Week in Breach
This Week in Breach News: Mystery cyberattacks do massive damage to Barnes & Noble, Robinhood, and the Hackney Borough Council, Dickie’s Barbecue gets served some skimming trouble, and ransomware puts a beloved Indian snack food brand in danger – plus a deep dive into the Dark Web to jumpstart your 2021 planning.
The Week in Breach News: Dark Web ID’s Top Threats This Week
- Top Source Hits: ID Theft Forum
- Top Compromise Type: Domain
- Top Industry: Education & Research
- Top Employee Count: 501+
The Week in Breach News – United States
United States – Barnes & Noble
https://boston.cbslocal.com/2020/10/15/barnes-noble-cyberattack-hack-data-breach-personal-info/
Exploit: Malware
Barnes & Noble: Bookseller
Risk to Business: 1.411 = Extreme
Barnes & Noble has been starring in its own horror story in the last week, as a massive network outage for its Nook customers rolled into the discovery of a massive cyberattack. The bookseller informed customers on Monday that it had experienced a data breach that exposed customers’ transaction histories and PII. Recovery and restoration efforts are underway. It’s unknown if the Nook outage was a facet of the data breach or unrelated.
Individual Risk: 2.206 = Severe
Barnes & Noble says that the only data stolen was transaction history information, names, and email addresses. The company doesn’t anticipate that any financial information was stolen, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: No one can afford a data breach right now, not even a corporate giant. incidents that impact online sales are especially problematic as online sales remain a focus area during the pandemic.
ID Agent to the Rescue: Strengthening gateway security is a good data loss prevention strategy. Passly guards against intrusion with cracked, stolen or compromised passwords by adding simple but effective secure identity and access management protection. LEARN MORE>>
United States – Intcomex
Exploit: Ransomware
Intcomex: Managed Services Provider
Risk to Business: 1.772 = Severe
The Miami-based managed services provider suffered a huge data breach, exposing nearly 1Tb of very sensitive data. The leaked data contains a collection called “Internal Audit” at 16.6GB, and “Finance_ER” totaling 18GB. The most recent data was from July 2020. The data included credit cards, license scans, payroll, customer databases, and more. The company serves more than 50,000 resellers in over 41 countries.
Individual Risk: No individual information was reported as compromised in this incident, although the potential is there. No details about the uncovered data are available.
Customers Impacted: up to 50,000
How it Could Affect Your Customers’ Business Third party data breaches are a big risk to every business these days. Even if you’re keeping your company’s sensitive data secure, your vendors might not be.
ID Agent to the Rescue: Dark Web ID keeps your business credentials safe by monitoring the Dark Web 24/7/365 to alert you right away if your protected credentials show up in a Dark Web data dump. LEARN MORE>>
United States – Robinhood
https://nypost.com/2020/10/16/hackers-broke-into-nearly-2000-robinhood-trading-accounts/
Exploit: Hacking/Database Intrusion
Robinhood: Investment App
Risk to Business: 1.552 = Extreme
Robinhood informed its users last week that hackers had obtained access to funds and information in some of its accounts. The firm claims that there was no intrusion and that customer email addresses were compromised outside of the app, giving cybercriminals the ability to steal money and data, but investigators and clients say that’s not possible, citing the fact that most accounts were protected with MFA.
Individual Risk: 1.412 = Extreme
Personal and financial information about users was accessible and potentially stolen by hackers, and some users had money stolen directly from their accounts. Users should assume that their accounts have been compromised and act accordingly.
Customers Impacted: 2,000
How it Could Affect Your Customers’ Business: Providing services that use highly sensitive information implies that you’re using the best technology to keep that data safe – especially at a fintech startup.
