Please fill in the form below to subscribe to our blog

The Week in Breach: 01/05/18 – 01/11/18

January 17, 2019

This week, an American mug maker gets mugged, an Australian real estate network leaks job applicant data, and Hyatt Hotels pays hackers to find security flaws.

Dark Web ID Trends:

Top Source Hits: ID Theft Forum (99%)
Top Compromise Type: Domain (99%)
Top Industry: Finance and Insurance
Top Employee Count: 51-100 employees (28%)


United States- Titan Manufacturing and Distribution
https://cyware.com/news/hackers-breached-titan-manufacturing-companys-computer-system-stealing-customer-data-8971d5f9
Exploit: System breach through malware attack.

Titan: Retailer for tools, housewares, and household appliances.

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.555 = Severe: Even though the company stated that it does not store customer information, the malware installed on the system was able to access shopping carts, revealing full names, billing addresses, contact numbers, and payment card details including card numbers, 
1.51 – 2.49 = Severe Risk Individual Risk: 2.428 = Severe: With personal and financial records exposed, the individual risk involved with this breach is incredibly high. So far, Titan and their third-party security expert only knows that customers who purchased goods from its online stores between November 23, 2017 and October 25, 2018 were potentially breached. This means that the data could have already have been auctioned off on the Dark Web or exploited for further payment breaches.

Customers Impacted: Total number to be determined, but 1,838 Washington residents were affected.
How it Could Affect Your Customers’ Business: System breaches that go undiscovered for large periods of time cost incrementally more by the day. Since this exploit was discovered over a year after it began, businesses are liable for damages, future identity theft protection services, and potential litigation. Such a crisis can be averted by working with the right MSSPs, Solution Providers, Systems Integrators, and OEMs.
ID Agent to the Rescue: Dark Web ID™ monitors the Dark Web and can help discover this form of breach before it hits the news cycle. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United States- Managed Health Services of Indiana
https://www.infosecurity-magazine.com/news/third-party-breach-exposed-31k/

Exploit: Third-party breach via employee email phishing attack.
Managed Health Services (MHS) of Indiana: Healthcare group that manages Indiana’s Hoosier Healthwise and Hoosier Care Connect Medicaid programs.

1 – 1.5 = Extreme Risk Risk to Small Business: 1.333 = Extreme:   When vulnerabilities of this magnitude are exposed within a third-party provider’s environment, the finger-pointing begins immediately. LCP Transportation, the vendor for MHS that disclosed the breach, will surface in news headlines and must answer to many other concerned clients as well. Although there is no evidence that any of the information was misused, experts are already calling for better cyber-risk management solutions to protect the healthcare industry.
1.51 – 2.49 = Severe Risk Individual Risk: 2.142 = Severe: When vulnerabilities of this magnitude are exposed within a third-party provider’s environment, the finger-pointing begins immediately. LCP Transportation, the vendor for MHS that disclosed the breach, will surface in news headlines and must answer to many other concerned clients as well. Although there is no evidence that any of the information was misused, experts are already calling for better cyber-risk management solutions to protect the healthcare industry.

Customers Impacted: Up to 31,000 patients.
How it Could Affect Your Customers’ Business:  In light of multiple reports of data breaches at Humana and the Blue Cross Blue Shield network of Michigan this year alone, it is clear that the healthcare industry is in the crosshairs of cybercriminals. Other organizations should take notice, protecting sensitive health data and putting systems in place to avoid being breached. Also, this example of third-party breach serves as a great reminder for businesses to thoroughly evaluate vendors and ensure that updated security systems are in place.
ID Agent to the Rescue: SpotLight ID™ by ID Agent can help proactively monitor stolen employee and customer data, mitigating losses from this breach type. Learn more at: https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United States- DiscountMugs.com
https://www.thepaypers.com/digital-identity-security-online-fraud/credit-card-data-breach-at-discountmugs-com/776755-26

Exploit: Injection of card skimming code into website.
DiscountMugs.com: E-commerce website for custom mugs and apparel.

