This week in breach, ransomware erodes productivity and security, and a malware attack permanently destroys patient data.
Dark Web ID Trends:
Top Source Hits: ID Theft Forums
Top Compromise Type: Domain
Top Industry: Education and Research
Top Employee Count: 251 – 500 Employees
United States – TV Eyes
Exploit: Ransomware
TV Eyes: Media Monitoring Service
Risk to Small Business: 2.222 = Severe
An unidentified ransomware strain has disabled the network’s core servers and engineering workstations. As a result, clients have been unable to access any information, which could have broad and long-lasting financial consequences for the media monitoring company. TV Eyes has declined to pay the ransom. Still, brand erosion and opportunity costs will make this an expensive attack at a critical time for the company, whose services are widely used by news outlets and PR agencies to access media content for reporting purposes.
Individual Risk: 2.875 = Moderate
At this time, no personal information was compromised in the breach. However, some PR professionals and media members had expressed fears that their data was compromised before hackers encrypted their files. Those impacted by the breach should update their account credentials while being especially critical of digital communications.
Customers Impacted: Unknown
What Can You Learn from Their Mistake?
In addition to academic and government institutions, cybercriminals are increasingly targeting businesses that store customer data. Many are now willing to compromise customer data if ransom demands aren’t met, a new reality that significantly increases the potential damage of a ransomware attack. Since ransomware attacks always require a vulnerability to gain network access, companies should regularly assess their defensive postures to ensure that they are prepared for this nefarious attack methodology.
How Can Spry Squared Help?
We help you understand the importance of security and we offer hands-on assistance with setting up your Dark Web monitoring. Learn more here about Spry Squared Dark Web Monitoring
United States – Electronic Warfare Associates (EWA)
Exploit: Ransomware
Electronic Warfare Associates (EWA): Electronic product and services company
Risk to Small Business: 2.111 = Severe
Cybercriminals encrypted the company’s web servers, leaving customer-facing signs of a cyberattack even several days after the event. In response, the company took down the affected servers, and it’s unclear how much of the company’s internal IT is impacted by the attack. More than a week after the attack was discovered by security researchers, EWA still hasn’t issued a statement to the public. This lack of transparency could complicate their recovery process, which already promises to be an arduous journey due to the complicated nature of their business.
Individual Risk: No personal information was compromised in the breach.
While no personal information was breached, EWA’s reliability and reputation are at stake.
Customers Impacted: Unknown
What Can You Learn from Their Mistake?
Ransomware attacks often come with cascading consequences that impact every part of a business. Not only does this attack vector come with high up-front expenses, but the reputational damage and opportunity cost can be even more damaging. Every company should assess its threat landscape to ensure that it can adequately defend against a devastating ransomware attack.
How Can Spry Squared Help?
Spry Squared has tools that simulate phishing attacks and we can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Click this link to get started.
United States – Fondren Orthopedic Group
Exploit: Malware Attack
Fondren Orthopedic Group: Orthopedic healthcare services provider
Risk to Small Business:1.555 = Severe
A malware attack destroyed a number of the medical provider’s patient records. The incident was first discovered in November 2019, but IT administrators only recently identified the permanent damage to their digital records. As a result, patients have to complete new patient information forms that include detailed medical histories. Given the sensitive and incredibly important nature of this information, this attack could negatively impact patient care, and it will undoubtedly invite regulatory oversight.
Individual Risk: 285.2 = Severe
Fondren Orthopedic Group noted that there is no evidence of patient information being compromised. However, the lost data includes patients’ names, addresses, phone numbers, treatment data, and healthcare information. It stands to reason that if hackers can erase patient data, then they can also use it for other nefarious purposes. Those impacted by the breach should carefully monitor their online accounts for unusual or suspicious activity, and they should scrutinize digital communications because compromised data is often redeployed in spear phishing attacks.
Customers Impacted: 30,049
What Can You Learn from Their Mistake?
After this devastating malware attack, Fondren Orthopedic Group announced an update to their cybersecurity practices, a move that is too little, too late for the thousands of patients impacted by the breach. There are many steps companies can take to mitigate the risk of a data breach, but those steps need to be taken before an incident occurs. Otherwise, these measures serve as vanity metrics as opposed to a defensive strategy.
How Can Spry Squared Help?
We go into the Dark Web to keep you out of it. Dark Web IDTM is the leading Dark Web monitoring platform in the Channel. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze and proactively monitor an organization’s compromised or stolen employee and customer data. Schedule a demo today.
Not sure how safe your data is OR is your company data already on the Dark Web?
Contact the cybersecurity experts at Spry Squared for your complimentary Dark Web scan.
Thanks to our cybersecurity partner ID agent for this Week in Breach report!
