Make sure to add us or contact us for the latest news
 |
 |
 |
 |
 |
 |
 |
The Week in Breach: Featured Threat
Remote Workers Change A Company’s Risk Calculus
The rapid transition to a fully remote workforce was an unexpected twist to the story of cybersecurity in 2020, but most companies were able to successfully make the shift, even during a disaster. Unfortunately, many companies also found out that their cybersecurity plans, solutions stack, and user training didn’t always keep up, leaving remote workforce vulnerabilities.
Tessian’s Psychology of Human Error Report surveyed 1,000 workers in the UK and 1,000 workers in the US at the height of the coronavirus outbreak in April 2020, to reveal how the effects of the increased stress, distraction, and workplace disruption led to cybersecurity danger.
Key Statistics
- 52% of respondents said they were more error-prone due to stress
- 41% said they made more mistakes when they felt tired
- 42% said their mistakes were often caused by distraction
- 43% of employees reported that they had made mistakes resulting in cybersecurity repercussions for themselves or their company
- 57% of workers noted that they were more distracted when working from home
- 1 in 4 said they’d fallen for a phishing attack
- 47% of respondents cited distraction as the reason why they fell for a phishing attack
- 44% cited fatigue as a top reason for sending an email to the wrong person
The big takeaway: New circumstances, like suddenly supporting a remote workforce, bring new cybersecurity challenges that IT teams need to be able to respond to quickly to proactively mitigate potential risks.
Contact IntegraMSPto ‘LEVEL UP’ Your Security |
 |
The Week in Breach: Staples leaves a door open for cybercriminals, Razer misclicks a database failing to secure user information, ransomware and skimming are causing trouble worldwide, and a new threat intelligence tool is available to arm you for the fight against phishing.
The Week in Breach – United States
United States – American Payroll Association
https://www.infosecurity-magazine.com/news/skimming-attack-hits-american/?&web_view=true
Exploit: Skimming
American Payroll Association: Professional Organization
Risk to Business: 2.087 = Severe
The American Payroll Association just notified its members that it has suffered a breach. Threat actors installed skimming malware on both the login web page of the APA website and the checkout section of the association’s online store by exploiting a vulnerability in the APA’s content management system. It was discovered around July 13, but before it could be removed unauthorized individuals gained access to information including first and last names, email address, job title/role, primary job function, company structure, gender; date of birth, address (either business or personal), including country, province or state, city, and postal code, company name and size, industry details, and the types of payroll and attendance software used at the member’s company.
Individual Risk: 2.404 = Severe
Information like job title, company structure, personal contact details, and more from this breach can be used to construct spear phishing attacks. Victims of the data breach have been offered 12 months of free credit monitoring and $1,000,000 in identity theft insurance by APA.
Customers Impacted: 21,000
How it Could Affect Your Business: Malware is commonly delivered via a phishing email, but can also directly infect systems, stealing credit card data and PII that impacts large swathes of customers. Cutting off access from infection points is a vital defense.
IntegraMSP to the Rescue: Passly is the solution to prevent unauthorized access to important things. Our affordable secure identity and access management tool includes single sign on launchpads for every user, making it easy for IT staff to remove privileged access if a user account is compromised. LEARN MORE>>
United States – Staples
Exploit: Unauthorized Access
Staples: Office Supply Retailer
Risk to Business: 2.702 = Moderate
Staples has notified some customers of a cybersecurity incident that occurred earlier this month around 9/02 and consisted of unauthorized access to a system. Little information is available, but the event. The letter notes that “a limited amount” of order data for customers of Staples.com was obtained, and may contain names, addresses, email addresses, phone numbers, last four credit card digits, details about the order (delivery, cost, product), and other non-sensitive information.
Individual Risk: No information about whether the customers impacted were corporate accounts or consumer retail purchasers is available.
Customers Impacted: Unknown
How it Could Affect Your Business Unauthorized access to data can be a deliberate inside attack or an employee accident, but it’s always a problem that opens you up to a cascade of potential headaches.
IntegraMSP to the Rescue: Data like this lives on in Dark Web markets, providing fuel for cyberattacks like phishing and credential stuffing. By choosing a strong digital risk protection platform, you can reduce your risk of cyberattacks. SEE HOW IT WORKS>>
United States – SeaChange International
Exploit: Ransomware
SeaChange International: Video on Demand Provider
Risk to Business: 2.133 = Severe
Video on demand provider SeaChange is the latest victim of REvil ransomware. The gang posted a claim for an attack earlier this year that included a US Department of Defense video on demand proposal. The attack is believed to have occurred in April 2020, and included sensitive business information about contracts, proposals, and other proprietary data.
