Week in Breach
Cybercriminals leak the PII of millions of professionals in a new LinkedIn breach, an unwelcome visit by nation-state hackers exposes data at BlueCross BlueShield DC and kicking off Supply Chain Security Month with fresh tips for mitigating two major third-party and supply chain risks plus handy resources to brush up on it!
United States – CareFirst BlueCross BlueShield Community Health Plan District of Columbia (CHPDC)
Exploit: Nation-State Hacking
CareFirst BlueCross BlueShield Community Health Plan District of Columbia (CHPDC): Insurer
Risk to Business: 1.761= Severe
CareFirst BlueCross BlueShield’s Community Health Plan District of Columbia (CHPDC) has announced a data breach carried out by what it described as a “foreign cybercriminal” group. The insurer confirmed that sensitive information about members was snatched and that they’ve notified authorities including the FBI and the Office of the Attorney General for the District of Columbia
Individual Risk : 1.603 = Severe
In a written notification to customers, CHPDC noted that the stolen information may have included names, addresses, phone numbers, dates of birth, Medicaid identification numbers, and other medical information. The company is offering free two-year credit and identity theft monitoring and a website with more information on help for consumers.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business: Nation-state cyberattack risks aren’t just a problem for government and military targets anymore. These clever cybercriminals will exploit any opening fast.
ID Agent to the Rescue: Make sure that everyone on the IT team is up to date on today’s threats and ready for tomorrow’s with the tips and tricks in “The Security Awareness Champion’s Guide“. GET THIS FREE BOOK>>
United States – Office Depot
https://www.websiteplanet.com/blog/office-depot-leak-report/
Exploit: Unsecured Database
Office Depot: Business Supply Retailer
Risk to Business: 1.803 = Severe
Security researchers discovered a non-password-protected Elasticsearch database belonging to Office Depot that contained just under a million records. The exposed records were labeled as “Production” and contained customer information, file logs and other internal records for European customers, primarily in Germany. The company has addressed the issue.
Individual Risk: 2.267 = Severe
The exposed data includes names, phone numbers, physical addresses (home and/or office), @members.ebay addresses, and hashed passwords. The leak also exposed Marketplace logs and order history, exposing the customers’ past purchases and costs from European customer records.
Customers Impacted: 533 million
How it Could Affect Your Customers’ Business Cybercriminals will benefit from this trove. Data like this is transacted every day on the dark web, providing ample ammunition for future cyberattacks and fraud.
ID Agent to the Rescue: Dark Web ID alerts businesses to credential compromise fast, giving them the edge to fix vulnerabilities before the bad guys even know they’re there. WATCH A VIDEO DEMO>>
United States – LinkedIn
Exploit: Hacking
LinkedIn: Social Media Network
Risk to Business: 1.612 = Severe
Bad actors have dropped notice that they’ve obtained an archive containing data purportedly scraped from 500 million LinkedIn profiles. A sample of data was posted on a popular hacker forum, with another 2 million records leaked as proof of the haul. More than 780,000 email addresses are associated with this leak. The initial listing contained 4 archives, but after LinkedIn denied the data breach, threat actors updated their ad to include 6 additional archives that allegedly include 327 million scraped LinkedIn profiles, putting the overall number of scraped profiles at 827 million including potential duplicates.
Individual Risk: 2.309 = Severe
This mass of leaked files contains PII about LinkedIn users including LinkedIn IDs, full names, email addresses, phone numbers, genders, links to LinkedIn profiles, links to other social media profiles, professional titles and other work-related data.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Following hard on the heels of last week’s Facebook breach social media risks are multiplying fast and growing serious for businesses.
ID Agent to the Rescue: Dark web danger is growing for businesses as millions of records scraped from social media dues land in dark web markets create new vulnerabilities. PROTECT YOUR BUSINESS>>
United States – Personal Touch Holding Corp. (PTHC)
Exploit: Hacking
Personal Touch Holding Corp. (PTHC): Home Healthcare Provider
Risk to Business: 1.241 = Extreme
New York based medical services provider PTHC has announced a data breach impacting patients. The conglomerate operates Medicare-certified home health agencies, licensed home care service agencies, hospice at home services and Early Intervention Programs, as well as a managed care plan in New York. Both patient data and Member information has been impacted. The incident is under investigation.
