The Week in Breach: 11/04/18 - 11/10/18

This week cannabis is in the news, and financial institutions took a hit across the globe.

Dark Web ID Trends:

  • Total Compromises: 1,201
  • Top PIIs compromised: Domains (1,198)
  • Top Company Size: 11-50
  • Top Industry: Finance & Insurance

Canada – Ontario Cannabis Store/Canada Post

https://www.zdnet.com/article/canada-post-leaked-personal-data-orders-of-thousands-of-cannabis-smokers/
https://cyware.com/news/a-hacker-stole-4500-cannabis-consumers-personal-data-from-canada-post-b193731f

Exploit: Supply chain breach. Gained access to the Canada Post’s delivery tracking tool.
Ontario Cannabis Store: A recreational cannabis store in Ontario.
Canada Post: A crown corporation that functions as the primary postal operator in Canada.
Risk to Small Business: 2.222 = Severe: Mail is highly personal. Nobody likes the idea of someone scooping a package off his or her porch (around here they are called porch pirates). The same idea applies to postal data. Even though the Canada Post was the organization compromised, the customers of the Ontario Cannabis Store suffer. Those customers are likely to take their business elsewhere especially given the newly legal status of the product.
Individual Risk: 2.714 = Moderate: Those affected by this breach are more likely to fall victim to identity theft and become targets of phishing emails. While this breach is moderate, this is a special case given those exposed are customers of a recently legalized drug. Those exposed could possibly face social/ business repercussions after their use of cannabis becomes public.
Customers Impacted: 4,500 customers / 2% of the firm’s customers.
How it Could Affect Your Customers’ BusinessThe legalization of cannabis in Ontario has not been a smooth transition, and with this breach of Canada Post that reveals the names of the Ontario Cannabis Store’s customers the situation only gets stickier.
ID Agent to the Rescue: SpotLight ID™ by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach of this type.
Learn more: https://www.idagent.com/identity-monitoring-programs
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach. 

United States – HSBC Bank USA

https://oag.ca.gov/system/files/Res%20102923%20PIB%20MAIN%20v3_1.pdf
https://www.forbes.com/sites/daveywinder/2018/11/06/hsbc-bank-usa-admits-breach-exposing-account-numbers-and-transaction-history/#85771585af3c 

Exploit: Multiple compromised online accounts.
HSBC: One of the largest banking and financial services organizations in the world, HSBC is based in London and has offices in 80 countries.
Risk to Small Business: 1.888 = Severe Risk: The data compromised in this breach can be very harmful to an individual if in the wrong hands, and customers know this. Customers will second-guess their choice of a bank if their information is compromised and those thinking about setting up an account could very well look elsewhere.
Individual Risk: 2.428 = Severe Risk: Those who are affected by this breach are at a higher risk of fraud and should take advantage of the identity monitoring program that HSBC offered to victims.
Customers Impacted: Undisclosed at this time.
How it Could Affect Your Customers’ BusinessOne of the most important things a financial institution has is the trust of its business partners and customers. No one wants to hand over their money to someone they don’t trust. Any organization loses face when experiencing a breach but when a financial institution fails to secure account numbers, transaction history, and balances, customers will NOT forget it.
ID Agent to the Rescue: Spotlight ID™ by ID Agent offers comprehensive identity monitoring that also includes credit monitoring. Learn more: https://www.idagent.com/identity-monitoring-programs
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:
Financial Fail
A financial breach of epic proportion has occurred in Pakistan, with hackers making off with data from almost 8,000 bank account holders from 10 different banks. The government's cybercrime division is on the case, and hopefully making progress… although it is too early to tell. The data is being sold on the Dark Web at $100 to $160 a record. With 11,000 records found so far, that is a pretty penny.
https://cyware.com/news/dark-web-hackers-allegedly-found-selling-data-from-nearly-all-pakistani-banks-fcbda01a 

What We’re Listening To
TubbTalk – The Podcast for IT Consultants
Risky Business
Frankly MSP
CHANNELe2e
Small Business, Big Marketing
Defensive Security 
Know Tech Talk
The Continuum Podcast 
Security Now


A Note for Your Customers:
Infrastructure Organizations Beware

According to the 2018 Verizon Data Breach Investigations Report, 29.2% of reported breaches happen in industries considered infrastructure. These industries include utilities, transportation, healthcare and others that use operational technology systems.

What can organizations that are considered infrastructure do to mitigate these risks? First, let’s take a look at what the risks are, and then how to secure your organization from them.

The first risk is the environment where the organization exists. If there is no inventory of the systems, a lack of security and a lack of understanding of what data is being used, the organization is at a major risk. In order to best combat this risk, one should start by gaining an understanding of overall security posture. If an organization is operating in multiple environments, pick a representative environment and apply what was learned to the other environments.

The second risk is patch management. This is self-explanatory, and its solution is as well. Patch your systems! Running outdated OT systems greatly increases the chance of a breach. Network Segmentation is the third risk, with many OT systems having connections between systems that should not be connected. In order to combat this, develop a plan for network segmentation, that way if one network is breached it is contained rather than spreading.

The fourth risk is the supply chain. It is very hard to control how organizations handle their data, which is why it is important to include security requirements when bringing on new systems, as well as continuing maintenance efforts within their vendor management programs. The fifth risk is a lack of a united front within the organization regarding security. To avoid this, one should foster cooperation and respect between the groups who address cyber threats. Training, communication and cooperation are key here.

With the world becoming increasingly digital, state actors are waging war behind the scenes more and more. A good example of this is Russia crippling Ukrainian infrastructure by launching a cyber-attack on power plants. All organizations are at risk for a cyber-attack, but those that are considered infrastructure should consider that the person trying to hack you isn’t necessarily some kid in his mom’s basement or even a pro hacker. It could be an intelligence agency with hundreds of well-trained specialists trying to see how your systems tick and how to break them.
https://www.darkreading.com/vulnerabilities---threats/vulnerabilities-in-our-infrastructure-5-ways-to-mitigate-the-risk/a/d-id/1333211


Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in entirety) for your own social media and marketing efforts! Just send an email to marketing@idagent.com to let us know!

Not a Partner? Learn more about Dark Web ID™ and the benefits it holds for your Business. Contact us today! 

comments
0