Make sure to add us or contact us for the latest news The Week in Breach: Featured Threat The BlackBaud…
In a story with so many twist and turns that it seems like an action movie, Tesla dodged a bullet this week when FBI investigators revealed that it was the target of an audacious insider threat/ransomware/nation state attack .
According to reports, a potentially state-backed Russian cybercrime gang attempted to bribe a Tesla employee $1 million to install malicious ransomware code designed to steal corporate secrets and lock down Tesla’s operations at its Gigafactory near Reno, Nevada.
So, what’s the big takeaway from this sensational cybersecurity incident? Every company must consider insider threats in its cybersecurity plan.
to ‘LEVEL UP’ Your Security
Breach News This Week: This week: Warner Music sings the blues after a skimming attack surfaces, data breach costs (and risks) are soaring for businesses in every sector, and our new eBook on the state of phishing in 2020 shows you why it’s today’s biggest risk.
Exploit: Unsecured Database
Telmate: Correctional Facility Communications
Risk to Business: 2.014 = Severe
An a misconfigured Amazon S3 Bucket is to blame for a nasty data breach involving Telnet, makers of the Getting Out app used for inmate communications. The app, (which charges an exorbitant fee of up to $0.50 per minute for families to communicate with their incarcerated loved ones), is commonly monitored by prison officials, but the data that has been leaked is the kind of highly sensitive personal information like whether an inmate identifies as transgender, their relationship status, prescription medication they take, and their religion. The company, part of the Global Tel Link family, blames a third party vendor for the incident. Experts say that 11,210,948 inmate records and 227,770,157 messages were exposed.
Individual Risk: 2.314 = Severe
While Telnet maintains that no medical data, passwords, or consumer payment information were affected, the information that has been widely available through this unsecured bucket is potentially personally damaging and opens prisoners and their families up to identity theft and blackmail risks, as well as targeting for hate crime.
Customers Impacted: 2.3 million inmates and their families
How it Could Affect Your Business: Failing to secure simple data storage tools like this is indicative of a lax attitude toward security throughout a company, and can turn off customers and potential partners. This is Telnet’s second security incident this year.
IntegraMSP to the Rescue: Simple, effective secure identity and access management for any company is just a step away – Passly packs essential features like single sign-on, multifactor authentication, and shared password storage vaults into one affordable package. REQUEST A DEMO>>
Cygilant: Information Security Firm
Risk to Business: 1.337 = Extreme
Cybersecurity startup Cygilant finds itself in hot water after falling victim to a ranasomware attack. Cygilant is believed to be the latest victim of NetWalker ransomware. A site on the Dark Web associated with the NetWalker ransomware group posted screenshots of internal network files and directories believed to be associated with Cygilant. It is unknown if they paid the ransom, but the Dark Web listing has disappeared.
Individual Risk: No personal information was disclosed as compromised in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business Ransomware is most commonly delivered through a phishing email, today’s most common vector for cyberattacks. Preventing phishing email from landing in employee inboxes is a strong defense against ransomware.
Exploit: Unauthorized Database Access (Phishing)
Roper St. Francis Hospital: Medical Center
Risk to Business: 2.354 = Severe
A newly-announced security breach occurred at Roper St. Francis Hospital between June 13 and June 17. An attacker was able to gain access to a treasure trove of healthcare data by compromising an an employee’s email in a suspected phishing incident at the Charleston, SC hospital. The patient information that was compromised contained names, birth dates, detailed medical records, insurance information, and Social Security numbers.
Individual Risk: 2.004 = Severe
Patients and former patients can determine if attackers got their data by calling a toll-free call center for more information at 1-888-498-0916
Customers Impacted: 6,000
How it Could Affect Your Business: Health care information is at a premium right now because it is a hot seller on the Dark Web – and with an exponential increase in phishing, every healthcare sector organization is high on the hit list for bad actors.
IntegraMSP to the Rescue: This information will likely end up in a Dark Web data dump, serving as ammunition for future spear phishing attempts. BullPhish ID helps train staffers to spot and stop spear phishing . REQUEST A DEMO>>
Exploit: Hacking Instrusion
The Jewish Federation of Greater Washington: Non-Profit
Risk to Business: 1.211 = Extreme
A cyberattack at The Jewish Federation of Greater Washington gave cybercriminals a solid payday. Bad actors were able to hack in through an employee’s home WiFi to a privileged user account and snatch an estimated $7.5 million.The hack was discovered on August 4 by a security contractor who noticed unusual activity in an employee’s email account. That assessment indicates that the hacker had access to the system long before stealing the money, as early as the first months of summer. The organization has 52 employees.
Individual Risk: No personal information or donor financial data was reported as compromised in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: This is an enormous blow to any business, but especially a non-profit that needs funding to continue doing good work in hard times. Notoriously unsafe home WiFi and device or network sharing between parents and children creates opportunities for hackers to slip through.
IntegraMSP to the Rescue: Passly is the solution to prevent unauthorized access to important things. Our affordable secure identity and access management tool includes single sign on launchpads for every user, making it easy for IT staff to remove privileged access if a user account is compromised. LEARN MORE>>
Exploit: Unsecured Database
View Media: Online Marketing Firm
Risk to Business: 2.201 = Severe
A publicly accessible Amazon Web Services (AWS) server that belongs to View Media was discovered by cybersecurity researchers, overflowing with more than 38 million US user records, including their full names, email and street addresses, phone numbers, and ZIP codes. The data included 700 statement of work documents for targeted email and direct mail advertising campaigns stored in PDF files, and 59 CSV and XLS files that contained 38,765,297 records of US citizens in total, of which 23,511,441 records were unique. The bucket also contained thousands of files for various marketing materials, such as banner advertisements, newsletters, and promotional flyers sorted by locations and ZIP codes that the marketing company’s campaigns targeted.
Individual Risk: 2.919 = Moderate
While this is a huge trove of information, no financial or protected personal information was involved, although this information will make its way into Dark Web data dumps.
Customers Impacted: 38 million +
How it Could Affect Your Business: Failing to undertake a simple bit of maintenance like this doesn’t look good in front of potential partners, who may become concerned that your business is a third party security risk and reconsider hiring you.
IntegraMSP to the Rescue: Data like this lives on in Dark Web markets, providing fuel for cyberattacks like phishing and credential stuffing. By choosing a strong digital risk protection platform, you can reduce your risk of cyberattacks. SEE HOW IT WORKS>>
Exploit: Malware (Magecart)
Warner Music: Entertainment Company
Risk to Business: 2.307 = Severe
In a just disclosed breach, Magecart skimming was in action at Warner Music from April 25 and August 5. Warner Music said hackers compromised “a number of US-based e-commerce sites” that were “hosted and supported by an external service provider.” The details that the cybercriminals checked out with include names, email addresses, telephone numbers, billing addresses, shipping addresses, and payment card details (card number, CVC/CVV and expiration date) for account holders and guests who placed items into shopping carts or made purchases in that timeframe.
Individual Risk: 2.297 = Severe
The company did not specify in it’s filing exactly which parts of it’s retail operations were impacted. Warner Music is offering free credit monitoring through Kroll for victims.
Customers Impacted: Unknown
How it Could Affect Your Business: Skimmers like Magecart are a result of hackers gaining access to parts of a website, often by compromising the weak credentials of a privileged account. Improving credential security is a must for strong cybersecurity.
IntegraMSP to the Rescue:Dark Web ID provides 24/7/365 protection to user credentials including especially privileged accounts, alerting you if their credentials appear in Dark Web markets to allow you to take action before cybercriminals do. SEE DARK WEB ID IN ACTION>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.