This week, phishing attacks reel in a bountiful catch in the healthcare sector, how social distancing makes companies vulnerable to a data breach, and cybersecurity tips for working from home.
Dark Web ID Trends:
Top Source Hits: ID Theft Forums
Top Compromise Type: Domain
Top Industry: Healthcare, Education, and Retail
Top Employee Count: 251-500
United States – Tandem Diabetes Care
Exploit: Phishing scam
Tandem Diabetes Care: Medical device manufacturer
Risk to Small Business: 2.555 = Severe
Five employees fell for a phishing scam that gave hackers access to email accounts containing customer data between January 17 and January 20, 2020. Although the company acted quickly to secure the compromised employee accounts, they were unable to recoup the stolen information. Given the sensitive nature of their industry, Tandem Diabetes Care will likely face increased regulatory scrutiny and hefty financial penalties.
Individual Risk: 2.428 = Severe
Although Tandem Diabetes Care has vouched in the integrity of their data storage, hackers likely had access to names, contact information, service-related details – even some patients’ Social Security numbers were exposed in the breach. Victims should consider enrolling in credit and identity monitoring services.
Customers Impacted: 140,000
What Can You Learn from Their Mistake?
In response to this breach, Tandem Diabetes Care is updating its email security protocols to prevent a similar incident in the future. However, phishing scams account for a significant portion of all data breaches, and preparing for these attacks should be a built-in component of every organization’s defense strategy.
How Can Spry Squared Help?
Our Managed IT Services includes simulated phishing attacks and security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Call us at 720.724.7730 or contact us here.
United States – University of Utah Health
Exploit: Phishing scam
University of Utah Health: Research and teaching hospital
Risk to Small Business: 1.889 = Severe
A phishing scam provided hackers with access to the University of Utah Health’s network for more than a month, beginning on January 22, 2020. In addition, the healthcare provider discovered malware on its network that allowed hackers to access patient data. Although the University of Utah Health responded quickly, bad actors still had prolonged access to company and customer data, including HIPPA-protected healthcare records – creating financial, reputational, and regulatory consequences both now and in the future.
Individual Risk: 2.285 = Severe
A copious amount of personal data was compromised in the attack, including user names, addresses, encrypted and hashed passwords, IP addresses, country of residence details, and website addresses. In addition to resetting their account passwords and updating their credentials on any other website using the same information, Open Exchange Rates is warning customers that this information can be used to execute targeted spear phishing attacks. Therefore, those impacted by the breach should carefully monitor their online accounts for suspicious activity.
Customers Impacted: Unknown
What Can You Learn from Their Mistake?
Although it’s a relatively small operation, Open Exchange Rates provides an API that is used by several prominent financial service providers. As a result, the costs of repairing this breach will be compounded by reputational damage that could impact its relationship with these critical partners.
How Can Spry Squared Help?
We have tools that simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click this link to get started.
Unites States – Tupperware
Exploit: Malware attack
Tupperware: Home products line
Risk to Small Business: 2.334 = Severe
Hackers infiltrated Tupperware’s online store, injecting payment skimming malware into the checkout process. The malicious script was active for at least five days, and it effectively mimicked Tupperware’s official payment form. After shoppers entered their data into the fake form, a “time out” error appeared, redirecting customers to the actual payment page and disguising the theft, which allowed it to go undetected.
Individual Risk: 2.428 = Severe
The payment skimming malware collected customer data entered including names, addresses, phone numbers, credit card numbers, expiration dates, and CVV codes. This data could allow hackers to commit financial theft or identity fraud. Those impacted by the breach should immediately notify their banks, as they will likely need to be issued new payment cards and carefully monitor their accounts for misuse.
Customers Impacted: Unknown
What Can You Learn from Their Mistake?
The COVID-19 pandemic has heightened the already-important online shopping experience for many businesses, and online shopping is a singular respite in an otherwise bleak outlook for retailers. Companies can’t afford to lose customers because of a cybersecurity vulnerability. Many customers indicate that they will not return to an online store after a data breach, which means that companies looking to capitalize on their online stores need to make sure this avenue is secure.
How Can Spry Squared Help?
Spry Squared has tools that can find out how payment data is being used on the Dark Web, even in the case of a malware attack. Learn more now.
Canada – Data Deposit Box
Exploit: Unsecured database
Data Deposit Box: Cloud Storage Provider
Risk to Small Business: 2.334 = Severe
Cybersecurity researchers identified an unsecured database containing thousands of customer files uploaded to the company’s secure cloud storage service. The exposed records include information dating back to 2016, which the company eventually secured. However, it’s unclear how long cybercriminals could have accessed this data or why it took Data Deposit Box nearly a week to close the database after being notified that it wasn’t password protected.
Individual Risk: 2.428 = Severe
The exposed database includes users’ personally identifiable information that was uploaded to the cloud service, including admin login credentials, IP addresses, email addresses, and GUIDs. The login credentials were stored in plain text, so those impacted by the breach should immediately change their Data Deposit Box password and any other account credentials using the same password combination.
Customers Impacted: 270,000
What Can You Learn from Their Mistake?
The cost of a data breach is at an all-time high, and it’s expected to continue climbing higher in the years ahead. An unforced error, like failing to password protect a database, is especially troubling for a company that is trusted to provide secure services. As a result of this seeming carelessness, Data Deposit Box has undermined its core value proposition and incurred a costly recovery process, both of which were entirely avoidable.
How Can Spry Squared Help?
Good passwords are the single fastest way to secure your data. Spry Squared’s Managed IT Sevices can protect your employees’ password integrity. Our integrated multi-factor authentication, single sign-on, and identity management solutions will protect your credentials and your data. Learn more now.
In Other News:
Expert Cybersecurity Tips for Working From Home
The COVID-19 pandemic has brought about an unprecedented work-from-home experiment as social distancing measures require millions of employees around the world to work from home. As we’ve already seen, this presents unique cybersecurity challenges for both companies and their employees. To help you secure data while working remotely, here are four simple steps that every company and employee can take
1. Use a trusted VPN. These services can provide a layer of protection by encrypting network traffic and making it more difficult for bad actors to spy on your activity. Choose a reputable VPN provider, as a number of VPN scams have tricked employees into downloading malicious software that steals their login credentials
2. Enable two-factor authentication. Account security is critical, especially when entire companies are working remotely. Enabling two-factor authentication is an affordable and effective way to keep company accounts secure at all times.
3. Refrain from using personal devices. Many employees may be tempted to use personal devices for work-related tasks, especially when working from home. It’s always possible that these devices contain malware or other exploits that could compromise company data.
4. Look out for Phishing Scams. Cybercriminals are always looking for ways to capitalize on our vulnerabilities. At this moment, COVID-19-related phishing scams abound, targeting employees’ sense of isolation and vulnerability to capture critical information.
Not sure how safe your data is OR is your company data already on the Dark Web?
Contact the cybersecurity experts at Spry Squared for your complimentary Dark Web scan.
Thanks to our cybersecurity partner ID agent for this Week in Breach report!