1.51 – 2.49 = Severe Risk Risk to Small Business: 1.666 = Severe: When hackers can extract credit card numbers from your customers for four months long undetected, the aftermath is never good. Although the company identified that orders between August 5 and November 16 of 2018 had been compromised, the number of shoppers affected has not been determined. Customers will think twice before purchasing from the website and will likely consider competitors with better online security.
1.51 – 2.49 = Severe Risk Individual Risk: 2.428 = Severe: Given that the cyber attack occurred just before a busy holiday shopping season, you must wonder if the cyber criminals planned their timing strategically. They stole everything from credit card numbers, security codes, and expiration dates, to names, addresses, phone numbers, email addresses and ZIP codes. With this information in hand, anyone is capable of orchestrating payment fraud.

Customers Impacted: To be determined.
How it Could Affect Your Customers’ Business: Payment breaches are frightening for businesses and their customers. As American consumers begin to experience how cyber attacks affect them first-hand, they will put their digital dollars towards websites that can protect their financial information.
ID Agent to the Rescue: Dark Web ID monitors the Dark Web and can help discover this form of breach before it hits the news cycle. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Find out more here: https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

India- Amazon
https://threatpost.com/data-exposed-oxo-amazon-mongodb/140802/
Exploit: Internal technical glitch.
Amazon India: Online shopping site in India.

1.51 – 2.49 = Severe Risk Risk to Small Business: 2.111 = Severe When a company the size of Amazon is involved, issues regarding the erosion of customer loyalty and loss of brand equity can be measured in six-figure range digits. Although the breach exposed the tax data of 400,000 sellers on Amazon, only 0.2% of the seller base, and was rectified immediately, it remains to be seen what the long-term effects for enterprise customers are.
1.51 – 2.49 = Severe Risk Individual Risk: 2.428 = Severe: Tax data can reveal significant information on Amazon sellers, but the breach was contained and it is likely that no data was maliciously harvested. At the same time, the glitch allowed users to view details of other sellers, which could potentially place sensitive business details in jeopardy.

Customers Impacted: 400,000 sellers.
How it Could Affect Your Customers’ Business: No business owner wants their tax information in the hands of the wrong person. Even a small business glitch has the potential to expose proprietary information such as intellectual property, competitive advantages, or earnings, which means that a sustained glitch in seller data could be much more impactful than it appears. Brainstorm how you can work with your security providers to protect and obscure such information.
ID Agent to the Rescue: DarkWeb ID can help you proactively monitor if customer data is being leaked on the Dark Web, helping reduce the impact of such a breach. See how you can benefit here:  https://www.idagent.com/dark-web/.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Singapore- SingHealth
https://www.zdnet.com/article/employees-sacked-ceo-fined-in-singhealth-security-breach/

Exploit: Initial malware infection coupled with a multi-pronged attack.
SingHealth: Singapore’s largest group of healthcare institutions.

1 – 1.5 = Extreme Risk Risk to Small Business: 1.444 = ExtremeBesides for the relentless onslaught of articles and news detailing SingHealth’s negligence and lack of “security hygiene”, high-profile members of management were terminated, demoted, and fined. As you can imagine, the long-term implications for employee morale are less than desirable, along with crippling blows to culture, brand, and customer trust.

 

1.51 – 2.49 = Severe Risk Individual Risk: 2 = Severe: Although the theft initially occurred between a short period of time (June 27, 2018 to July 4, 2018), data stolen included names, NRIC numbers, addresses, gender, race, and dates of birth. Even worse, around 160,000 also had their outpatient prescriptions taken. It is believed that Prime Minister Lee Hsien Loong was a primary target for the hack, but you can expect the data collected to be sold to the highest bidder.

