The Week in Breach News: 02/24/21 – 03/02/21
This Week in Breach News:
Bombardier and Steris get caught up in a third-party data breach, troubled crypto exchange Cryptopia gets hacked again and the shockingly large percentage of data breaches that are email-based (plus how to help businesses fight back).
United States – Gab
https://www.hackread.com/gab-hacked-ddosecrets-leak-profiles-posts-dms-passwords-online/
Exploit: Hacking
Gab: Social Media Platform
Risk to Business: 1.479 = Extreme
Right wing social media platform Gab was hacked by hacktivist group DDoSecrets. The platform is notorious for lax censorship of hate speech and is a haven for extremists including white supremacists, neo-Nazis, white nationalists, the alt-right, and QAnon conspiracy theorists. DDosSecrets has posted 70 GB of Gab content to its website including public posts, private posts, user profiles, hashed passwords for users, DMs, and plaintext passwords for groups in SQL format, along with over 70,000 messages in more than 19,000 chats with over 15,000 users in plaintext format.
Individual Risk: 1.447 = Extreme
It is unclear how many individuals may have been impacted. Gab users should be wary of spear phishing attempts, as well as potential legal consequences for nationalist or hate group activity.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Hacktivists are growing bolder in their quest to expose hate in public and private spaces. Information like this will haunt users for years on the dark web.
ID Agent to the Rescue: Watch for threats from the dark web without lifting a finger using Dark Web ID, 24/7/365 credential monitoring that alerts you to trouble fast. LEARN MORE>>
United States – Steris
https://www.infosecurity-magazine.com/news/steris-touted-as-latest-accellion/
Exploit: Third Party Data Breach
Steris: Medical Equipment Sales
Risk to Business: 1.919 = Severe
The ransomware gang Clop is claiming to have snatched an unspecified amount of information belonging to the Steris Corporation during a ransomware attack at third party cloud solutions provider Accellion. A small amount of internal data including studies and communications was identified as Steris data.
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Third party threats are growing more serious as cybercriminals collect information used in past breaches to fuel future attacks.
ID Agent to the Rescue: Is your company in danger from dark web data like lists of stolen credentials? Dark Web ID helps you find out fast LEARN MORE>>
United States – Covenant Healthcare
Exploit: Phishing
Covenant Healthcare: Medical System
Risk to Business: 2.212 = Severe
Bad actors obtained access to two employee email accounts at Covenant Healthcare, leading to the exposure of personal information for an estimated 45K patients. The Michigan-based health system is undertaking an investigation with outside cybersecurity professionals.
Individual Risk: 1.712 = Severe
Potentially stolen patient information includes includes names, addresses, dates of birth, Social Security numbers, driver’s license numbers, medical diagnosis and clinical information, medical treatment, prescription information, doctors’ names, medical record numbers, patient account numbers, and medical insurance information. The hospital is offering identity theft protection to impacted patients.
Customers Impacted: 45K
How it Could Affect Your Customers’ Business: Phishing is the gateway to dangerous cybercrime, and regular phishing resistance training helps keep that gate closed.
ID Agent to the Rescue: Learn the secret to keeping phishing away from your business and keeping your data safer in The Phish Files. READ IT >>
Canada – Bombardier
https://www.teiss.co.uk/bombardier-data-breach/
Exploit: Third Party Data Breach
Bombardier: Airplane Manufacturing
Risk to Business: 1.816 = Severe
Canadian aerotech manufacturer Bombardier has been caught up in a third party data breach In the recent breach at cloud services provider Accellion stolen data about many companies was obtained, including this information that Bombardier says was taken from specific servers and uploaded by hackers on their dark web portal.
Risk to Business: 1.891 = Severe
Cybercriminals got their hands on a small subset of employee data including unspecified confidential information relating to 130 employees in Costa Rica.
Customers Impacted: 130 employees so far
How it Could Affect Your Customers’ Business: Ransomware that strikes your partner or service provider can be your problem too. Protecting businesses against damage from third party sources is a must these days.
ID Agent to the Rescue: Read our Security Awareness Champion’s Guide, for a complete walkthrough of today’s nastiest cyberattacks and the tricks that cybercriminals conduct them. GET THE BOOK>>
Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>
United Kingdom – Oxford University Division of Structural Biology
https://www.theverge.com/2021/2/25/22301725/covid-19-research-lab-hacked-oxford-university-strubi
Exploit: Hacking
Oxford University Division of Structural Biology: Research Laboratories
Risk to Business: 2.722 = Moderate
Oxford University Division of Structural Biology, popularly known as Strubi, landed in cybercriminal sights last week. Bad actors access operations and routine data from a number of machines including purification devices for handling biochemical samples, some of which included proteins used in ongoing coronavirus research. The incident is under investigation and all lab functions have been restored.