ID Agent to the Rescue: Keep data safer by reducing the ways that thieves can get to it. With single sign-on through passly, each employee has their own personalized LaunchPad, making it easy for IT staff to secure access points. LEARN MORE>>
United States – Dickie’s Barbecue Pit
https://www.zdnet.com/article/card-details-for-3-million-dickeys-customers-posted-on-carding-forum/
Exploit: Malware/Skimming
Dickie’s Barbecue Pit: Restaurant Chain
Risk to Business: 1.691 = Severe
Dickie’s Barbecue Pit has been serving up a side of skimming to every customer. Between August 2019 and July 2020, cybercriminals were operating skimmers at 156 of Dickey’s 469 locations in 30 states, with the highest exposure in California and Arizona. The breach was discovered by cybersecurity monitors after hackers began advertising the data stash for sale as “Blazingsun”.
Individual Business: 1.771 = Severe
Customers who made purchases at Dickie’s Barbecue Pit during that window have likely experienced a credit card compromise and should contact their card issuer for guidance.
Customers Impacted: 3 million
How it Could Affect Your Customers’ Business: The number one cause of a data breach is human error. Failing to keep up with security awareness and phishing resistance training leads to expensive cybersecurity disasters.
ID Agent to the Rescue: The ID Agent digital risk protection platform enables organizations of any size to implement security awareness training painlessly at a great price. LEARN MORE>>
United States – Nez Pierce Tribal Casinos
Exploit: Ransomware
Nez Pierce Tribal Casinos: Gambling Parlors
Risk to Business: 2.002 = Severe
Two popular casinos owned and operated by the Nez Peirce Native American tribe were hit with ransomware, resulting in a complete shutdown for at least a week. Systems were frozen at both the tribe’s Clearwater River Casino near Lewiston and the Ye-Ye Casino at Kamiah in Idaho. Restoration efforts and investigations are underway, but the casinos are expected to reopen imminently.
Individual Risk: No personal data has been reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Attacks aren’t always about stealing data. Ransomware is a devastating weapon that bad actors are using to shut down businesses too., and that can sometimes be even worse.
ID Agent to the Rescue: Learn how to protect systems and data from ransomware in our eBook “Ransomware 101“. DOWNLOAD IT NOW>>
The Week in Breach News – Canada
Canada – Municipality of Westlake-Gladstone
https://winnipeg.ctvnews.ca/nearly-450k-stolen-from-manitoba-municipality-in-cyber-attack-1.5146916
Exploit: Hacking/Intrusion
Municipality of Westlake-Gladstone: Local Government
Risk to Business: 2.309 = Severe
Nearly $450K was snatched from the operating account of this Manitoba municipality in a hacking incident that could be the result of an insider threat. The money was stolen in a series of withdrawals or transfers beginning in November 2019 and continuing until at least January 2020.
Individual Risk: No individual information has been reported as compromised in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Schemes like this are often the result of a business email compromise scam. It’s a devastating variant of phishing that preys on business relationships- and it’s consequently more devastating.
ID Agent to the Rescue: Prevent business email compromise by boosting phishing resistance training for everyone, including executives who are frequently targeted in these scams. SEE BULLPHISH ID IN ACTION>>
The Week in Breach News – United Kingdom & European Union
United Kingdom – Hackney Borough Council
https://www.zdnet.com/article/serious-cyberattack-hits-london-council/
Exploit: Ransomware
Hackney Borough Council: Municipal Government
Risk to Business: 1.334 = Extreme
A devastating cyberattack shut down operations at websites for the Hackney Borough Council, bringing everything from bill payments to services for the elderly and vulnerable to a halt briefly. Many functions have been restored, but some business is still impacted. The incident has also been reported to the Information Commissioner’s Office (ICO). Experts from theNational Cyber Security Centre (NCSC), the National Crime Agency (NCA), external security experts, and the Ministry of Housing, Communities and Local Government are also assisting with investigation and recovery. The incident shows hallmarks of ransomware.
Individual Risk: No personal or financial data is reported as stolen or compromised in this incident
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Attacks on municipalities and municipal service providers have become more rare- and more damaging, especially from nation-state hackers and other highly organized cybercrime gangs.