Customers Impacted: 1.5M individuals.
How it Could Affect Your Customers’ Business: Aside from the laundry list of penalties for incurring such a breach, an affected organization must continue business as-is while restoring operations. In this case, SingHealth has imposed a “temporary Internet surfing separation” on 28,000 staff’s work computers. With an entirely new set of security processes to manage while avoiding disruptions caused by the breach, customers should begin to see the value in proactively implementing IT protocols and monitoring for stolen credentials.
ID Agent to the Rescue: SpotLight ID allows MSPs, Resellers and Channel Partners to deliver comprehensive personal identity protection for clients’ employees and customers, ultimately safeguarding corporate systems. Get started here: https://www.idagent.com/identity-monitoring-programs.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Italy- Maire Tecnimont SpA
https://www.reuters.com/article/us-mairetecnimont-india-fraud/chinese-group-swindles-18-5-million-from-indian-arm-of-italian-company-economic-times-idUSKCN1P40KE

Exploit: Social engineering and business email compromise (BEC).
Maire Tecnimont SpA: Construction engineering company.

1.51 – 2.49 = Severe Risk Risk to Small Business: 2.111 = Severe: This elaborate cyber fraud involved staging a “confidential acquisition” and impersonating the CEO in order to persuade the head of India’s operations to transfer funds amounting to $18.5M. Although it was an isolated incident, such an attack demonstrates the lack of overall awareness surrounding BEC scams and may serve as impetus for other hackers to try infiltrating the company’s networks. Also, it is entirely possible that the hackers were monitoring day-to-day business operations for months in advance to prepare for the sophisticated scheme, which means that there may be other undiscovered breaches at play.
2.5 – 3 = Moderate Risk Individual Risk: = Moderate: No personal information was breached.

Customers Impacted: N/A.
How it Could Affect Your Customers’ Business: Increasing awareness of social engineering fraud and BEC is a best practice all organizations should implement. Hackers are growing increasingly sophisticated and convincing in their efforts to fool executives into handing over funds or information, which means that we must counter by incorporating training courses or multi-factor authentication processes to prevent attacks.
ID Agent to the Rescue: Backed by ID Agent’s $1 million identity theft restoration policy, SpotLight ID allows MSPs’ clients can proactively protect employees and customers while enhancing their overall cybersecurity awareness. Learn more: https://www.idagent.com/identity-monitoring-programs.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Australia – Early Warning Network
https://www.csoonline.com/article/3331596/security/australian-emergency-warning-system-hacked-thousands-receive-alerts.html

Exploit: Compromise of login details.
Early Warning Network (EWN): Emergency weather alert system of Australia.

2.5 – 3 = Moderate Risk Risk to Small Business: 2.555 = Moderate:

Interestingly enough, the hack involved an unauthorized individual posting a spam message with a link to some customers stating that “EWN has been hacked. Your personal data is not safe. Trying to fix the security issues.” Yet the system did not store personal information and only a small portion of the database received the alert, which means that there should be limited repercussions for EWN. At the same time, investigations are still ongoing with the Australian Cyber Security Center.

2.5 – 3 = Moderate Risk Individual Risk: 3 = Moderate Fortunately, no sensitive data was compromised since the actual data held in the system was “just ‘white pages’ type data”, as indicated by managing director Kerry Plowright. Nevertheless, the responsible party and their motive has not been identified.

Customers Impacted: None.
How it Could Affect Your Customers’ Business: The absence of personal information exposure is encouraging, but it is still alarming that the system was compromised and a message was sent to customers. As cybersecurity awareness continues to rise in Australia, public perceptions are gravitating towards fear and increased vigilance. Small businesses must partner with security solutions and communicate their commitment to avoiding data breaches in order to attract, convert, and retain customers.
ID Agent to the Rescue: See why Peter Verlezza, Managing Director at SMB Networks, uses Dark Web ID and SpotLight ID to monitor real-time domain and login credentials: “I’m already helping to protect my customers with real-time domain monitoring provided by Dark Web ID. By protecting the people who work for those customers with the affordable and government-tested personal identity monitoring SpotLight ID delivers, I know my customer’s business is that much safer from potential breach”.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Australia- First National
https://www.zdnet.com/article/finger-pointed-at-real-estate-recruiter-after-australian-cv-leak/

Exploit: Leak by “third-party” recruitment agency, Sales Inventory Profile.
First National: Real estate network. 

