The Week In Breach – Uber Eats Compromised

Make sure to add us or contact us for the latest news

new breach news

by Kevin Lancaster

This Week in Cybersecurity & Breach News


Cybersecurity News: Dark Web ID’s Top Threats


  • Top Source Hits: ID Theft Forum
  • Top Compromise Type: Domain
  • Top Industry: Education & Research
  • Top Employee Count: 501+

Cybersecurity and Breach News – United States


United States –  UberEats

https://securityaffairs.co/wordpress/106770/deep-web/ubereats-data-leaked-dark-web.html?web_view=true

Exploit: Unauthorized Database Access

Uber Eats: App-Based Food Delivery Service

cybersecurity news represented by a gauge indicating moderate risk & New Breach News

Risk to Small Business: 2.691 = Moderate

Security analysts doing routine Dark Web and Deep Web monitoring uncovered a data dump containing details about customers, delivery drivers, and delivery partners for UberEats. The 9 TXT files leaked by the threat actor include login credentials of 579 UberEATS customers and details of 100 delivery drivers. The data includes login credentials, full name, contact number, trip details, bank card details, and, account creation dates.

cybersecurity news represented by agauge showing severe risk & New Breach News

Individual Risk: 2.377 = Severe

No details about how affected customers and drivers will be informed or any remediationn offered have been released. UberEats customers, drivers, and partners should reset their account credentials and be alert for credit card fraud, spear phishing, and identity theft dangers.

Customers Impacted: 679

How it Could Affect Your  Business: This breach is especially troubling because it is unacknowledged and it was discovered by Dark Web analysts instead of internal IT, putting in question the company’s transparency about security and attention to small security issues.

United States – Summit Medical Associates

https://hotforsecurity.bitdefender.com/blog/summit-medical-associates-discloses-ransomware-attack-patient-and-affiliate-information-potentially-impacted-23874.html?web_view=true

Exploit: Ransomware

Summit Medical Associates: Healthcare Provider

cybersecurity & breach news represented by a gauge showing severe risk & New Breach News

Risk to Small Business: 1.979 = Severe

A data breach has come to light at Summit Health after the Tennessee-based practice group reported that it had experienced an “inability to access certain records” in early June. A tired arty investigator determined that not only was it a ransomware incident, but the cybercriminals had also been able to access to their systems for nearly six months before the breach.

cybersecurity news represented by a gauge indicating moderate risk & New Breach News

Individual Risk: 2.799 = Moderate

There has been no reported no evidence that patient information was compromised, the affected server did contain patient PII including names, medical information, and Social Security numbers.

Customers Impacted: Unknown

How it Could Affect Your Business Cybercriminals had access to this server for six months before anyone noticed. Security awareness, data handling, credential monitoring, and phishing resistance training keep eyes on the ball for cybersecurity, lowering the chance that something like this happens (or persists).

United States – The Blacklist Alliance

https://krebsonsecurity.com/2020/08/robocall-legal-advocate-leaks-customer-data/?web_view=true

Exploit: Unauthorized Database Access

The Blacklist Alliance: Robocall Legal Advocate

cybersecurity news represented by agauge showing severe risk & New Breach News

Risk to Small Business: 1.717 = Severe

In an ironic turn of events, The Blacklist Alliance, a company that helps telemarketers dodge lawsuits from violations of the Telephone Consumer Protection Act, has experienced a data breach that leaked the phone numbers, email addresses and passwords of all its customers, as well as mobile phone numbers and data on people who have hired lawyers to go after telemarketers. Thousands of documents, emails, spreadsheets, images, and the names tied to a huge number of mobile phone numbers were freely accessible from the domain theblacklist.click. The directory also included all 388 Blacklist customer API keys, as well as each customer’s phone number, employer, username, and password ( hashed using the MD5 algorithm).

cybersecurity news represented by agauge showing severe risk & New Breach News

Individual Risk: 1.912 = Severe

Individuals and companies who have done business with The Blacklist Alliance should consider their information at risk for fraud, identity theft, blackmail, or spear phishing attempts.

Customers Impacted: 388+

How it Could Affect Your Business:  A failure to secure PII and other sensitive data in an industry that handles secretive personal matters like this can be disastrous. Not only does it open the company up to legal and reputational risk, but it also risks the company’s ability to keep doing business in an industry that prizes anonymity.

United States – CWT

https://uk.reuters.com/article/uk-cyber-cwt-ransom/payment-sent-travel-giant-cwt-pays-4-5-million-ransom-to-cyber-criminals-idUKKCN24W26P?&web_view=true

Exploit: Ransomware

CWT: Travel Management

cybersecurity news represented by agauge showing severe risk & New Breach News

Risk to Small Business: 1.882 = Severe

CWT reportedly paid an eye-popping $4.5 million to cybercriminals using Ragnar Locker ransomware to decrypt reams of sensitive corporate files and restore 30,000 company computers that were knocked offline. Reportedly, the hackers initially demanded $10 million. Reuters included details and screenshots of the negotiation in a story filed last week. The ransom note left by the hackers claimed to have stolen two terabytes of files, including financial reports, security documents, and employees’ personal data such as email addresses and salary information.

Individual Risk: No personally identifiable information or financial information was reported as stolen

Customers Impacted: Unknown

How it Could Affect Your Business: The most common delivery system for ransomware is a phishing email – and 90% of incidents that end in a data breach start with a phishing email. Boosting phishing resistance is essential to lower the chance of a successful ransomware attack.

United States – Boyce Technologies

https://cointelegraph.com/news/ransomware-threatens-production-of-300-ventilators-per-day?web_view=true

Exploit: Ransomware

Boyce Technologies: Medical Equipment Manufacturer

cybersecurity news gauge indicating extreme risk & New Breach News

Risk to Small Business: 1.407 = Extreme

Essential medical equipment producer Boyce Technologies was attacked with DoppelPaymer ransomware. The company produces about 300 low-cost ventilators per day using human and robotic labor. Microsoft noted that this type of ransomware uses “brute force” against a target company’s systems management server. It has extensively targeted the healthcare sector since the start of the COVID-19 crisis.

Individual Risk: No personal or financial information was reported as compromised.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware attacks have grown more sophisticated and more dangerous in 2020, and corporate-level espionage that impacts production has become more prevalent – meaning that companies have to be more cautious about closing security loopholes.

United States – City of Lafayette, Colorado

https://www.securityweek.com/colorado-city-pays-45000-ransom-after-cyber-attack?&web_view=true

Exploit: Ransomware

City of Lafayette, CO: Municipal Government

cybersecurity news represented by agauge showing severe risk & New Breach News

Risk to Small Business: 2.101 = Severe

The City of Lafayette, CO paid $45k to cybercriminals to restore access to municipal computers after a successful ransomware attack shut municipal networks down including city emails, phones, online payments, and reservation systems. The cost of restoration and the impact of the shutdown on city services impacted the city’s calculations when choosing to pay the ransom or restore from backups.

cybersecurity news represented by a gauge indicating moderate risk & New Breach News

Individual Risk: 2.801 = Moderate

City officials say that credit card information was not compromised, and there was no evidence that personal data was stolen either, residents should monitor their accounts for suspicious activity as a precaution.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware can be so damaging that paying the ransom is less than the cost of recovery. Without adequate protections in place including updates security awareness training and access controls, organizations (and their budgets) can take a big hit from ransomware.

The Week in Breach Cybersecurity and New Breach News Risk Levels


1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach Cybersecurity and New Breach News are calculated using a formula that considers a wide range of factors related to the assessed breach.