Make sure to add us or contact us for the latest news
 |
 |
 |
 |
 |
 |
 |
This Week in Cybersecurity & Breach News
Cybersecurity News: Dark Web ID’s Top Threats
- Top Source Hits: ID Theft Forum
- Top Compromise Type: Domain
- Top Industry: Education & Research
- Top Employee Count: 501+
Cybersecurity and Breach News – United States
United States – UberEats
Exploit: Unauthorized Database Access
Uber Eats: App-Based Food Delivery Service
Risk to Small Business: 2.691 = Moderate
Security analysts doing routine Dark Web and Deep Web monitoring uncovered a data dump containing details about customers, delivery drivers, and delivery partners for UberEats. The 9 TXT files leaked by the threat actor include login credentials of 579 UberEATS customers and details of 100 delivery drivers. The data includes login credentials, full name, contact number, trip details, bank card details, and, account creation dates.
Individual Risk: 2.377 = Severe
No details about how affected customers and drivers will be informed or any remediationn offered have been released. UberEats customers, drivers, and partners should reset their account credentials and be alert for credit card fraud, spear phishing, and identity theft dangers.
Customers Impacted: 679
How it Could Affect Your Business: This breach is especially troubling because it is unacknowledged and it was discovered by Dark Web analysts instead of internal IT, putting in question the company’s transparency about security and attention to small security issues.
United States – Summit Medical Associates
Exploit: Ransomware
Summit Medical Associates: Healthcare Provider
Risk to Small Business: 1.979 = Severe
A data breach has come to light at Summit Health after the Tennessee-based practice group reported that it had experienced an “inability to access certain records” in early June. A tired arty investigator determined that not only was it a ransomware incident, but the cybercriminals had also been able to access to their systems for nearly six months before the breach.
Individual Risk: 2.799 = Moderate
There has been no reported no evidence that patient information was compromised, the affected server did contain patient PII including names, medical information, and Social Security numbers.
Customers Impacted: Unknown
How it Could Affect Your Business Cybercriminals had access to this server for six months before anyone noticed. Security awareness, data handling, credential monitoring, and phishing resistance training keep eyes on the ball for cybersecurity, lowering the chance that something like this happens (or persists).
United States – The Blacklist Alliance
https://krebsonsecurity.com/2020/08/robocall-legal-advocate-leaks-customer-data/?web_view=true
Exploit: Unauthorized Database Access
The Blacklist Alliance: Robocall Legal Advocate
Risk to Small Business: 1.717 = Severe
In an ironic turn of events, The Blacklist Alliance, a company that helps telemarketers dodge lawsuits from violations of the Telephone Consumer Protection Act, has experienced a data breach that leaked the phone numbers, email addresses and passwords of all its customers, as well as mobile phone numbers and data on people who have hired lawyers to go after telemarketers. Thousands of documents, emails, spreadsheets, images, and the names tied to a huge number of mobile phone numbers were freely accessible from the domain theblacklist.click. The directory also included all 388 Blacklist customer API keys, as well as each customer’s phone number, employer, username, and password ( hashed using the MD5 algorithm).
Individual Risk: 1.912 = Severe
Individuals and companies who have done business with The Blacklist Alliance should consider their information at risk for fraud, identity theft, blackmail, or spear phishing attempts.
Customers Impacted: 388+
How it Could Affect Your Business: A failure to secure PII and other sensitive data in an industry that handles secretive personal matters like this can be disastrous. Not only does it open the company up to legal and reputational risk, but it also risks the company’s ability to keep doing business in an industry that prizes anonymity.
United States – CWT
Exploit: Ransomware
CWT: Travel Management
Risk to Small Business: 1.882 = Severe
CWT reportedly paid an eye-popping $4.5 million to cybercriminals using Ragnar Locker ransomware to decrypt reams of sensitive corporate files and restore 30,000 company computers that were knocked offline. Reportedly, the hackers initially demanded $10 million. Reuters included details and screenshots of the negotiation in a story filed last week. The ransom note left by the hackers claimed to have stolen two terabytes of files, including financial reports, security documents, and employees’ personal data such as email addresses and salary information.
Individual Risk: No personally identifiable information or financial information was reported as stolen
Customers Impacted: Unknown
How it Could Affect Your Business: The most common delivery system for ransomware is a phishing email – and 90% of incidents that end in a data breach start with a phishing email. Boosting phishing resistance is essential to lower the chance of a successful ransomware attack.
United States – Boyce Technologies
Exploit: Ransomware
Boyce Technologies: Medical Equipment Manufacturer
Risk to Small Business: 1.407 = Extreme
Essential medical equipment producer Boyce Technologies was attacked with DoppelPaymer ransomware. The company produces about 300 low-cost ventilators per day using human and robotic labor. Microsoft noted that this type of ransomware uses “brute force” against a target company’s systems management server. It has extensively targeted the healthcare sector since the start of the COVID-19 crisis.
Individual Risk: No personal or financial information was reported as compromised.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks have grown more sophisticated and more dangerous in 2020, and corporate-level espionage that impacts production has become more prevalent – meaning that companies have to be more cautious about closing security loopholes.
United States – City of Lafayette, Colorado
https://www.securityweek.com/colorado-city-pays-45000-ransom-after-cyber-attack?&web_view=true
Exploit: Ransomware
City of Lafayette, CO: Municipal Government
Risk to Small Business: 2.101 = Severe
The City of Lafayette, CO paid $45k to cybercriminals to restore access to municipal computers after a successful ransomware attack shut municipal networks down including city emails, phones, online payments, and reservation systems. The cost of restoration and the impact of the shutdown on city services impacted the city’s calculations when choosing to pay the ransom or restore from backups.
Individual Risk: 2.801 = Moderate
City officials say that credit card information was not compromised, and there was no evidence that personal data was stolen either, residents should monitor their accounts for suspicious activity as a precaution.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware can be so damaging that paying the ransom is less than the cost of recovery. Without adequate protections in place including updates security awareness training and access controls, organizations (and their budgets) can take a big hit from ransomware.
The Week in Breach Cybersecurity and New Breach News Risk Levels
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach Cybersecurity and New Breach News are calculated using a formula that considers a wide range of factors related to the assessed breach.