The Week in Breach: 09/30/18 – 10/05/18

Breach news to share with your customers!

Canadian ISP Altima experiences a breach and loses customer payment information while China is caught purportedly sneaking microchips into servers.

Trends in data found on the Dark Web this week:

  • Total Compromises: 24,968
  • Top Source Hits: ID Theft Forum
  • Top PIIs compromised: Domains
    • Clear Text Passwords (24,884)
  • Top Company Size: 11-50
  • Top Industry: Construction and Engineering

Canada - Altima Telecom
https://techcrunch.com/2018/10/01/altima-telecom-server-flaw-customer-data-exposed/
Exploit: SQL injection attack.
Altima Telecom: Serving Montreal and Toronto, Altima Telecom is one of the largest independent Canadian internet service providers.
Risk to Small Business: 1.555 = Severe: As the risk score shows, this is a severe breach that could deal major damage to any organization. Payment info exposure is a particularly significant deterrent for customers looking to do business.
Individual Risk: 2.142 = Severe: Those affected by this breach are at an increased risk for identity theft and spam.
Customers Impacted: All of Altima Telecom’s customers.
How it Could Affect Your Customers' Business: Not only was all the organization’s customer data exposed by this breach, but the affected data was highly sensitive. This would sever trust between the customer and the organization, which could take a significant time to rebuild.
ID Agent to the Rescue: Spotlight ID™ by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach such as this. Learn more: https://www.idagent.com/identity-monitoring-programs
Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United States – Apollo
https://cyware.com/news/hackers-hit-apollo-stealing-database-containing-200-million-contact-records-d9c87501
https://techcrunch.com/2018/10/01/apollo-contacts-data-breach/
Exploit: Unclear at this time.
Apollo: New York-based sales engagement startup.
Risk to Small Business: 2 = Severe: This could deal a significant blow to an organization’s ability to retain customers.
Individual Risk: 2.428 = Severe: The customers affected by this breach will be at a higher risk for spam due to the nature of the data accessed.
Customers Impacted: 200 million.
How it Could Affect Your Customers' Business: A breach that exposes such a large number of customers will garner media attention and erode customer trust significantly.
ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach such as this. Learn more: https://www.idagent.com/identity-monitoring-programs
Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach. 


In Other News:
The Chinese Chip 
China was able to infiltrate US companies and governmental agencies with a simple but effective supply chain attack. The attack was discovered after Amazon had a third party examine the hardware of the servers they purchased from another American company that manufactures their servers in China. The company discovered a microchip on the servers that allow for attackers to make stealth doorways on their network. Hardware attacks are rarer and more difficult to execute than software attacks, but with China making 90% of the world’s PCs, they are in a good position to continue using hardware to infiltrate organizations across the world.

https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

Podcasts:
Know Tech Talks – Hosted by Barb Paluszkiewicz
The Continuum Podcast
Security Now – Hosted by Steve Gibson, Leo Laporte
Defensive Security Podcast – Hosted by Jerry Bell (@maliciouslink) and Andrew Kalat (@lerg)
Small Business, Big Marketing – Australia’s #1 Marketing Show


A note for your customers:

Planning your next vacation may have just gotten weird… 

Where should I go? This is a normal question one thinks about when planning a trip. Should I go to white sandy beaches or breathtaking mountains?
When should I go? Do I visit family during the holidays, or do I plan a summer getaway?
Who should I be? This question is asked much less, but maybe more than you think. A recent study has uncovered startling secrets surrounding the passport market on the Dark Web! 

  • The average cost of a passport scan on the Dark Web is $14.71.
  • Australian passport scans are the most common, but the average cost is the most expensive at $61.27.
  • The average price of a real physical passport is $13,567, while a counterfeit physical passport is just under $1,500 ($1,478).

The Dark Web is a place where black markets and illicit activity reign. In the depths of the Dark Web, identities are traded regularly and for a low price, so why leave the unknown unchecked? With Spotlight ID, know that your identity is safe even from the darkest corners of the Dark Web.
https://www.comparitech.com/blog/vpn-privacy/passports-on-the-dark-web-how-much-is-yours-worth/


Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in entirety) for your own social media and marketing efforts! Just send an email to marketing@idagent.com to let us know!

Not a Partner? Learn more about Dark Web ID™ and the benefits it holds for your Business. Contact us today! 

comments
0