THE WEEK IN BREACH – Barnes & Noble confirms cyberattack, suspected customer data breach

Make sure to add us or contact us for the latest news

The Week in Breach: Featured -Barnes & Noble confirms cyberattack, suspected customer data breach

Barnes & Noble has confirmed a cyberattack impacting Nook services and potentially exposing customer data.

Over the weekend, as reported by Bleeping Computer, Barnes & Noble customers complained across social media of outages. Some customers were unable to access their Nook libraries, their previous purchases had vanished into thin air, others were not able to log in to the firm’s online platform, and connectivity issues between sending or loading new books ran rampant.

As noted by The Register, the outage also spread to physical outlets, where it appeared that some cash registers were also “briefly” unable to function.

Nook said at the time that a “system failure” was at fault and engineers were working hard to “get all Nook services back to full operation.”

“Unfortunately, it has taken longer than anticipated,” Nook continued. “We sincerely apologize for this inconvenience and frustration.”

Now, Barnes & Noble has confirmed to customers that cyberattackers caused the service disruption. 

While the details of the cyberattack are yet to be made public, it is possible that ransomware could be at the heart of the incident.  Full Article can be found here

Security flaws like this can be used to compromise corporate networks and deploy payloads, including ransomware. In recent months, AG and the Duesseldorf University Hospital have experienced severe ransomware attacks.

The Week in Breach News – United States


United States –  Boom! Mobile

https://securityaffairs.co/wordpress/108925/malware/ajg-ransomware-attack.html

Exploit: Skimming (MageCart)

Boom! Mobile: Telecom

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.997 = Severe

Credit card skimming software has landed at Boom! Mobile, courtesy of the cybercriminal skimmers at Fullz House. The card skimmer code settled in, collecting payment card information from input fields every time it detects any changes and immediately exfiltrating the harvested data for a week. The company’s mobile payment system is still undergoing repairs.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.517 = Severe

Customers of Boom! Mobile who made electronic payments through the company’s website should consider their credit card information compromised and be alert to potential identity theft or fraud using that account.

Customers Impacted: Unknown

How it Could Affect Your Business: Malware like this runs on a script that’s been grafted into the payment system, meaning cybercriminals have access to the nuts and bolts of that business.

 IntegraMSP to the Rescue: Passly guards against intrusion with cracked, stolen, or compromised passwords by adding simple but effective secure identity and access management protection. LEARN MORE>>


United States – Friendemic

https://www.infosecurity-magazine.com/news/marketing-firm-spills-nearly-three/

Exploit: Unsecured Database

Friendemic: Marketing Firm

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.227 = Severe

Digital marketing firm Friendemic committed a classic blunder that led to a nasty data breach. An unsecured Amazon S3 bucket resulted in the exposure of  2.7 million records including full names, phone numbers, and email addresses, alongside 16 OAuth tokens stored in plaintext. The company noted that the information was not current customer data and the OAuth tokens were not currently in use.

Individual Risk: No individual information was reported as compromised in this incident, although the potential is there. No details about the uncovered data are available.

Customers Impacted: Unknown

How it Could Affect Your Business Failing to secure a database, even an old one, shows a basic lack of attention to cybersecurity best practices, and that doesn’t build customer confidence.

IntegraMSP to the Rescue: BullPhish ID is an easy, cost-effective solution to help companies train staffers to be aware of cybersecurity risks including phishing with “set it and forget it” campaign management and plug-and-play training kits. LEARN MORE>>


United States – AAA Ambulance Service, Inc.

https://www.hattiesburgamerican.com/story/news/local/hattiesburg/2020/10/05/aaa-ambulance-service-hattiesburg-ms-reports-july-data-breach/3625304001/

Exploit: Ransomware

AAA Ambulance Service, Inc.: Ambulance Service

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.602 = Severe

Hattiesburg, Mississippi based AAA Ambulance Service, Inc. is just one of several medical sector targets impacted by ransomware this week. A ransomware attack was repelled by the company’s security in July, but it was recently discovered that some client data was obtained around August 2020.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.316 = Severe

Personal information about clients of the service was obtained by hackers, including client date of birth, Social Security number, driver’s license number, financial account number, diagnosis information, medical treatment information, patient account number, prescription information, medical record number, and health insurance information. Customers who may have been impacted have been contacted by the company and are also being offered complimentary credit monitoring services through TransUnion.

