The Week in Breach – Hackers scale The North Face

Make sure to add us or contact us for the latest news

The Week in Breach: Featured – The malware that usually installs ransomware and you need to remove right away

If you see any of these malware strains on your enterprise networks, stop everything you’re doing and audit all systems.

Gone are the days when ransomware groups operated by launching mass email spam campaigns in the hopes of infecting random users across the internet.

Today, ransomware operators have evolved from a niche of clumsy malware gangs into a series of complex cybercrime cartels with the skills, tools, and budgets of government-sponsored hacking groups.

Nowadays, ransomware gangs rely on multi-level partnerships with other cybercrime operations. Called “initial access brokers,” these groups operate as the supply chain of the criminal underground, providing ransomware gangs (and others) with access to large collections of compromised systems.

Consisting of hacked RDP endpoints, backdoored networking devices, and malware-infected computers, these systems allow ransomware gangs to easily gain access to corporate networks, escalate their access, and encrypt files to demand huge ransoms.

If you see these Malware Strains – stop what you are doing and audit to remove this software:

Find The Full List Here

The Week in Breach News – United States


United States – The North Face

https://chainstoreage.com/report-hackers-may-have-obtained-north-face-customer-data

Exploit: Credential Stuffing

The North Face: Outdoor Apparel Retailer

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 2.322 = Severe

Hackers mounted a successful attack against outdoor retailer The North Face, capturing an unknown amount of client data in the process. While retail operations were not disrupted, the company has released a caution to customers about the incident.

cybersecurity news represented by a gauge indicating moderate risk

 

Individual Risk: 2.711 = Moderate

The company noted that the breach includes “products you have purchased on our website, products you have saved to your ‘favorites,’ your billing address, your shipping address(es), your VIPeak customer loyalty point total, your email preferences, your first and last name, your birthday (if you saved it to your account), and your telephone number (if you saved it to your account)”. Payment information was stored separately and more securely and not impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your Business: Credential stuffing attacks have gained new fuel from a bountiful harvest of Dark Web data dumps adding fresh ammo for cybercrime.

IntegraMSP to the Rescue: Multifactor authentication with Passly is the perfect tool to guard your business against credential stuffing attacks. LEARN MORE>>


United States –  Delaware Division of Public Health

https://news.delaware.gov/2020/11/15/delaware-division-of-public-health-announces-data-breach-incident/

Exploit: Accidental Data Sharing

Delaware Division of Public Health: State Health Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.311 = Severe

The Delaware Division of Public Health announced that in mid-September, a temp sent two emails containing COVID-19 test results for approximately 10,000 individuals to the wrong party. The August 13, 2020, email included test results for individuals tested between July 16, 2020, and August 10, 2020. The August 20, 2020, email included test results for individuals tested on August 15, 2020. Investigators have determined that these emails were sent by mistake, as the information was supposed to be sent to a member of the call center staff to assist individuals in obtaining their test results.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.824 = Moderate

The information mistakenly released in this foul-up included the date of the test, test location, patient name, patient date of birth, phone number if provided, and test result.

Customers Impacted: 10,000

How it Could Affect Your Business: Human error remains the number one cause of a data breach. Security awareness training is the most effective way to prevent unfortunate employee errors.

IntegraMSP to the Rescue: No business can afford to overlook regular cybersecurity awareness training and risk mitigation. Our digital risk protection platform has the solutions that you need to provide strong security for your business at a great price. LEARN MORE>>


United States – Vertafore Inc.

https://siliconangle.com/2020/11/15/data-belonging-27-7m-texas-drivers-stolen-latest-case-unsecured-storage/

Exploit: Unsecured Database

Vertafore Inc.: Insurance Company

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.702 = Severe

Information about 27.7 million Texas drivers has been exposed online and stolen from an unsecured database belonging to insurance company Vertafore Inc. after someone put three major company files on an unsecured storage server.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.662 = Moderate

The company says that no identification misuse has been determined, but they’re also offering free credit monitoring and identity restoration services to all Texas driver’s license holders potentially affected by the data breach.

