The Week in Breach: Is any data sacred? AT&T and Another Yahoo Breach-Over 1 Billion sensitive customer files

Make sure to add us or contact us for the latest news

Real-Time Service Alerts



Over 1 Billion Records Compromised with 2 Hacks. This week alone. It’s safe to assume that your data is NOT safe.


As each week passes, IT professionals sound more like broken records than ever before. What was once a horrifying, but not common data breach – has now become a daily affair. We have all grown numb to each new breach – but this week’s numbers are a bit staggering not only in the sheer volume, but also in what they contain. Between the ‘alleged’ AT&T hack and the Yahoo confirmed hack – we are talking almost 1.1 Billion records being compromised. Yes that is Billion with a Capital B.

Besides the quantity of records – is also the QUALITY of the records. The alleged AT&T data for sale is comprised of not just email addresses and phone #’s, but also social security numbers, and dates of birth.

AT&T Data: ‘ShinyHunters, the same group of threat actors that posted T-Mobile users’ data for sale just days ago, is now selling 70 million records that allegedly belong to another mobile service provider – AT&T. The sample of data for sale includes AT&T users’ full names, social security numbers, email addresses, and dates of birth’.

In the Yahoo breach – quite a lot of data was harvested. “The data stolen in the latest incident may involve names, email addresses, telephone numbers and encrypted passwords. Clear text passwords, credit card or bank account data have apparently not been compromised. However, affected users are urged to change their passwords and review their online accounts for suspicious activity.”

What does this mean for the average consumer? It means it is time to get a good credit monitoring service, change your passwords, multi-factor authenticate everything you can, and check your accounts often for any disparities.

It is safe to assume that social engineering ploys are going to see a sharp increase with the data that is being sold on the dark web.

If you would like to discuss security options for your business like threat detection and password managers – reach out and let us have a discussion on how we can best protect your business from intrusion.

Dark Web ID’s Top Threats This Week


 

AT&T

https://cybernews.com/news/att-database-of-70-million-users-sold-on-hacker-forum/

Exploit: Hacking

AT&T: Communications Conglomerate

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.422 = Extreme

A bit of drama has arisen around what appears to be a data breach at telecom giant AT&T. What’s not in dispute is that 70 million records that allegedly belong to AT&T made their debut on the dark web market this week courtesy of ShinyHunters. The hackers contend that this treasure trove is fresh data obtained from AT&T through their ingenuity. AT&T contends that no breach happened and that this data was obtained from an unnamed third-party source. ShinyHunters’ reputation precedes them; they are the cybercriminals responsible for well-known data thefts at Microsoft, Tokopedia, Mashable, Pluto TV and a host of other targets, lending credence to their claims. The controversy was not resolved at press time.

Individual Impact: ShinyHunters provided what looks like customer information in the sample posted to their announcement, but the full spectrum of the leaked data is unclear.

Customers Impacted: Unknown

How It Could Affect Your Business: Maintaining strong security in every nook and cranny of your business is vital to protecting them from increasingly sophisticated hacking threats.

IntegraMSP to the Rescue: Build a strong defensive bulwark for your company with the information gained from the webinar How to Build Your Cybersecurity Fortress. WATCH NOW>>

IntegraMSP to the Rescue: As companies become more connected in today’s business landscape, third-party risk is escalating and every business must be ready. Download our ebook on third-party risk. GET THE EBOOK>>

Indiana Department of Health

https://www.wowo.com/personal-data-of-nearly-750000-hoosiers-accessed-improperly/

Exploit: Misconfiguration

Indiana Department of Health: State Agency

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.723 = Severe

The Indiana Department of Health has disclosed that data from the state’s COVID-19 online contact tracing survey was improperly accessed in a database misconfiguration incident after a company looking to form a security-based business relationship with the agency accessed it and informed the Department of the mistake. The agency and the company involved signed an agreement noting that the data had not been copied or downloaded. The misconfiguration issue has been corrected according to the agency.

cybersecurity news represented by agauge showing severe risk

Risk to Individual: 1.571 = Severe

The data included the name, address, email, gender, ethnicity and race, and birthday of nearly 750,000 Hoosiers, according to IDOH. The agency will send letters notifying those affected by the breach and extend an offer for one year of free credit monitoring with Experian.

Customers Impacted: 750,000

How It Could Affect Your Business Government targets have been especially under the gun recently as cybercriminals seek easy routes to gaining big scores of personal data from targets with historically poor security.

IntegraMSP to the Rescue: Developing safe security practices is essential in today’s volatile threat atmosphere. Our Security Awareness Champion’s Guide helps explain complex risks in a fun way! DOWNLOAD IT>>

St. Joseph’s/Candler Health System

https://portswigger.net/daily-swig/us-healthcare-org-sends-data-breach-warning-to-1-4m-patients-following-ransomware-attack

Exploit: Ransomware

St. Joseph’s/Candler(SJ/C): Health System

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.673=Severe

St. Joseph’s/Candler, a major Georgia healthcare network, has admitted that it has suffered a data breach as part of a ransomware incident that it just uncovered. The system’s IT staff first detected the breach on June 17, but the intrusion occurred as early as December 20, 2020. The cybercriminals launched ransomware from this break-in. The hospital system also disclosed that it had been forced to use pencil and per recordkeeping briefly after it became unable to access its systems or data. That has since been resolved and IT systems restored. The incident is still under investigation.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 1.811=Severe

The stolen data includes extensive patient records including each patient’s name, address, date of birth, Social Security number, driver’s license number, patient account number, billing account number and assorted other financial information. It also includes their health insurance plan member ID, medical record number, dates of service, provider names and information about the medical and clinical treatment they’ve received from SJ/C. Impacted patients will be notified by mail and offered free credit monitoring and identity protection services.

Customers Impacted: 100 million

How It Could Affect Your Business It shouldn’t take that long to detect an intrusion, especially since healthcare targets have been increasingly endangered for the last year. That speaks to poor cybersecurity hygiene.

IntegraMSP to the Rescue: What happens when you pay a ransom? Nothing good. See how the cash shakes down and how gangs make their money in Ransomware Exposed!. DOWNLOAD IT>>


1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.