Make sure to add us or contact us for the latest news
The Week in Breach: Featured – The malware that usually installs ransomware and you need to remove right away
If you see any of these malware strains on your enterprise networks, stop everything you’re doing and audit all systems.
Gone are the days when ransomware groups operated by launching mass email spam campaigns in the hopes of infecting random users across the internet.
Today, ransomware operators have evolved from a niche of clumsy malware gangs into a series of complex cybercrime cartels with the skills, tools, and budgets of government-sponsored hacking groups.
Nowadays, ransomware gangs rely on multi-level partnerships with other cybercrime operations. Called “initial access brokers,” these groups operate as the supply chain of the criminal underground, providing ransomware gangs (and others) with access to large collections of compromised systems.
Consisting of hacked RDP endpoints, backdoored networking devices, and malware-infected computers, these systems allow ransomware gangs to easily gain access to corporate networks, escalate their access, and encrypt files to demand huge ransoms.
If you see these Malware Strains – stop what you are doing and audit to remove this software:
The Week in Breach News – United States
United States – The North Face
Exploit: Credential Stuffing
The North Face: Outdoor Apparel Retailer
Risk to Business: 2.322 = Severe
Hackers mounted a successful attack against outdoor retailer The North Face, capturing an unknown amount of client data in the process. While retail operations were not disrupted, the company has released a caution to customers about the incident.
Individual Risk: 2.711 = Moderate
The company noted that the breach includes “products you have purchased on our website, products you have saved to your ‘favorites,’ your billing address, your shipping address(es), your VIPeak customer loyalty point total, your email preferences, your first and last name, your birthday (if you saved it to your account), and your telephone number (if you saved it to your account)”. Payment information was stored separately and more securely and not impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Credential stuffing attacks have gained new fuel from a bountiful harvest of Dark Web data dumps adding fresh ammo for cybercrime.
IntegraMSP to the Rescue: Multifactor authentication with Passly is the perfect tool to guard your business against credential stuffing attacks. LEARN MORE>>
United States – Delaware Division of Public Health
Exploit: Accidental Data Sharing
Delaware Division of Public Health: State Health Agency
Risk to Business: 2.311 = Severe
The Delaware Division of Public Health announced that in mid-September, a temp sent two emails containing COVID-19 test results for approximately 10,000 individuals to the wrong party. The August 13, 2020, email included test results for individuals tested between July 16, 2020, and August 10, 2020. The August 20, 2020, email included test results for individuals tested on August 15, 2020. Investigators have determined that these emails were sent by mistake, as the information was supposed to be sent to a member of the call center staff to assist individuals in obtaining their test results.
Individual Risk: 2.824 = Moderate
The information mistakenly released in this foul-up included the date of the test, test location, patient name, patient date of birth, phone number if provided, and test result.
Customers Impacted: 10,000
How it Could Affect Your Business: Human error remains the number one cause of a data breach. Security awareness training is the most effective way to prevent unfortunate employee errors.
IntegraMSP to the Rescue: No business can afford to overlook regular cybersecurity awareness training and risk mitigation. Our digital risk protection platform has the solutions that you need to provide strong security for your business at a great price. LEARN MORE>>
United States – Vertafore Inc.
Exploit: Unsecured Database
Vertafore Inc.: Insurance Company
Risk to Business: 1.702 = Severe
Information about 27.7 million Texas drivers has been exposed online and stolen from an unsecured database belonging to insurance company Vertafore Inc. after someone put three major company files on an unsecured storage server.
Individual Risk: 2.662 = Moderate
The company says that no identification misuse has been determined, but they’re also offering free credit monitoring and identity restoration services to all Texas driver’s license holders potentially affected by the data breach.
Customers Impacted: $27.7 million
How it Could Affect Your Business Bad data handling is a symptom of poor cybersecurity hygiene, and it can easily lead to bigger problems like ransomware and password compromise.
IntegraMSP to the Rescue: Ransomware is typically delivered as the nasty cargo of a phishing attack. Improve your staff’s phishing resistance to fight back against ransomware threats. LEARN MORE>>
United States – X-Cart
Exploit: Third Party Software
X-Cart: eCommerce Platform Creator
Risk to Business: 2.003 = Severe
X-cart discovered the danger of vetting errors when attackers exploited a vulnerability in a third-party software tool to gain access to X-Cart’s store hosting systems. Some stores went down completely, while others reported issues with sending email alerts. The incident is under investigation and service has been restored for clients.
Individual Risk: No personal or consumer information was reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks can come from unexpected quarters, like a vulnerability in third-party software that you rely on.
IntegraMSP to the Rescue: Passly adds essential protection to your systems and data through secure identity and access management to place a strong shield between your business and cybercrime. LEARN MORE>>
United States – Wildworks (Animal Jam)
Exploit: Third Party Data Breach
Wildworks: Video Game Developer
Risk to Business: 1.664 = Severe
Wildworks, the developer of the online kid’s playground Animal Jam, announced a data breach involving a third-party vendor that exposed the information of millions of children on the Dark Web. The information appeared on the Dark Web as the booty of cybercrime gang ShinyHunters.
Individual Risk: 1.902 = Severe
Exposed information includes 46 million player usernames, which are human moderated to make sure they do not contain a child’s proper name, 46 million SHA1 hashed passwords and approximately 7 million email addresses of parents whose children registered for Animal Jam.
Customers Impacted: 46 million
How it Could Affect Your Business: Third-party service providers may not have the same commitment to data security as you do. It pays to do your homework to avoid these problems whenever possible.
IntegraMSP to the Rescue: Information like this can hang around for years after it hits the Dark Web. Make sure your staff’s credentials haven’t been exposed with Dark Web ID 24/7/365 monitoring. SEE HOW IT WORKS>>
United States – Pluto TV
Pluto TV: Online Television Service
Risk to Business: 2.166 = Severe
Hackers from the cybercrime gang ShinyHunters have announced the acquisition of 3.2 million Pluto TV user records that were purportedly stolen during a data breach. The data appears to be somewhat out of date, and Pluto TV has not confirmed the breach.
Individual Risk: 2.611 = Moderate
Exposed information includes a member’s display name, email address, bcrypt hashed password, birthday, device platform, and IP address. The data is estimated to be about two years old.
Customers Impacted: Unknown
How it Could Affect Your Business: Protecting your client records and other sensitive data from thieves has to be a top priority, no matter how old it is. Customers expect that you’ll keep it safe with reasonable security precautions in place.
IntegraMSP to the Rescue: Passly helps keep data safer by providing strong protection against hacking with single sign-on to make it easy to control access exactly where you need it. LEARN MORE>>
The Week in Breach Risk Levels
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.