication, such as use of temporary passcodes at login, can protect your financial accounts. Victims should also review the alerts offered by their bank or credit union to ensure that they are notified of suspicious login attempts or transfers out of their bank accounts.

More Information

Cleveland Integrity Systems, Inc.
BreachIQ Score – 7
A malware infection at Cleveland Integrity Systems (CIS) allowed the perpetrator to steal files containing information on current and former employees. Exposed personal information includes Social Security numbers, driver’s license numbers, financial account information, and more.

What should you do? This breach carries a high risk of account takeover – unauthorized access to victims’ bank accounts. Setting up strong authentication, such as use of temporary passcodes at login, can protect your financial accounts. Victims should also review the alerts offered by their bank or credit union to ensure that they are notified of suspicious login attempts or transfers out of their bank accounts.

More Information

Stavros Center for Independent Living
BreachIQ Score – 7

Cybercriminals were able to compromise Stavros Center for Independent Living’s (Stavros) account with their internet fax provider, which enabled the perpetrators to intercept documents sent to the Stavros team between January 12 and 21, 2021. Data types included on the intercepted documents include Social Security numbers, financial account information, and limited medical information (e.g. doctor’s name, admission and discharge dates, etc.).

What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.

Exposed medical information can provide valuable background information on victims that is particularly useful for scammers. Victims of this breach should be on high alert for individuals contacting them claiming to be from their bank, insurance, healthcare provider, or other trusted organizations.  If you receive a suspicious call or email, you should end the call and contact the organization directly.

More Information

About the Breach Clarity Score

Breach Clarity, recently acquired by Sontiq, created an algorithm that deeply analyzes and assigns every publicly reported data breach a Breach Clarity score, most often from 1 to 10. The higher the score, the more severe. (In rare and extreme cases, the score can exceed 10.)

The idea for the Breach Clarity score came from data breach expert Jim Van Dyke, who realized the public should be able to access the same analysis he used as an expert witness to discern data breach risks in the country’s biggest data breach cases. Breach Clarity’s artificial intelligence algorithm simulates that advanced, objective analysis and is available to anyone as a free tool in the fight against identity fraud and cybercrime. The score, risks and recommended action for any publicly reported data breach is available at Breach Clarity.

Avatar photo

Kyle Marchini

Kyle Marchini is a product manager at Breach Clarity, where he oversees the development and implementation of data breach intelligence solutions for financial institutions, identity security providers and other organizational partners. Prior to his work at Breach Clarity, Kyle was a Senior Analyst for Fraud Management at research-based advisory firm Javelin Strategy & Research. He deeply studied both fraud management and consumer behavior, directing some of the industry’s most widely-cited research on identity fraud. His work has been cited on topics ranging from the impact of fraud and breaches on consumers’ banking relationships to the role of emerging technologies such as behavioral analytics in mitigating fraud risk.

kyle-marchini has 27 posts and counting.See all posts by kyle-marchini