ID Agent to the Rescue: When ransomware comes calling, it’s usually part of a phishing attack. BullPhish ID is key to preventing these incidents, with 4 new plug-and-play phishing kits added every month to keep you up to date on the latest threats. LEARN MORE>>
Sweden – Panion
https://cybernews.com/security/social-media-app-leaking-data-of-172000-users/
Exploit: Unsecured Database
Panion: Social Media App
Risk to Business: 2.337 = Severe
Swedish social media app Panion committed an unfriendly blunder by failing to secure an AWS bucket, leaving personal information for its users exposed. All told, about 2.5 million user records were exposed. The data included full names, email addresses, genders, interests, location coordinates, and last login dates, as well as selfies and document photos.
Individual Risk: 2.227 = Severe
Users should be aware that their location data has been exposed, as well as personal information that can empower spear phishing attacks or other crimes.
Customers Impacted: 2 Million
How it Could Affect Your Customers’ Business: Don’t make rookie mistakes. Companies that leave databases open tell their clients that they’re not committed to using cybersecurity best practices, making clients less likely to do business with them.
ID Agent to the Rescue: Start using Passly for staff access to databases and files. If everyone who needs access can be given it quickly, it eliminates the chance of people taking shortcuts like not locking a database. . SEE PASSLY AT WORK>>
The Week in Breach News – Australia & New Zealand
Australia – Kleenheat
https://www.zdnet.com/article/kleenheat-customer-names-and-addresses-exposed-in-system-breach/
Exploit: Unsecured Database
Kleenheat: Energy Company
Risk to Business: 2.894 = Moderate
Australia’s Kleenheat is warning customers that they may have had data exposed in a breach at a third party vendor. The data was collected and stored in 2014, and in a system that is no longer in use at a former data storage partner.
Individual Risk: 2.822 = Moderate
Clients impacted in the breach had what the company characterizes as general information exposed including names, residential addresses, and email addresses.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Third party exposures aren’t just a risk for your business, they’re also a risk for your customers. Failing to provide quality security on data storage can expose you and your clients to unwanted consequences.
ID Agent to the Rescue: Data like the kind stolen in this breach lives forever on the Dark Web. Be certain that your staff’s credentials aren’t hanging around on the Dark Web from a past exposure with Dark Web ID. SEE DARK WEB ID AT WORK>>
Australia – Containerchain
Exploit: Ransomware
Containerchain: Logistics Platform
Risk to Business: 1.921 = Severe
In yet another attack on freight and transport, Containerchain was hit with a ransomware attack. Systems for its shipping customers were briefly shut down entirely but were restored quickly. The company does not believe that significant data was lost and noted that impacted customers (if any) would be in AU, NZ, SG, and MY. The investigation is ongoing.
Individual Impact: No personal data was exposed in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: A spate of recent attacks against shipping, transportation, and logistics targets has raised fears of potential cyberwarfare targets and put these essential parts of our infrastructure on notice that their cybersecurity is vital to operations.
ID Agent to the Rescue: Our digital risk protection platform offers businesses multiple tools for securing their systems and data, even from unexpected dangers. LEARN MORE>>
The Week in Breach – Asia
India – Haldiram’s Snacks
Exploit: Ransomware
Haldiram’s Snacks: Snack Food Manufacturer
Risk to Business: 1.451 = Extreme
Beloved Indian snack food maker Halidram’s has been hit with a ransomware attack that has brought chaos to its business and manufacturing arms. Bad actors encrypted much of the company’s essential data between October 12 and October 13, demanding a ransom payment for release. The negotiation, recovery, and investigation is ongoing.
Individual Risk: No individual information was reported as impacted in this incident.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware typically arrives as the nasty cargo of a phishing email. Phishing is today’s biggest cybersecurity risk, and this kind of damage is exactly what makes it every IT professional’s nightmare
ID Agent to the Rescue: Staffers only retain what they learned from security awareness training for approximately 4 months. Refresh that regularly with BullPhish ID to reduce the chance of your business falling prey to a ransomware gang. SEE A DEMO>>
The Week in Breach News Guide to Our Risk Scores
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