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: In today’s booming data markets, hackers are hungry for unique data that fetches a pretty eny, like COVID-19 research reports.
ID Agent to the Rescue: Protect your business environment from hackers by adding Passly to your security suite to stop 99 percent of password-based cybercrime cold using multi factor authentication and more .SEE IT IN ACTION>>
United Kingdom – Npower
https://www.bbc.com/news/technology-56195631
Exploit: Credential Stuffing
Npower: Energy Utility
Risk to Business: 2.603 = Moderate
Energy firm Npower has closed down its app following a credential stuffing attack. This incident spurred an earlier than planned shut down of the company’s mobile that was slated to be shut down later in 2021 as part of wind-down plans following Npower’s acquisition by Eon.
Individual Risk: 2.673 = Moderate
Some customers’ financial and personal information was accessed by bad actors including contact details, birth dates, addresses and partial bank account numbers.Customers should be wary of potentials spear phishing or credential compromise attempts using this data.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Shutting down any art of your operations because of a cyberattack is no good for any business. Fortunately for this company, it just accelerated an ongoing process, bu no every company would be that lucky.
ID Agent to the Rescue: Get The Road to Cyber Resilience to learn strategies and solutions that can make your business bounce back faster from cybersecurity failures. READ THE BOOK>>
United Kingdom – NurseryCam
https://www.bbc.com/news/technology-56141093
Exploit: Hacking
NurseryCam: Childcare Monitoring App
Risk to Business: 1.993 = Severe
A security flaw enabled hackers to gain access to user information at NurseryCam, a service that allows parents to observe their child’s nursery school or daycare experience in more than 40 UK locations. This is the second security flaw reported as discovered by researchers at NurseryCam.
Risk to Business: 2.822 = Moderate
The flaw allowed hackers access to client information for parents who use the service including usernames, passwords, real names and email addresses
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Repeated security incidents will turn customers off, especially for companies that handle potentially sensitive data or access to sensitive environments like cameras in childcare facilities.
ID Agent to the Rescue: Stop intrusions from sloppy security or unsafe practices with affordable, simple secure identity and access management using Passly and keep your access points safer. SEE VIDEO OF PASSLY>>
Finland – TietoEVRY
Exploit: Ransomware
TietoEVRY: IT Services
Risk to Business: 1.913 = Severe
Finnish IT services and software titan TietoEVRY has suffered a ransomware attack that forced an abrupt disconnection of 25 clients’ services. Impacted clients were in retail, manufacturing, and service-related sectors.
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: 25
How it Could Affect Your Customers’ Business: Ransomware may not just shut down your business, it could also shut down your customers’ business if you are a service provider – and no customer will be happy about that.
ID Agent to the Rescue: keep ransomware from putting the brakes on your business with the insight and strategies you’ll learn in Ransomware 101. GET IT>>
Want to Borrow Our Sales and Marketing Teams? OK!
Get expert sales and marketing help to power up your MSP in a flash with Powered Services Pro. LEARN MORE>>
New Zealand – Cryptopia
https://www.hackread.com/cryptocurrency-exchange-liquidation-hacked-again/
Exploit: Hacking
Cryptopia: Cryptocurrency Exchange
Risk to Business: 1.116 = Extreme
Beleaguered cryptocurrency exchange Cryptopia has taken another expensive hacking hit. The company was smacked by hackers a second time in as many years, and they stole USD 45,000 (NZD 62,000) worth of crypto this time. Cryptopia lost USD 30 million in crypto-assets in a 2019 hack, catapulting it into receivership, where it remains now.
Individual Impact: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: The last thing an already reeling company needs to deal with is a cyberattack. Cutbacks should never include cybersecurity if a business is planning to get back on its feet.
