The Week in Breach: 11/11/18 - 11/17/18

This week, Black Friday and Cyber Monday are in the spotlight, along with the healthcare and non-profit sectors.

Dark Web ID Trends:
- Total Compromises: 881
- Top Source Hits: ID Theft Forums (730)
- Top Industry: Medical & Healthcare
- Top Employee Count: 11-50 employees (42%)
- Top Compromise Type: Domains (881)


United States of America - The Southwest Washington Regional Surgery Center
http://www.govtech.com/security/Phishing-Attack-Exposes-Patient-Records-in-Washington.html

Exploit: Phishing attack.
The Southwest Washington Regional Surgery Center: A Vancouver-based surgery center specializing in orthopedic, spine, podiatry, pain management and plastic surgery.
Risk to Small Business: 1.444 = Extreme: An organization that fails to secure the sensitive payment and medical data of its customers will lose both its standing with customers and a significant amount of money when handling the result of a damaging breach.
Individual Risk: 2.142 = Severe: Those affected by this breach have an increased risk of identity theft and having their medical data sold on the Dark Web.
Customers Impacted: 2,393 Patients.
How it Could Affect Your Customers’ BusinessThe Organization did a good job reacting to the breach, offering identity monitoring services to victims and setting up a hotline for questions. This breach is like another breach in the region with another health organization in the same building as the Regional Surgery Center. Whether or not these breaches are related is unclear, but health organizations should stay alert, especially with what is allegedly the SAM SAM ransomware being sold openly on the Dark Web.
ID Agent to the Rescue: Spotlight ID™ by ID Agent offers comprehensive identity monitoring that also includes credit monitoring.
Learn more: https://www.idagent.com/identity-monitoring-programs

Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

United States of America – KARS4KIDS
https://news.softpedia.com/news/21k-donors-had-their-personal-info-leaked-following-kars4kids-data-breach-523795.shtml
https://blog.hackenproof.com/industry-news/childrens-charity-kars4kids-leaks-info-on-thousands-of-donors 

Exploit: Exposed MongoDB database.
KARS4KIDS: A New Jersey-based charity where people donate their cars to support youth and educational programs.
Risk to Small Business: 1.777 = Severe: Non-profit organizations often make sacrifices in cyber security due to budget constraints, however as demonstrated by the KARS4KIDS breach, non-profits are far from invulnerable to hacking.
Individual Risk: 2.428 = Severe: Those affected by the breach are at a higher risk of identity theft and phishing attacks due to the exposure of emails between the organization and the donors.
Customers Impacted: 21,612 customers.
How it Could Affect Your Customers’ BusinessThis is a damaging breach especially due to the evidence that the exposed database was accessed, found in the form of a ransom note in the database.
ID Agent to the Rescue: Spotlight ID by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach such as this.
Learn more:  https://www.idagent.com/identity-monitoring-programs

Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


In Other News:
A Match Made in The Web
Dating profiles are being bought and sold on the web, but not on the Dark Web. There are organizations that are selling the data over the clear-net. Someone interested in this data could purchase a bundle of dating profiles on an online auction. The data is sold in ‘packs’ categorized by race, sex, sexuality, and other factors. What is done with these profiles is up to the buyer.
https://motherboard.vice.com/en_us/article/59vbp5/shady-data-brokers-are-selling-online-dating-profiles-by-the-millions

 What We’re Listening To
TubbTalk – The Podcast for IT Consultants
Risky Business
Frankly MSP
CHANNELe2e
Small Business, Big Marketing
Defensive Security 
Know Tech Talk
The Continuum Podcast 
Security Now


A note for your customers:
Hands Off My Data!
Magecart is a credit card skimming malware, used by different unrelated groups that attack in a similar fashion. Magecart is defined by targeting online retailers and has been in the spotlight recently due to several high-profile breaches such as Ticketmaster and British Airways.

With Black Friday and Cyber Monday coming up, there will be a huge bump in online purchases. This time will be open hunting season for hackers trying to get a shot at the billions spent on those days. Here are statistics about Magecart to put into perspective how dangerous the threat is this holiday season.

1/5 = how many breached organizations by Magecart became infected again.
127 Days = Average number of days skimmers remained active on a site.
5,400 = Number of domains found to be infected with Magecart in August, September, and October.

Stay alert when shopping online this Friday and next Monday. For a comprehensive guide on how to keep your credit card data to yourself while shopping this season, take a look at this list of tips from ID Agent
https://www.zdnet.com/article/one-in-five-magecart-infected-stores-get-reinfected-within-days/


Are you an ID Agent Partner? Feel free to re-use this blog post (in part or in entirety) for your own social media and marketing efforts! Just send an email to marketing@idagent.com to let us know!

Not a Partner? Learn more about Dark Web ID™ and the benefits it holds for your Business. Contact us today! 

comments
0