The Week in Breach – Remote Workers Feeling the Stress

Make sure to add us or contact us for the latest news

The Week in Breach: Featured Threat


Remote Workers Change A Company’s Risk Calculus


The rapid transition to a fully remote workforce was an unexpected twist to the story of cybersecurity in 2020, but most companies were able to successfully make the shift, even during a disaster. Unfortunately, many companies also found out that their cybersecurity plans, solutions stack, and user training didn’t always keep up, leaving remote workforce vulnerabilities.

Tessian’s Psychology of Human Error Report surveyed 1,000 workers in the UK and 1,000 workers in the US at the height of the coronavirus outbreak in April 2020, to reveal how the effects of the increased stress, distraction, and workplace disruption led to cybersecurity danger.

Key Statistics

The big takeaway: New circumstances, like suddenly supporting a remote workforce, bring new cybersecurity challenges that IT teams need to be able to respond to quickly to proactively mitigate potential risks.

Contact IntegraMSP

to ‘LEVEL UP’ Your Security

 

The Week in Breach: Staples leaves a door open for cybercriminals, Razer misclicks a database failing to secure user information, ransomware and skimming are causing trouble worldwide, and a new threat intelligence tool is available to arm you for the fight against phishing.

The Week in Breach – United States


United States –  American Payroll Association

https://www.infosecurity-magazine.com/news/skimming-attack-hits-american/?&web_view=true

Exploit: Skimming

American Payroll Association: Professional Organization

cybersecurity news represented by a gauge showing severe risk & Breach News This Week

Risk to Business: 2.087 = Severe

The American Payroll Association just notified its members that it has suffered a breach. Threat actors installed skimming malware on both the login web page of the APA website and the checkout section of the association’s online store by exploiting a vulnerability in the APA’s content management system. It was discovered around July 13, but before it could be removed unauthorized individuals gained access to information including first and last names, email address, job title/role, primary job function, company structure, gender; date of birth, address (either business or personal), including country, province or state, city, and postal code, company name and size, industry details, and the types of payroll and attendance software used at the member’s company.

cybersecurity news represented by a gauge showing severe risk & Breach News This Week

Individual Risk: 2.404 = Severe

Information like job title, company structure, personal contact details, and more from this breach can be used to construct spear phishing attacks. Victims of the data breach have been offered 12 months of free credit monitoring and $1,000,000 in identity theft insurance by APA.

Customers Impacted: 21,000

How it Could Affect Your  Business: Malware is commonly delivered via a phishing email, but can also directly infect systems, stealing credit card data and PII that impacts large swathes of customers. Cutting off access from infection points is a vital defense.

IntegraMSP to the Rescue: Passly is the solution to prevent unauthorized access to important things. Our affordable secure identity and access management tool includes single sign on launchpads for every user, making it easy for IT staff to remove privileged access if a user account is compromised. LEARN MORE>>


United States – Staples

https://www.bleepingcomputer.com/news/security/staples-discloses-data-breach-exposing-customer-info/?&web_view=true

Exploit: Unauthorized Access

Staples: Office Supply Retailer

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.702 = Moderate

Staples has notified some customers of a cybersecurity incident that occurred earlier this month around 9/02 and consisted of unauthorized access to a system. Little information is available, but the event. The letter notes that “a limited amount” of order data for customers of Staples.com was obtained, and may contain names, addresses, email addresses, phone numbers, last four credit card digits, details about the order (delivery, cost, product), and other non-sensitive information.

Individual Risk: No information about whether the customers impacted were corporate accounts or consumer retail purchasers is available.

Customers Impacted: Unknown

How it Could Affect Your Business Unauthorized access to data can be a deliberate inside attack or an employee accident, but it’s always a problem that opens you up to a cascade of potential headaches.

IntegraMSP to the Rescue: Data like this lives on in Dark Web markets, providing fuel for cyberattacks like phishing and credential stuffing. By choosing a strong digital risk protection platform, you can reduce your risk of cyberattacks. SEE HOW IT WORKS>>


United States – SeaChange International

https://www.bleepingcomputer.com/news/security/leading-us-video-delivery-provider-confirms-ransomware-attack/?&web_view=true

Exploit: Ransomware

SeaChange International: Video on Demand Provider

cybersecurity news represented by a gauge showing severe risk Breach News This Week

Risk to Business: 2.133 = Severe

Video on demand provider SeaChange is the latest victim of REvil ransomware. The gang posted a claim for an attack earlier this year that included a US Department of Defense video on demand proposal. The attack is believed to have occurred in April 2020, and included sensitive business information about contracts, proposals, and other proprietary data.

Individual Risk: No individual or consumer data was reported as exposed in this incident.

Customers Impacted: Unknown

How it Could Affect Your Business: Corporate secrets are a huge market, and attacks like this are on the rise with the growth of “as a service” cybercrime. Extra protection must be provided for proprietary data, especially when a company handles sensitive information.

