Breach Clarity Data Breach Report: Week of Sept. 6
Each week, Sontiq uses its BreachIQ capability to identify recent notable reported data breaches. These breaches are highlighted because of the heightened identity security risks to the victims. BreachIQ uses a proprietary algorithm to analyze more than 1,300 factors of a data breach and create a risk score on a scale of 1-10. The higher the score, the more severe the breach and level of risk.
One of the major challenges we’ve found in motivating consumers to take action about data breaches is a lack of context for the severity of risk created by the data breach. Unfortunately, coverage of data breaches frequently falls into one of two camps: either the breach is covered as a devastating blow to consumers’ identity security and privacy, or the incident is portrayed as a trivial mishap that is unlikely to have serious consequences. In reality, of course, most breaches fall somewhere in the middle, creating meaningful risks to victims’ identities, but which can be mitigated by specific actions by those affected. Within BreachIQ, we tend to think about the risks created by breaches within the context of the severity of the identity crimes enabled by the data exposed in the breach:
Low Risk (BreachIQ score 1-3): Data breaches in this tier are the least likely to result in cases of identity theft, scams and fraud that would harm affected consumers. Typically, this means that the breach exposes victims to direct risk from fairly low impact fraud types (e.g. low sophistication spam or phishing messages) and that fraudsters would need to supplement the data exposed in this breach with other types of PII to commit most fraud types.
Moderate Risk (BreachIQ score 4-6): Data breaches in this range create a meaningful risk of identity theft, scams or fraud that could result in some degree of harm to affected consumers. Most breaches in this category contain all the data needed to commit at least one type of fraud (e.g. a breach that exposes card numbers, security codes, expiration dates, etc.), but often expose victims to a narrower range of threats than the highest-risk breaches.
High risk (BreachIQ score 7-10): Data breaches in this tier are likely to lead to identity theft, scams or fraud that significantly harm affected consumers. The highest-risk breaches expose rich identity data types that are used in a wide variety of fraud schemes. For instance, a breach that exposes a victim’s name, social security number, date of birth and other biographical details like income or employment history can be used to open fraudulent new accounts, take over existing financial accounts or file a tax return in the victim’s name.
New breaches added: 29
Mater Dei High School
A phishing attack against Mater Dei High School allowed cybercriminals to gain unauthorized access to two employee email accounts along with personal information contained in emails and attachments that passed through the affected accounts between January 1 and March 4, 2021. Exposed information varies by individual victim but contains Social Security numbers, driver’s license numbers, passport numbers, credit and debit card information, medical records and more.
What should you do? Any time a breach exposes data that is this sensitive, victims should take the time to make sure that they have put essential protections in place across all aspects of their identity. This includes locking or freezing your credit report, using strong authentication on your bank accounts, email and other important services and making sure that you have set up alerts for suspicious activity on your accounts.
CareATC, Inc.
Unauthorized access to two employee email accounts at CareATC allowed cybercriminals to access personal data contained in emails and attachments that passed through that account between June 19 and 29, 2021. Exposed data types vary by individual, but include Social Security numbers, driver’s license numbers, financial account information, medical records, login information and more.
What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.
Golden Rule Insurance Associates, LLC (Third-party Vertafore)
Golden Rule Insurance Associates disclosed that their customers’ information was involved in the Vertafore data breach, which was discovered at the end of 2020. A configuration error in QQCatalyst, Vertafore’s insurance agency management product, resulted in files uploaded to QQCatalyst by client organizations being publicly accessible while the flaw was active. This exposure is believed to have lasted from the beginning of 2012 until the end of 2020. At this point, Sontiq is tracking six insurance agencies that have disclosed that their policyholders’ personal information was exposed in the Vertafore breach. For Golden Rule Insurance Associates, this includes Social Security numbers, credit and debit card information, financial account information and more.
What should you do? When credit or debit card data is stolen, you should contact your issuer to determine whether you need a replacement card. Many card issuers also allow you to set up alerts for large or unusual purchases. These alerts can help you quickly identify suspicious activity and notify your bank or credit union of the fraud.
Elm3 Financial Group
Cybercriminals were able to guess or obtain login credentials for one of Elm3’s third-party vendors, allowing the perpetrator to gain access to a server containing sensitive personal information. Exposed data types include Social Security numbers, financial account information and more.
What should you do? This breach carries a high risk of account takeover—unauthorized access to victims’ bank accounts. Setting up strong authentication, such as use of temporary passcodes at login, can protect your financial accounts. Victims should also review the alerts offered by their bank or credit union to ensure that they are notified of suspicious login attempts or transfers out of their bank accounts.
About the BreachIQ Score
The idea for the BreachIQ score came from data breach expert Jim Van Dyke, who realized the public should be able to access the same analysis he used as an expert witness to discern data breach risks in the country’s biggest data breach cases. Breach Clarity’s artificial intelligence algorithm simulates that advanced, objective analysis and is available to anyone as a free tool in the fight against identity fraud and cybercrime. The score, risks and recommended action for any publicly reported data breach is available at Breach Clarity.
