This week, cybercrime makes COVID-19 recovery more difficult, unsecured databases give away millions of records, and resources you need to protect data during this challenging time.
Dark Web ID Trends:
Top Source Hits: ID Theft Forums
Top Compromise Type: Domain
Top Industry: Health, Finance and Education
Top Employee Count: 50-500
Switzerland – World Health Organization
Exploit: Phishing scam
World Health Organization: United Nations agency responsible for international public health
Risk to Small Business: 1.888 = Severe
Hospital workers are receiving an email purportedly from Dr. Tedros Adhanom Ghebreyesus, director of the World Health Organization (WHO). The email contains a personalized message using the recipients’ valid username and an innocuous-looking attachment. Unfortunately, it’s a phishing attack – when the attachment is opened, it installs malware capable of stealing credentials from the computer. According to cybersecurity researchers, the messages specifically prey on the altruism of recipients, by purporting to include information about novel, preventative drugs and COVD-19 cures.
Individual Risk: 2.571 = Moderate
At this time, there are no reports of recipients falling for this scam. However, anyone who does click on the attachment has likely allowed malware to compromise their credentials. In that case, they should immediately take steps to remove the malware, reset account passwords, and notify their employers of the incident.
Customers Impacted: Unknown
What Can You Learn from Their Mistake?
In 2020, clever spear phishing emails are par for the course when it comes to anticipated attack vectors, and the bad guys are making them look more authentic all the time. Rather than allowing employees to fall for these scams, possibly compromising company and customer data along the way, keep them alert for trouble by providing regular phishing scam awareness training that accounts for the latest trends and encompasses all of the possible vulnerabilities.
How Can Spry Squared Help?
Helping your employees understand the importance of security is no easy task. We offer hands-on assistance by providing the resources, training and tools necessary including Dark Web monitoring. Learn more about Dark Web Monitoring here
United States – Open Exchange Rates
Exploit: Unauthorized database access
Open Exchange Rates: Currency data provider
Risk to Small Business: 1.888 = Severe
While investigating a network misconfiguration, Open Exchange Rates discovered that an unauthorized user was accessing their network. Ultimately, it was determined that the hacker had been accessing their database for nearly a month, beginning on February 9, 2020, and ending on March 2, 2020. The company believes that hackers extracted sensitive user information. In response, Open Exchange Rates has disabled the passwords for all accounts created before March 2, 2020.
Individual Risk: 2.285 = Severe
A copious amount of personal data was compromised in the attack, including user names, addresses, encrypted and hashed passwords, IP addresses, country of residence details, and website addresses. In addition to resetting their account passwords and updating their credentials on any other website using the same information, Open Exchange Rates is warning customers that this information can be used to execute targeted spear phishing attacks. Therefore, those impacted by the breach should carefully monitor their online accounts for suspicious activity.
Customers Impacted: Unknown
What Can You Learn from Their Mistake?
Although it’s a relatively small operation, Open Exchange Rates provides an API that is used by several prominent financial service providers. As a result, the costs of repairing this breach will be compounded by reputational damage that could impact its relationship with these critical partners.
How Can Spry Squared Help?
We have tools that simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click this link to get started.
Unites States – Truefire
Exploit: Malware attack
Truefire: Online music school
Risk to Small Business: 1.555 = Severe
On January 10th, TrueFire identified unauthorized access to its database by a mysterious user who was active for more than six months. It’s unclear why the company waited until March to disclose the incident to its customers. The breach compromised users who made online purchases between August 3, 2019, and January 14, 2020. Although the company didn’t explicitly categorize the breach, payment skimming malware is likely responsible for the theft, which included users’ personal and financial data from their online purchases of classes and services.
Individual Risk: 2.571 = Severe
The breach compromised customers’ personal and financial data, including names, addresses, payment card numbers, card expiration dates, and security codes. TrueFire is encouraging victims to monitor their financial statements for unusual activity, but they should do much more. Those impacted by the breach should immediately notify their financial institutions of the incident, and they should strongly consider enrolling in a credit and identity monitoring service to provide long-term oversight of this critical information.
Customers Impacted: Unknown
What Can You Learn from Their Mistake?
Customers increasingly prefer shopping online rather than going to physical stores. Especially now, as the COVID-19 pandemic forces people to stay home, online stores are a vital lifeline for SMBs to continue generating revenue while people stay off the streets. Therefore, protecting the checkout process must be a top priority, as many customers will be gone for good if their personal or financial data is compromised through mishandled data on the merchant’s end when they make online
How Can Spry Squared Help?
Spry Squared has tools that can find out how payment data is being used on the Dark Web, even in the case of a malware attack. Learn more now.
United States – College of Dupage
Exploit: Accidental data exposure
College of Dupage: Academic institution
Risk to Small Business: 1.555 = Severe
The College of Dupage accidentally exposed the 2018 W-2 forms of current and former employees. In a statement, the school identified the risk of data misuse as low. In reality, even one cybercriminal misusing this information could pose significant consequences for a potential victim. The breach occurred as the College of Dupage is preparing to move its services online due to the spread of COVID-19, forcing the cancellation of in-person classes – a timely reminder that in uncertain times information security will still be top-of-mind for end-users, whether they are consumers, staffers, patients, or students.
Individual Risk: 2.142 = Severe
W-2 forms contain personally identifiable information, including names, addresses, and Social Security numbers. College of Dupage is offering free identity monitoring services to those impacted by the breach, and victims should take advantage of it to ensure that their information remains secure both now and in the future.
Customers Impacted: 1,775
What Can You Learn from Their Mistake?
In response to the incident, the College of Dupage is updating its data management standards to prevent a similar incident from occurring in the future. Unfortunately, these updated protocols will not undo the damage for the nearly 2,000 victims of this data breach. Rather than waiting until a cybersecurity incident occurs, companies should prioritize a reevaluation of their practices to ensure that customer and company data is secure before a breach occurs.
How Can Spry Squared Help?
Spry Squared’s Managed IT Sevices program allows business owners the peace of mind knowing that your data management protocols and compliance standards are in place to help prevent instances described above. Learn more now.
In Other News:
Canadian Healthcare System Inundated by Cyberattacks
The stress created by an emergency like the Coronavirus pandemic is a golden opportunity for hackers. As the Canadian healthcare system grapples with surging treatment demands related to COVID-19, their IT systems are also grappling with a significant uptick in cyberattacks from bad actors trying to steal data and breach systems at healthcare organizations in a critical time.
The threat is so severe that some organizations have called on the government to enact national cybersecurity standards and provide emergency funding to help defend patient data. There’ve been reports on several Canadian health institutions impacted by data breaches this year, and in 2019, nearly half of all Canadian data breaches were healthcare-related.
According to several officials, many Canadian healthcare providers are midway through their cybersecurity upgrade roadmaps. Their slow progress means that many of their defenses are outdated and inadequate to meet today’s quickly evolving threats to data and systems.
Don’t wait for your organization’s Doomsday scenario to unfold. Get support now to prevent phishing scams, malware, and other cyber threats from compromising company data. Partnering with cybersecurity experts can help you get your defenses against cyberattacks up to speed faster before a breach occurs.
Not sure how safe your data is OR is your company data already on the Dark Web?
Contact the cybersecurity experts at Spry Squared for your complimentary Dark Web scan.
Thanks to our cybersecurity partner ID agent for this Week in Breach report!