Individual Risk: 1.412 = Extreme
Exposed patient information may include medical treatment information, insurance card and health plan benefit numbers, medical record numbers, first and last name, address, telephone numbers, date of birth, Social Security number, and financial information, including check copies, credit card numbers, and bank account information. Leaked Member information may include Medicaid ID number, ID number, provider name, clinical/medical information, first and last name, address, telephone number, date of birth, Social Security numbers, and credit card numbers and/or banking information if members paid their Medicaid surplus through credit card or check.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This breach isn’t just going to cost a fortune to fix now – it’s also likely to incur a hefty regulatory penalty from state and federal authorities.
ID Agent to the Rescue: Make sure that you’re covering all of the bases to avoid breaches and nasty regulatory action with our Cybersecurity Risk Protection Checklist. GET THE CHECKLIST>>
Ireland – National College of Ireland (NCI)
Exploit: Ransomware
National College of Ireland (NCI): Institution of Higher Learning
Risk to Business: 2.463 = Severe
Ransomware shut down operations briefly at the National College of Ireland (NCI). School officials announced significant disruption to IT services that has impacted a number of college systems, including Moodle, the Library service and the current students’ MyDetails service. Access to NCI’s IT systems was suspended and the campus building is also currently closed to both students and staff until IT services are restored. The Tallaght campus of the Technological University Dublin (TU Dublin) was also impacted in a similar attack.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware has been an increasingly popular tool for cybercriminals to use against targets in the education sector. Preventing it from hitting systems is just as important as protecting data.
ID Agent to the Rescue: Stopping ransomware starts with stopping phishing. in “The Phish Files“, you’ll learn strategies to spot and stop phishing attacks fast. READ THIS BOOK>>
Our partners typically realize ROI in 30 days or less. See why nearly 4,000 MSPs in 30 countries choose to grow with ID AGENT solutions and support. BECOME A PARTNER>>
France – Pierre Fabre
Exploit: Ransomware
Pierre Fabre: Pharmaceutical & Cosmetics Maker
Risk to Business: 1.772 = Severe
REvil ransomware is to blame for an attack at leading French pharmaceutical group Pierre Fabre. The threat actors initially demanded a $25 million ransom, but that number doubled the REvil ransom to $50 million when the company missed the attackers’ deadline for contact. The nature of the information stolen is unclear, and the company is working to restore its systems and data from backups.
Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware isthe weapon of choice for cybercrie, and ransoms have been skyrioocketing as criminals grow more brazen.
ID Agent to the Rescue: Don’t let cybercriminals steal your profits – learn to mitigate the risk in Ransomware 101. DOWNLOAD FREE EBOOK>>
India – Upstox
Exploit: Ransomware
Upstox: Stock Trading App
Risk to Business: 1.755 = Severe
Popular stock trading app Upstox has alerted users of a security breach that exposed some PII for an estimated 2,500,000 customers. The company was careful to note that funds and securities were not impacted. Upstox notified users that it had received messages that claimed unauthorized access to its database along with the breach of its data and KYC details from third-party data-warehouse systems.
Risk to Business: 2.055 = Severe
Upstox has not been specific about the exact customer data stolen but admits that contact data and some identification details may have been exposed. The company has initiated a secure password reset via OTP (one-time password) for all accounts.
Customers Impacted: 2,500,000 customers
How it Could Affect Your Customers’ Business: Cybercrime is around every corner. It’s no longer acceptable to just survive a cyberattack – businesses have to be prepared to endure challenges and still keep going.
ID Agent to the Rescue: Is your organization ready to repel cyberattacks and keep on going? You are if you’re cyber resilient. Learn how to transform your business in “The Road to Cyber Resilience” today. GET THIS BOOK>>
Don’t miss these bad password lists & good password tips. DOWNLOAD IT>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