Customers Impacted: $27.7 million

How it Could Affect Your Business Bad data handling is a symptom of poor cybersecurity hygiene, and it can easily lead to bigger problems like ransomware and password compromise.

IntegraMSP to the Rescue: Ransomware is typically delivered as the nasty cargo of a phishing attack. Improve your staff’s phishing resistance to fight back against ransomware threats. LEARN MORE>>


United States – X-Cart

http://www.digitaljournal.com/tech-and-science/technology/x-cart-suffers-from-ransomware-attack/article/580881

Exploit: Third Party Software

X-Cart: eCommerce Platform Creator

cybersecurity news represented by agauge showing severe risk

Risk to Business: 2.003 = Severe

X-cart discovered the danger of vetting errors when attackers exploited a vulnerability in a third-party software tool to gain access to X-Cart’s store hosting systems. Some stores went down completely, while others reported issues with sending email alerts. The incident is under investigation and service has been restored for clients.

Individual Risk: No personal or consumer information was reported as impacted in this incident.

Customers Impacted: Unknown

How it Could Affect Your  Business: Cyberattacks can come from unexpected quarters, like a vulnerability in third-party software that you rely on.

IntegraMSP to the Rescue: Passly adds essential protection to your systems and data through secure identity and access management to place a strong shield between your business and cybercrime.  LEARN MORE>>


United States – Wildworks (Animal Jam)

https://www.informationsecuritybuzz.com/expert-comments/animal-jam-kids-virtual-world-hit-by-data-breach-impacting-46m-accounts-expert-commentary/

Exploit: Third Party Data Breach

Wildworks: Video Game Developer

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 1.664 = Severe

Wildworks, the developer of the online kid’s playground Animal Jam, announced a data breach involving a third-party vendor that exposed the information of millions of children on the Dark Web. The information appeared on the Dark Web as the booty of cybercrime gang ShinyHunters.

cybersecurity news represented by agauge showing severe risk

 

Individual Risk: 1.902 = Severe

Exposed information includes 46 million player usernames, which are human moderated to make sure they do not contain a child’s proper name, 46 million SHA1 hashed passwords and approximately 7 million email addresses of parents whose children registered for Animal Jam.

Customers Impacted: 46 million

How it Could Affect Your Business: Third-party service providers may not have the same commitment to data security as you do. It pays to do your homework to avoid these problems whenever possible.

IntegraMSP to the Rescue: Information like this can hang around for years after it hits the Dark Web. Make sure your staff’s credentials haven’t been exposed with Dark Web ID 24/7/365 monitoring. SEE HOW IT WORKS>>


United States – Pluto TV

https://www.bleepingcomputer.com/news/security/hacker-shares-32-million-pluto-tv-accounts-for-free-on-forum/

Exploit: Hacking

Pluto TV: Online Television Service

cybersecurity news represented by agauge showing severe risk

 

Risk to Business: 2.166 = Severe

Hackers from the cybercrime gang ShinyHunters have announced the acquisition of 3.2 million Pluto TV user records that were purportedly stolen during a data breach. The data appears to be somewhat out of date, and Pluto TV has not confirmed the breach.

cybersecurity news represented by a gauge indicating moderate risk

 

Individual Risk: 2.611 = Moderate

Exposed information includes a member’s display name, email address, bcrypt hashed password, birthday, device platform, and IP address. The data is estimated to be about two years old.

Customers Impacted: Unknown

How it Could Affect Your Business: Protecting your client records and other sensitive data from thieves has to be a top priority, no matter how old it is. Customers expect that you’ll keep it safe with reasonable security precautions in place.

IntegraMSP to the Rescue: Passly helps keep data safer by providing strong protection against hacking with single sign-on to make it easy to control access exactly where you need it. LEARN MORE>>

The Week in Breach Risk Levels


1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.