The Week in Breach: The One In Where We Argue that You NEED 2FA – Again

Make sure to add us or contact us for the latest news

Real-Time Service Alerts




2FA is Becoming a Requirement – Not a Suggestion

Your IT team wasn’t ‘crying wolf’ – they were more like the canary in the coal mine.

In this week’s featured briefing – we touch on the critical nature of having 2FA (at a minimum) implemented within your company’s environment.

Our CEO speaks to our article about 2FA requirements (found here). Security is at the forefront of ‘all things IT’ for the foreseeable future. Multi-factor authentication is an easy way to thwart would-be ‘bad actors’. Here is what Dan Gilligan has to say about it.

Dark Web ID’s Top Threats This Week


 

United Nations

https://www.infosecurity-magazine.com/news/hackers-steal-data-from-united/

Exploit: Credential Compromise

United Nations: Global Intergovernmental Organization

cybersecurity news represented by agauge showing severe risk

Risk to Business: 1.623 = Severe

 

Hackers have broken into the computer network of the United Nations and made off with data. The unidentified cybercriminals responsible for the hit appear to have gained access using employee login credentials stolen from a UN employee. Reports say that the bad actors logged into the employee’s Umoja account, the enterprise resource planning system implemented by the UN in 2015. This intrusion took place over an extended period of time. Investigators determined that the UN’s systems were first accessed by hackers on April 5, 2021, and that network intrusions continued to take place until August 7.

Individual Impact: No information was available at press time to clarify what type of data was stolen.

Customers Impacted: Unknown

How It Could Affect Your Business: This is a big target that regularly handles and sensitive data. The fact that it took several months to detect an intrusion is worrying.

IntegraMSP to the Rescue: Building cyber resilience helps insulate organizations from trouble like this. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>>


Texas Right to Life

https://techcrunch.com/2021/09/07/texas-right-to-life-website-exposed-job-applicants-resumes/

Exploit: Misconfiguration

DuPage Medical Group: Healthcare Practice

cybersecurity news represented by a gauge indicating moderate risk

Risk to Business: 2.636 = Moderate

Anti-choice political action group Texas Right to Life is in hot water after it exposed the personal information of hundreds of job applicants on its website. Investigators have blamed a configuration error that allowed anyone to access all applicants’ resumes, which were stored in an unprotected directory. No additional information appears to have been exposed.

cybersecurity news represented by a gauge indicating moderate risk

Individual Risk: 2.712 = Moderate

Job applicants had names, phone numbers, addresses and details of their employment history exposed, as the data included complete resumes for approximately 300 people..

Customers Impacted: 300 job applicants

How It Could Affect Your Business Sloppy setups are responsible for too any data breaches. Establishing a strong cybersecurity culture combats this problem.

IntegraMSP to the Rescue: Gamify cybersecurity and information safety to make it interesting. Our Security Awareness Champion’s Guide helps explain complex risks in a fun way! DOWNLOAD IT>>


Dotty’s

https://portswigger.net/daily-swig/data-breach-at-us-restaurant-and-gambling-chain-dottys-may-have-leaked-sensitive-customer-information

Exploit: Ransomware

Dotty’s: Fast Food Restaurant and Gambling Parlor Chain

cybersecurity news gauge indicating extreme risk

Risk to Business: 1.673=Severe

Dotty’s, a fast food chain that offers gambling services across 175 locations, has experienced a cyberattack that severely impacted operations. The chain, owned and operated by Nevada Restaurant Services, announced that malware was discovered on some computer systems that allowed cybercriminals to access and copy customer data including some highly sensitive material.

cybersecurity news gauge indicating extreme risk

Individual Risk: 1.673=Severe

The data snatched includes customer names, dates of birth, Social Security numbers, driver’s license or state ID numbers, passport numbers, financial account and/or routing numbers, health insurance information, treatment information, biometric data, medical records, taxpayer-identification numbers, and credit card numbers and/or expiration dates. Impacted customers are being informed by mail.

Customers Impacted:

How It Could Affect Your Business When a company fails to keep highly sensitive data like this safe, it’s going to give customers and partners pause.

IntegraMSP to the Rescue: What happens when you pay a ransom? Nothing good. See how the cash shakes down and how gangs make their money in Ransomware Exposed!. DOWNLOAD IT>>


1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.