Individual Risk: No individual or consumer data was reported as exposed in this incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Corporate secrets are a huge market, and attacks like this are on the rise with the growth of “as a service” cybercrime. Extra protection must be provided for proprietary data, especially when a company handles sensitive information.
IntegraMSP to the Rescue: This information will likely end up in a Dark Web data dump, serving as ammunition for future spear phishing attempts. BullPhish ID helps train staffers to spot and stop spear phishing . REQUEST A DEMO>>
United States – Magento
Exploit: Skimming (MageCart)
Magento: eCommerce Platform
Risk to Business: 1.775 = Severe
Adobe’s Magento platform experienced a nasty skimming attack last weekend that compromised almost 2,000 online stores this with MageCart malware to steal credit cards. The attack started Friday when ten stores were infected with a credit card skimming script, then ramped up on Saturday with 1,058 sites hacked, 603 more on Sunday, and an additional 233 on Monday to finish out a long weekend of cybercrime. The hacked shops were using Magento version 1, which ended support in June.
Individual Risk: 1.872 = Severe
No details have been provided about which stores were impacted. Anyone who made a purchase over the weekend from a store powered by Adobe Magento should be alert for credit card fraud
Customers Impacted: Unknown
How it Could Affect Your Business: When you’re running a hosting platform, especially one that empowers financial transactions, clients expect you to have cybersecurity under control, and will be less likely to do business with a company that fails at that basic requirement.
IntegraMSP to the Rescue: Our digital risk protection platform has you covered, with tools that allow you to monitor credentials, control access, and guard against phishing .LEARN MORE>>
USA – Equinix
Exploit: Ransomware
Equinix: Data Center Operator
Risk to Business: 2.816 = Severe
Netwalker ransomware made itself at home at data center giant Equinix, and the cybercriminals gang responsible is asking for $4.5 million to move out. The attack occurred over the US Labor Day holiday weekend, and appears to impact Equinix’s Australian clients most heavily. An accompanying screenshot showing a sample of the encrypted/stolen data includes folders of financial information, payroll, accounting, audits, and data center reports.
Individual Risk: No individual information was reported as compromised, but that could be a future consequence as events unfold.
Customers Impacted: Unknown
How it Could Affect Your Business: Once again, a professional services provider fails to protect customer information by failing to resist a phishing attack – and this time they’re in the information business. That could put future clients off.
IntegraMSP to the Rescue: Our digital risk protection platform has you covered, with tools that allow you to monitor credentials, control access, and guard against phishing .LEARN MORE>>
United States – Razer
https://www.infosecurity-magazine.com/news/razer-gaffe-exposes-customer-data/?&web_view=true
Exploit: Unsecured Database
Razer: Gaming Hardware and eServices Company
Risk to Business: 2.307 = Severe
An unsecured Elasticsearch cluster is the culprit in a sloppy data leak at gaming equipment leader Razer. More than 100K customers had data including their full name, email, phone number, customer internal ID, order number, order details, and billing and shipping address exposed in the incident.
Individual Risk: 2.347 = Severe
While no financial information was exposed, the data that was leaked could be used in spear phishing attacks.
Customers Impacted: 100,000
How it Could Affect Your Business: An unlocked database like this is a treasure trove for cybercriminals – and a rookie mistake by a tech company. It’s a ding on Razer’s reputation.
IntegraMSP to the Rescue: Information like this lives forever on the Dark Web. Dark Web ID provides 24/7/365 protection to user credentials alerting you if they appear in Dark Web markets. REQUEST A DEMO>>
United States – Digital Point
Exploit: Unsecured Database
Digital Point: Webmaster Community Platform
Risk to Business: 2.303 = Severe
in July 2020, an internet researcher found an unsecured Elasticsearch database containing over 62 million records. In total, data belonging to 863,412 Digital Point users was included in the leak. Names, email addresses, and internal user ID numbers for forum users were made publicly available. The leak also exposed details for thousands of internal records and reported user posts.
Individual Risk: 2.787 = Severe
While no financial information was exposed, but the data that was exposed, especially the post data, could be used in spear phishing attacks.
Customers Impacted: 863,412
How it Could Affect Your Business: An unsecured database points to sloppy data handling practices at a company, making customers or users less likely to want to trust that company with their personal information in the future.
IntegraMSP to the Rescue: Data like this lives on in Dark Web markets, providing fuel for cyberattacks like phishing and credential stuffing. By choosing a strong digital risk protection platform, you can reduce your risk of cyberattacks. SEE HOW IT WORKS>>
The Week in Breach Risk Levels
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.