Week in Breach 04/08/20 – 04/14/20

This week, third party contractors put data at risk, phishing scams continue to target unprepared employees, and cybercriminals target online retailers as the pandemic continues to keep customers out of stores.

week in breach cybersecurity

Dark Web ID Trends:


Top Source Hits: ID Theft Forums
Top Compromise Type: Domain
Top Industry:  Education and Research
Top Employee Count: 101-250

United States –  Canon Business Process

Exploit: Phishing scam
Canon Business Process: Business outsourcing provider

cybersecurity-warning-meterRisk to Small Business:  1.575 = Severe

After an employee fell for a phishing scam, hackers gained access to the personal data from the company’s business contracts, including General Electric. The breach occurred between February 3 and February 14, 2020, but Canon Business Process didn’t learn of the breach until February 28. Now, in addition to providing credit monitoring services for victims, Canon Business Process has damaged its reputation with a major client.

cybersecurity-warning-meterIndividual Risk: 1.701 = Severe

TCanon Business Process provides outsourcing services for human resources and payroll responsibilities, so the compromised data includes direct deposit forms, tax forms, Social Security numbers, birth certificates, passports, benefit applications, and driver’s licenses. This information is often used to execute financial fraud, and those impacted by the breach should immediately notify their financial institutions of the breach. In addition, they should enroll in the complimentary credit monitoring services provided by Canon Business Process. 

Customers Impacted:  Unknown

What Can You Learn from Their Mistake?

Although your business may not have directly been the target of a breach, third-party data breaches are becoming increasingly common.  Your company’s cybersecurity concerns should include every partnership you engage. With the cost and consequences of a data breach continually increasing, every company should consider a partneering company’s defensive posture before agreeing to work together.

How Can Spry Squared Help?

Our Managed IT Services simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click here to get started or call 720.724.7730.

United States – nCourt

Exploit: Unprotected database
nCourt: Payment processor

week-in-breach-cybersecurity-warning-meterRisk to Small Business: 2.341 = Severe

nCourt developers failed to secure a database containing customers’ financial data from its two websites that facilitate court payments. The breach compromised three years of customer data through November 2019. Unfortunately, this information has already been posted on hacking forums where bad actors can use it for many nefarious purposes.

cybersecurity-warning-meterIndividual Risk:  Presently, no personal information (PPI) was compromised in this breach.

Customers Impacted:  Unknown

What Can You Learn from Their Mistake?

Companies in every sector have seen an uptick in cybersecurity threats as COVID-19 disrupts business-as-usual and puts many people on edge. This is especially true for the healthcare industry, which is experiencing a deluge of ransomware attacks, phishing scams, and other threats at a critical time.

How Can Spry Squared Help?

We can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here:  Click this link to get started.

Unites States – Otis Bowen Center for Human Services

Exploit: Phishing scam
Otis Bowen Center for Human Services: Mental health and addiction recovery service

cybersecurity-warning-meter

Risk to Small Business:  2.223 = Severe

Two employees engaged with a phishing scam that provided hackers with access to company data. Although the breach occurred in January 2020, the company only recently completed a digital forensic audit that revealed the extent of the incident. Unfortunately, this slow response time has put victims at risk of data misuse, and it could have regulatory implications because of the healthcare-oriented nature of the breach.

cybersecurity-warning-meterIndividual Risk:  2.130 = Severe

The company declined to identify the specific data sets, but patient data often contains peoples’ most sensitive information. Victims were notified by email, and they should take every precaution to ensure that they mitigate the possible repercussions of the breach. This includes enrolling in the complimentary credit and identity monitoring services offered by the company.

Customers Impacted:  35,800

What Can You Learn from Their Mistake?

In 2020, data privacy regulations impact companies in every sector and in many locations. As a result, data security isn’t just an altruistic endeavor. It’s a mission-critical priority, and a failure to execute on this standard can have significant financial implications for companies that experience a data breach.

How Can Spry Squared Help?

Spry Squared Managed IT Services offers Compliance Managment, so your company can automate data privacy standards and documentation responsibilities, making compliance a simple, intuitive process for everyone.