1.51 – 2.49 = Severe Risk Risk to Small Business: 2 = Severe: Gareth Llewellyn, a security researcher at Brass Horn Communications, originally discovered how the CVs of job applicants of First National had been “inadvertently published” online. At least 12 company offices were affected, and the breach has been pinned to a third-party vendor, Sales Inventory Profile. Such a breach can negatively impact the brand reputation of the organization, even though the vulnerability came from a recruiting agency. Yet another example of why it is crucial to evaluate third-party vendors and secure data on all fronts.
2.5 – 3 = Moderate Risk Individual Risk: 2.571 = Moderate: Published CV’s included full names, addresses, phone numbers, date of births, and other personal information. Even without payment information, customers should be weary of unusual transactions.

Customers Impacted: 2,000 job applications.
How it Could Affect Your Customers’ Business: Small breaches that expose personal details have consequences that are not easily quantified monetarily but can be catastrophic. Promising employees could choose to work elsewhere, whether or not a third-party was liable for the breach. Businesses must increase the importance they place on database and vendor management in order to protect user privacy and safety.
ID Agent to the Rescue: See why Peter Verlezza, Managing Director at SMB Networks uses Dark Web ID and SpotLight ID to monitor real-time domain and login credentials: “I’m already helping to protect my customers with real-time domain monitoring provided by Dark Web ID. By protecting the people who work for those customers with the affordable and government-tested personal identity monitoring SpotLight ID delivers, I know my customer’s business is that much safer from potential breach”.

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:
Hyatt Will Pay Hackers to Find Security Vulnerabilities

Hyatt Hotels recently launched a bug bounty program dubbed HackerOne, enabling ethical hackers to report security flaws for rewards up to $4,000. Considering recent card-skimming attacks against the hospitality chain, the innovative platform is designed to “tap into the vast expertise of the security research community to accelerate identifying and fixing potential vulnerabilities”. Other organizations that are following suit and using the platform include Google, Twitter, the US Department of Defense, GitHub, and Qualcomm.

https://www.hotelmanagement.net/tech/hyatt-hotels-launches-bug-bounty-program

What We’re Listening To:

Know Tech Talks

The Continuum Podcast

Security Now

Defensive Security Podcast

Small Business, Big Marketing – Australia’s #1 Marketing Show!

TubbTalk – The Podcast for IT Consultants

Risky Business

Frankly MSP

CHANNELe2e


A note for your customers:

Video: Consumers are catching on to the data value exchange game.

Following the Cambridge Analytica scandal, Australia media company, Pureprofile, surveyed consumers to measure perceptions surrounding data use by organizations. Almost half (48%) were concerned about how their data was being used and intended to make changes to their privacy and sharing settings. Surprisingly, 26% of the Australian users surveyed decided to change or close their Facebook account.

When combined with other research on attitudes towards data use, it becomes clear that consumers are growing increasingly aware of the value exchange that occurs with online services, social media, and companies. However, they are not satisfied with how their data is being used and who exactly is using it, signaling a future paradigm shift in the way customers respond to data breaches.

Fostering trust with cyber vigilant customers begins by explaining how you are protecting their data. Consider highlighting your security solutions and outline how customer data is only being used when necessary, and with the intention of improving customer experiences to make their lives easier.

https://which-50.com/video-the-consumer-data-game-is-changing/


Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in entirety) for your own social media and marketing efforts! Just send an email to [email protected] to let us know!

Not a Partner? Learn more about Dark Web ID™ and the benefits it holds for your Business. Contact us today!