IntegraMSP to the Rescue:  This information will likely end up in a Dark Web data dump, serving as ammunition for future spear phishing attempts. BullPhish ID helps train staffers to spot and stop spear phishing . REQUEST A DEMO>>


United States – Magento

https://www.bleepingcomputer.com/news/security/magento-stores-hit-by-largest-automated-hacking-attack-since-2015/?&web_view=true

Exploit: Skimming (MageCart)

Magento: eCommerce Platform

cybersecurity news represented by a gauge showing severe risk & Breach News This Week

 

Risk to Business: 1.775 = Severe

Adobe’s Magento platform experienced a nasty skimming attack last weekend that compromised almost 2,000 online stores this with MageCart malware to steal credit cards. The attack started Friday when ten stores were infected with a credit card skimming script, then ramped up on Saturday with 1,058 sites hacked, 603 more on Sunday, and an additional 233 on Monday to finish out a long weekend of cybercrime. The hacked shops were using Magento version 1, which ended support in June.

cybersecurity news represented by a gauge showing severe risk & Breach News This Week

 

Individual Risk: 1.872 = Severe

No details have been provided about which stores were impacted. Anyone who made a purchase over the weekend from a store powered by Adobe Magento should be alert for credit card fraud

Customers Impacted: Unknown

How it Could Affect Your Business: When you’re running a hosting platform, especially one that empowers financial transactions, clients expect you to have cybersecurity under control, and will be less likely to do business with a company that fails at that basic requirement.

IntegraMSP to the Rescue: Our digital risk protection platform has you covered, with tools that allow you to monitor credentials, control access, and guard against phishing .LEARN MORE>>


USA – Equinix

https://securityboulevard.com/2020/09/netwalker-ransomware-operators-want-4-5-million-from-data-center-giant-equinix/

Exploit: Ransomware

Equinix: Data Center Operator

cybersecurity news represented by a gauge showing severe risk & Breach News This Week

 

Risk to Business: 2.816 = Severe

Netwalker ransomware made itself at home at data center giant Equinix, and the cybercriminals gang responsible is asking for $4.5 million to move out. The  attack occurred over the US Labor Day holiday weekend, and appears to impact Equinix’s Australian clients most heavily. An accompanying screenshot showing a sample of the encrypted/stolen data includes folders of financial information, payroll, accounting, audits, and data center reports.

Individual Risk: No individual information was reported as compromised, but that could be a future consequence as events unfold.

Customers Impacted: Unknown

How it Could Affect Your Business: Once again, a professional services provider fails to protect customer information by failing to resist a phishing attack – and this time they’re in the information business. That could put future clients off.

IntegraMSP to the Rescue: Our digital risk protection platform has you covered, with tools that allow you to monitor credentials, control access, and guard against phishing .LEARN MORE>>


United States – Razer

https://www.infosecurity-magazine.com/news/razer-gaffe-exposes-customer-data/?&web_view=true

Exploit: Unsecured Database

Razer: Gaming Hardware and eServices Company

cybersecurity news represented by agauge showing severe risk New This Week in Cybersecurity News Breach News This Week

Risk to Business: 2.307 = Severe

An unsecured Elasticsearch cluster is the culprit in a sloppy data leak at gaming equipment leader Razer. More than 100K customers had data including their full name, email, phone number, customer internal ID, order number, order details, and billing and shipping address exposed in the incident.

cybersecurity news represented by agauge showing severe risk

Individual Risk: 2.347 = Severe

While no financial information was exposed, the data that was leaked could be used in spear phishing attacks.

Customers Impacted: 100,000

How it Could Affect Your Business: An unlocked database like this is a treasure trove for cybercriminals – and a rookie mistake by a tech company. It’s a ding on Razer’s reputation.

IntegraMSP to the Rescue: Information like this lives forever on the Dark Web. Dark Web ID provides 24/7/365 protection to user credentials alerting you if they appear in Dark Web markets. REQUEST A DEMO>>


United States – Digital Point

https://www.zdnet.com/article/webmaster-forum-database-exposed-data-of-800000-users/#ftag=RSSbaffb68?&web_view=true

Exploit: Unsecured Database

Digital Point: Webmaster Community Platform

cybersecurity news represented by agauge showing severe risk New This Week in Cybersecurity News Breach News This Week

Risk to Business: 2.303 = Severe

in July 2020, an internet researcher found an unsecured Elasticsearch database containing over 62 million records. In total, data belonging to 863,412 Digital Point users was included in the leak. Names, email addresses, and internal user ID numbers for forum users were made publicly available. The leak also exposed details for thousands of internal records and reported user posts.

cybersecurity news represented by agauge showing severe risk

 

Individual Risk: 2.787 = Severe

While no financial information was exposed, but the data that was exposed, especially the post data, could be used in spear phishing attacks.

Customers Impacted: 863,412

How it Could Affect Your  Business: An unsecured database points to sloppy data handling practices at a company, making customers or users less likely to want to trust that company with their personal information in the future.

IntegraMSP to the Rescue: Data like this lives on in Dark Web markets, providing fuel for cyberattacks like phishing and credential stuffing. By choosing a strong digital risk protection platform, you can reduce your risk of cyberattacks. SEE HOW IT WORKS>>

The Week in Breach Risk Levels


1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.