Canada – Marapost

Exploit: Unsecured database
Marapost: Customer engagement platform

cybersecurity-warning-meter

Risk to Small Business:  2.703 = Severe

An unsecured database exposed the metadata for millions of customers’ emails. The database was discovered in early February by a news outlet who alerted Maropost of the vulnerability. However, those warnings went unheeded, and the database remained exposed until April 1, 2020. Now, the media is calling for customers to hold the company accountable for its actions, which means that Maropost will have to repair its reputation as it overhauls its cybersecurity practices.

cybersecurity-warning-meterIndividual Risk:  2.819 = Moderate

Although personally identifiable information wasn’t compromised in the incident, customer metadata could be used to create authentic-looking phishing emails that could trick customers into disclosing even more sensitive data. Those impacted by the breach should carefully scrutinize digital communications to verify their authenticity.

Customers Impacted:  95,000,000

What Can You Learn from Their Mistake?

Unsecured databases are an unforced error that can have devastating consequences for your business and bottom line. With the consequences of a data breach becoming more apparent to all parties, people are less willing to work with companies that can’t secure critical data. Consequently, companies that want to thrive will ensure that they have taken every precaution possible to demonstrate their efficacy in this regard.

How Can Spry Squared Help?

With Spry Squared’s Managed IT Sevices you get secure identity and access management solutions that you need to protect your systems and data in today’s remote work landscape at a price that you can afford, including multi-factor authentication, single sign-on, and secure password storage.   Learn more now.

Italy – Email.it

Exploit: Ransomware
Email.it: Email service provider

cybersecurity-warning-meter

Risk to Small Business:  2.434 = Extreme

This product lets parents track their child’s location and alerts them if the child leaves their designated safe location – but a coding error allowed hackers to download users’ personal data and mimic their location on the service. This dangerous vulnerability not only disrupted that functionality, it also gave hackers access to minors’ location and personally identifiable information. To make matters worse, this is the second time that the watchmaker has experienced this flaw. The same problem was discovered and repaired in 2019, raising serious questions about the platform’s commitment to cybersecurity.

cybersecurity-warning-meterIndividual Risk:  1.227 = Extreme  

According to hackers, the databases contain users’ plaintext passwords, security questions, email content, and email attachments. The breach pertains to those who sign up for Email.it between 2007 and 2020. Fortunately, no financial information was compromised. Users should immediately reset their account credentials while also understanding that private details from their messages are already for sale on the Dark Web.

Customers Impacted:  600,000

What Can You Learn from Their Mistake?

The Email.it breach is extensive, but it’s not the only way that hackers acquire account login credentials. With billions of records for sale on the Dark Web, they can often obtain this information relatively easily. In response, simple actions, like using strong, unique passwords across all accounts and enabling multi-factor authentication, can help keep accounts secure even after hackers acquire login credentials

How Can Spry Squared Help?

With Spry Squared’s Managed IT Sevices you get secure identity and access management solutions that you need to protect your systems and data in today’s on-line retail market at a price that you can afford, including multi-factor authentication, single sign-on, and secure password storage.   Learn more now.

In Other News:

Online Retailers See Surge in Cyberattacks Amidst COVID-19 Crisis   

The COVID-19 pandemic has relegated many of us to our homes, leaving businesses with few opportunities to reach their customers and make sales. Online shopping has become a vital lifeline for thousands of businesses while brick and mortar locations are closed and millions of people shelter in place. In fact, many retailers are experiencing online traffic that is exceeding Cyber Monday activity, typically a high watermark for online shopping.

Unfortunately, bad actors are capitalizing on this moment by targeting e-commerce platforms for attack using tricks like account takeovers, bot-powered scraping attacks, and payment card skimming malware. For example, 80% of login incidences at home goods retailers are attributed to account takeover attempts.

While a litany of COVID-19-related cyber risks has become increasingly apparent, it’s clear that online retailers need to be especially critical of their defensive posture to ensure that they can continue meeting surging demand in an uncertain retail atmosphere in order to retain customer goodwill and capture enough revenue to stay afloat in a challenging time for retail.

And with extra time on our hands, this would be a good time for “spring cleaning” of your login and password information. If you don’t already have one, research a good password manager app.

Not sure how safe your data is OR is your company data already on the Dark Web?

Contact the cybersecurity experts at Spry Squared for your complimentary Dark Web scan.

Thanks to our cybersecurity partner ID agent for this Week in Breach report!