ID Agent to the Rescue: Get smart, affordable protection from many hacking attempts with Passly, the award-winning multitool that handles secure identity and access management for less. SEE VIDEO OF PASSLY>>
Is Your Biggest Security Threat Already Inside Your Business? Learn to spot and stop insider threats with this kit>> DOWNLOAD IT
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
Go Inside the Ink to Get the Inside Scoop on Cybercrime
Are you up to date on the latest news that can impact your business and your customers? Here’s a recap:
- Don’t Make Friends with Social Media Phishing Scammers
- The Week in Breach: 02/17/21 – 02/23/21
- Cybercrime Undercover: Phishing Attacks Imitate Famous Brands
- Business Email Compromise is on the Rise Again
- Kaseya Wins Five Cybersecurity Excellence Awards
Learn the Secret of How Cybercriminals Trick You Into Falling for Phishing Messages!
Make Business a Pleasure
As you start maneuvering into the second quarter of 2021, spring is popping up – and so are opportunities! These webinars can help you solve sticky business problems to make running your business more pleasant and rewarding.
Making a Battle Plan for Profit: Learn to survey the field and draw up a battle plan to win more pitches and crush the competition. WATCH NOW>>
Customer Experience Confidential: Gain insight into the secrets behind creating a superior customer experience every time. WATCH NOW>>
Power Up! Supercharge Your Sales and Marketing: See how Powered Services can be your sales and marketing secret weapon. WATCH NOW>>
More Than 80% of Data Breaches Are Email Based
What source puts a company’s data most at risk? It’s not hackers, or nation-state cybercriminals, or even disgruntled employees – it’s email. Seemingly routine, everyday email is the most likely vector for a damaging cyberattack that leads to a data breach. But a few smart steps can be taken to reduce the risk of an email-related data breach in 2021.
Results from a recent survey of 500 IT leaders and 3,000 remote-working employees in the US and UK across vertical sectors including financial services, healthcare and legal affairs make one thing clear: every business is at risk for trouble. More than 80 percent of surveyed organizations have experienced a data breach in the past year because of email. Further, 95 percent of the IT leaders surveyed believed that client and company data is most at risk from actions that are taken over or in response to email.
Would you trust a flimsy lock for your front door? Add a stronger lock between cybercriminals and your business when you learn to Build Better Passwords. GET IT>>
Human Error, Stress and Distraction Cause Worrisome Jumps in Data Breaches
Employees are handling more email these days as the expected return to offices is slowed by the continued global pandemic. An estimated 85 percent of employees reported sending more emails since they’ve been working remotely. Throughout the last year as companies remained fully or mostly remote, email handling has grown less predictable as well, bringing new challenges to IT teams – 73 percent of employees surveyed said that they regularly read and respond to work emails outside of their working hours, and almost one-quarter of employees (24%) reporting that they handle work email while doing other things.
This tracks with the long established IT maxim that the number one cause of a data breach is human error. One of the major contributors to email based data breaches noted in the survey was remote workers making mistakes and because of distraction, tiredness and stress. About 60 percent of employees noted that they are working in environments where distractions are commonplace. A further 73 percent of employees reported that they feel tired, stressed or upset because of the pandemic.
IT leaders agree that the pandemic and remote work spurred by it are major contributing factors to email-related data breaches. Almost 60 percent of IT leaders reported an increase in email data leaks since implementing remote working as a result of the pandemic. Those same IT leaders reported that email-related data handling mistakes were one of their company’s biggest risks, with almost one quarter of breaches caused by an employee sharing data in error by sending an email containing sensitive data to the wrong recipient or attaching the wrong file.
Automated Email Security can save your business a fortune. Get a free eBook that details how Graphus lowers your company’s chance of an email related security disaster at a price you’ll love now!
Employees Are Handing Out Credentials at an Eye-Popping Rate
Employees under pressure and working remotely are also interacting with much more phishing email and handing out their credentials at an alarmingly high rate. In a recent multi channel phishing exercise, researchers noted that one-fifth of the tested employees fell for phishing emails even if they have gone through some security awareness training. Of employees that fell for the phishing email, more than two-thirds also entered their credentials, such as a password.
This is a troubling trend, especially for businesses that do not have adequate access point security. Researchers noted that the number of surveyed employees who fell for phishing tricks and clicked on a phishing link increased by 77 percent in this year’s survey, going up from 11.2 percent in 2019 to 19.8 percent in 2020. Those employees were also quick to hand over their credentials. An astonishing 644 percent year-on-year increase in employees that provided their credentials in response to phishing illustrated the increased danger of an email related data breach for companies, skyrocketing from 1.8 percent in 2019 to 13.4 percent in 2020.
Don’t let ransomware take your business hostage!