Customers Impacted: Unknown

How it Could Affect Your Business: Serious personal information deserves serious security – and even a seemingly unsuccessful cyberattack can still result in data loss. Not only will healthcare sector companies have to pay recovery costs, but they’ll also be on the hook for regulatory penalties.

IntegraMSP to the Rescue: Ransomware is almost inevitably the nasty result of an employee falling for a phishing attack. BullPhish ID keeps staffers trained on current threats, with 4 new phishing resistance training kits added every month.  LEARN MORE>>


United States – Chowbus

https://www.businessinsider.com/chowbus-data-breach-leaked-information-hundreds-thousands-users-2020-10

Exploit: Accidental Insider Threat

Chowbus: Asian Food Delivery Service

cybersecurity news represented by a gauge indicating moderate risk

 

Risk to Business: 2.267 = Moderate

A Chowbus staffer committed a blunder this week, resulting in a massive cybersecurity disaster. An email address registered with the company sent a link to files containing details of about 4,300 restaurants as well as information for 400,000 customers. So far, the incident appears to be a simple human error.

cybersecurity news represented by a gauge indicating moderate risk

 

Individual Risk: 2.660 = Moderate

The 400,000 customer accounts leaked included clients’ names, postal addresses, phone numbers, and email addresses. All of the impacted accounts may not be unique, and no payment data was compromised. The restaurant information included was not specified.

Customers Impacted: 4,300 restaurants and approximately 400,000 customers.

How it Could Affect Your Business: The number one cause of a data breach never really changes – human error is typically at fault, whether it’s giving up a phished password or making an email forwarding mistake.

IntegraMSP to the Rescue: The ID Agent digital risk protection platform enables organizations of any size to implement security awareness training quickly and easily, bringing staffers up to date on the latest threats without breaking the bank. LEARN MORE>>


United States – Daniel B. Hastings

https://www.freightwaves.com/news/ransomware-hackers-claims-attack-on-texas-customs-broker

Exploit: Ransomware

Daniel B. Hastings: Freight Forwarder

cybersecurity news represented by a gauge indicating moderate risk

 

Risk to Business: 2.326 = Moderate

In the latest incident in a spate of recent trucking and freight transport industry cyberattacks, Laredo, Texas-based Daniel B. Hastings was hit with a ransomware attack. the Conti ransomware group posted a selection of the company’s files on Saturday, and sources say that they appear authentic. They include completed U.S. Customs and Border Protection documents for shipments involving multiple countries, companies, and modes of transport.

Individual Risk: No personal data has been reported as impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your Business: Ransomware is a devastating weapon that bad actors are using to shut down essential services and attacks in the transportation and freight sectors have been increasing, with recent incidents involving several trucking and shipping companies.

IntegraMSP to the Rescue: Learn how to protect systems and data from ransomware in our eBook “Ransomware 101“. Contact us to get>>


United States – Georgia Department of Human Services

https://www.cbs46.com/news/cyber-attack-targets-georgia-department-of-human-services/article_57f9749e-0a72-11eb-a724-3b34ced6f18f.html

Exploit: Employee Email Account Compromise

Georgia Department of Human Services: State Agency

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.414 = Extreme

A massive breach at the Georgia Department of Human Services has left the highly sensitive data of adults and children in Child Protective Services (CPS) cases of the DHS Division of Family & Children Services (DFCS). The employee email account compromise ocurred in May 2020. Georgia DHS secured the account quickly, but damage included

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.202 = Extreme

Extremely sensitive information about parens, children, and families that has contact with DFCS was stolen in this attack, including full names of children involved in those cases and household members, relationship to the child receiving services, county of residence, DFCS case numbers, DFCS identification numbers, date of birth, age, number of times contacted by DFCS, an identifier of whether face-to-face contact was medically appropriate, phone numbers, email addresses, Social Security numbers, Medicaid identification numbers, Medicaid medical insurance identification numbers, medical provider names and appointment dates, plus some psychological reports, counseling notes, medical diagnoses, or substance abuse information and bank information.

Customers Impacted: Unknown

How it Could Affect Your Business: Not only does a data breach leave a huge mess of expensive cleanup behind, in many industries like healthcare, a data breach can also mean your organization will be paying big regulatory penalties and fines too.

IntegraMSP to the Rescue: Information like the personal and medical data obtained in this breach will be a hot commodity on the Dark Web. Protect your systems and data from Dark Web danger with 24/7/365 credential monitoring through Dark Web ID. SEE DARK WEB ID IN ACTION>>

The Week in Breach Risk Levels


1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.