Breach Clarity Weekly Data Breach Report: Week of June 14
Each week Breach Clarity, recently acquired by Sontiq, compiles a list of what it considers to be notable data breaches—those that are worth highlighting because of the increased intensity of the risk to personal information. The Breach Clarity score identifies the level of risk on a scale of 1 to 10—the higher the score, the more severe the breach and level of risk.
One of the major challenges we’ve found in motivating consumers to take action about data breaches is a lack of context for the severity of risk created by the data breach. Unfortunately, coverage of data breaches frequently falls into one of two camps: either the breach is covered as a devastating blow to consumers’ identity security and privacy, or the incident is portrayed as a trivial mishap that is unlikely have serious consequences. In reality, of course, most breaches fall somewhere in the middle, creating meaningful risks to victims’ identities, but which can be mitigated by specific actions by those affected. Within BreachIQ, we tend to think about the risks created by breaches within the context of the severity of the identity crimes enabled by the data exposed in the breach:
Low Risk (BreachIQ score 1-3): Data breaches in this tier are the least likely to result in cases of identity theft, scams and fraud that would harm affected consumers. Typically, this means that the breach exposes victims to direct risk from fairly low impact fraud types (e.g. low sophistication spam or phishing messages) and that fraudsters would need to supplement the data exposed in this breach with other types of PII to commit most fraud types.
Moderate Risk (BreachIQ score 4-6): Data breaches in this range create meaningful risk of identity theft, scams or fraud that could result in some degree of harm to affected consumers. Most breaches in this category contain all the data needed to commit at least one type of fraud (e.g. a breach that exposes card numbers, security codes, expiration dates, etc.), but often expose victims to a narrower range of threats than the highest-risk breaches.
High risk (BreachIQ score 7-10): Data breaches in this tier are likely to lead to identity theft, scams or fraud that significantly harm affected consumers. The highest-risk breaches expose rich identity data types that are used in a wide variety of fraud schemes. For instance, a breach like the Five Rivers Health Center incident, below, that exposes a victim’s name, social security number, date of birth and other biographical details like income or employment history can be used to open fraudulent new accounts, take over existing financial accounts or file a tax return in the victim’s name.
New breaches added: 80
Five Rivers Health Center
Unauthorized access to an email account at Five Rivers Health Center allowed cybercriminals to access personal data contained in emails and attachments that passed through that account. Exposed data types vary by individual, but health insurance information and medical records such as test results and prescription information were likely exposed. For a smaller number of victims, financial account information, credit and debit card numbers and driver’s license numbers were also affected.
What should you do? Any time a breach exposes data that is this sensitive, victims should take the time to make sure that they have put essential protections in place across all aspects of their identity. This includes locking or freezing your credit report, using strong authentication on your bank accounts, email and other important services and making sure that you have set up alerts for suspicious activity on your accounts.
Volkswagen Group of America
A data breach at one of Volkswagen’s vendors exposed sales and marketing data collected on the car manufacturer’s customers and prospective buyers in North America. The information involved was collected between 2014 and 2019, although the breach was just publicly disclosed on June 11, 2021. For the vast majority of the 3.3 million individuals affected, the breach exposed only contact information, such as phone numbers and email addresses. For a smaller number of customers, around 90,000 individuals, the breach also exposed information collected during purchases or while assessing lease availability, such as Social Security numbers, driver’s license numbers and account numbers.
What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.
Arnoff Moving & Storage
A ransomware attack against Arnoff Moving & Storage compromised files containing customers’ sensitive personal information. In ransomware attacks, the goal of the attack is typically to extort the infected organization into paying to regain access to their files. Many ransomware strains also take the encrypted files and send them to the group managing the malware, which appears to be the case in this attack. After Arnoff refused to pay the ransom, the group behind the attack has threatened to release the stolen information on criminal marketplaces.
What should you do? When credit or debit card data is stolen, you should contact your issuer to determine whether you need a replacement card. Many card issuers also allow you to set up alerts for large or unusual purchases. These alerts can help you quickly identify suspicious activity and notify your bank or credit union of the fraud.
Jawonio
Unauthorized access to an email account at Jawonio allowed the perpetrator to compromise sensitive personal information contained in emails and attachments that passed through the affected account. Exposed data types varied by victim, but include Social Security numbers, financial account information, medical records such as medical conditions and treatment information and more.
What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.
About the Breach Clarity Score
Breach Clarity, recently acquired by Sontiq, created an algorithm that deeply analyzes and assigns every publicly reported data breach a Breach Clarity score, most often from 1 to 10. The higher the score, the more severe. (In rare and extreme cases, the score can exceed 10.)
The idea for the Breach Clarity score came from data breach expert Jim Van Dyke, who realized the public should be able to access the same analysis he used as an expert witness to discern data breach risks in the country’s biggest data breach cases. Breach Clarity’s artificial intelligence algorithm simulates that advanced, objective analysis and is available to anyone as a free tool in the fight against identity fraud and cybercrime. The score, risks and recommended action for any publicly reported data breach is available at Breach Clarity.