Get the eBook Ransomware 101>>
See our list of 10 things you need to know about ransomware!>>
What Will Mitigate This Risk?
Reducing a company’s danger from phishing starts with reducing its proximity. The less exposure employees have to phishing, the better. If a company uses an affordable automated phishing defense solution like Graphus, it’s already making great strides toward solving that problem. Otherwise, two strong mitigations to put in place to lower the risk of an email-related data breach in both the short and long term are secure identity and access management and better security awareness training around email.
Secure identity and access management with Passly won’t stop staffers from mishandling email, and credentials, but it can stop cybercriminals from gaining access to your systems and data with a phished password. Multifactor authentication stops 99 percent of password-based cybercrime. That’s just one of the overlapping defensive tools that you get with Passly. This is the fastest, easiest mitigation to put n place for an business.
Advanced phishing resistance training with the new BullPhish ID is the gift that keeps on giving for organizations. Security awareness training like this, when refreshed at least quarterly, lowers a company’s chance of falling victim to a phishing attack by up to 70 percent. The newly unveiled user-friendly, customizable training portals make training painless for IT staff and employees. Plus, training materials can be customized to reflect a company’s real threats. Add white labelling at every turn and MSPs can be sure that their business is top-of-mind- for users.
Are you ready to boost your MRR with fast, easy security sales wins in 2021?
Watch “5 Proven, Practical Steps to Close New Security Business” now>>
Helping prevent email-related data breaches is essential for securing businesses as we shift into a more permanent work-from-home world. Companies have realized that remote work is here to stay and it brings them unexpected IT challenges (and huge risks) that can only be solved with the right combination of cybersecurity solutions to keep data in and cybercriminals out.
Contact an ID Agent expert to find out more about effective and economical ways to make sure that every organization is protected against today’s constantly growing cybercrime threats.
Mar 3 & 9 – MSP Cybersecurity Certification Webinar REGISTER NOW>>
Mar 11 – The MSP Lounge (EMEA Special) REGISTER NOW>>
Mar 11 – MSP Mastered® Level 1: Developing Effective Master Service Agreements and SOWs REGISTER NOW>>
Mar 23 – Xaas Summit: Innovation on Demand Via the Channel (EMEA Special) REGISTER NOW>>
Mar 25 – MSP Mastered® Level 1: Optimizing and Integrating Your Business Platforms REGISTER NOW>>
Mar 31 – Apr 1 – Zero Trust World (MSP Edition) REGISTER NOW>>
If Cybersecurity is Like a Game, Shouldn’t You Play to Win? Here’s How to Do It.
Don’t Become a Data Breach Statistic
A great deal of cybersecurity attention is afforded to hackers. We all have those images of cybercriminals in a dark room typing and hacking their way into a computer system. But if you think hackers are your organization’s biggest cybersecurity threat, think again. An estimated 80 percent of organizations in a recent survey experienced email-based data breaches in 2020, and that’s also likely to be the case in 2021.
Employees are handling more email than they used to. Over 80 percent of remote workers rely on email as their primary form of communication. Unfortunately, they’re not alway on the ball when it comes to handling that email safely. In a recent survey, over 70 percent of employees noted that they had made email and data handling mistakes in the last year due to pandemic-relate stress and distractions while working remotely
As the era of remote work settles in with permanency, it’s smart for every company to put mitigations in place that reduce the chance of a damaging cyberattack related to email. Phishing isn’t always to blame, either – 24 percent of email-based data breaches were caused by an employee simply sending someone the wrong file or sharing data in error.
In the same survey, 95 percent of IT leaders said that email handling puts their client and company data is at risk. That’s not a statistic that you want to be a part of. Add secure identity and access management with a solution like Passly now to reduce the chance of someone accessing data that they shouldn’t, and increase your security awareness training with the customizable training kits available through BullPhish ID to reduce your company’s chance of experiencing an email-related data breach.
Get high-quality tools to help you connect with your customers with our free resources for marketing and education like eBooks, webinars, social media graphics, infographics, and more!
Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Just send an email to [email protected] to let us know – we welcome your feedback and we love to hear about how our content works for you!
Ready to become an ID Agent Partner or learn more about our remote-ready suite of cybersecurity solutions including the award-winning DarkWeb ID? Contact us today!
*** This is a Security Bloggers Network syndicated blog from Blog – ID Agent authored by Kevin Lancaster. Read the original post at: https://www.idagent.com/blog/the-week-in-breach-data-breach-news-02-24-21-03-02-21