Dec, 2019

Recent Data Breaches You Should Know

Imagine for a second what would happen if your business’ data was exposed and stolen. You’d have a really difficult time going forward as your client-base dwindled and you opportunities for growth dried up. The amazing part is that some very successful companies have this type of thing happens all the time. Today, we will look at some of the largest data breaches since September 1.

September

9/5

Providence Health Plan – 122,000 members of the Providence Health Plan had personal information leaked when an unauthorized party accessed the company’s servers. Information that was stolen included plan member names, addresses, email addresses, dates of birth, Social Security numbers, member ID numbers, and subscriber numbers.

Facebook – Facebook had an unprotected server with over 419 million records accessed. Users had their Facebook’s user ID and phone number exposed. In some cases, user’s names, genders, and locations were also leaked.

9/16

Dealer Leader, LLC. – 198 million prospective car buyers were left exposed by an unprotected server. The information that was left out there included names, email addresses, phone numbers, addresses, and IPs.

9/27

DoorDash – The popular food delivery app had 4.9 million customers’ information breached by a third-party. The information left exposed included the names, delivery addresses, phone numbers, hashed passwords, order history, and the last four numbers of each’s credit card number. In the same hack, over 100,000 delivery drivers had their driver’s license information leaked.

9/30

Zynga – The mobile game maker, Zynga, the developer of popular mobile games such as Farmville and Words with Friends has announced that 218 million players had their data exposed after their network was breached by a hacker. The company had player names, email addresses, login IDs, phone numbers, Facebook IDs and more left exposed.

October

10/17

Methodist Hospitals of Indiana – The Methodist Hospitals of Indiana fell victim to an email phishing scam and it allowed hackers to steal 68,000 records that included names, addresses, dates of birth, Social Security numbers, driver’s licenses, and more.

10/21

Autoclerk – Autoclerk, a hotel property management software developer had an open database infiltrated exposing data that included names, dates of birth, home addresses, phone numbers, dates of travel, travel costs, room numbers, and some masked credit card details of hundreds of thousands of guests.

10/22

Kalispell Regional Healthcare – Over 130,000 Social Security numbers, addresses, medical record numbers, dates of birth, medical histories and treatment information, and names of treating physicians were exposed by hackers.

10/26

Adobe – Data was exposed that included email addresses, usernames, location, Adobe product licenses, account creation dates, and payment statuses. 7.5 million users were affected.

10/27

Network Solutions – The world’s oldest domain name provider has been exposed in a hack. Millions of individuals’ data that included names, addresses, phone numbers, email addresses, and service information was compromised.

November

11/9

Texas Health Resources – The Texas-based health care provider reported a data breach where 82,000 patient records were exposed. Included in the breach were names, addresses, email information, health information, and more.

11/16

Disney Plus – The brand-spanking-new Disney+ streaming service had new user account information hijacked by hackers. Login credentials wound up on the Dark Web soon after.

Magic the Gathering – The popular online strategy game has reported that an unsecured website database has exposed 452,000 player records that include names, usernames, and more.

11/18

State of Louisiana – The State of Louisiana has been a victim of a ransomware attack that took down many state agencies’ servers. Although no data is said to be lost, the state’s crucial computing infrastructure was down for several days as systems were restored from backup.

11/19

Macy’s – Macy’s had their ecommerce site hacked. Hackers embedded malicious code into their checkout page and put a skimming code on the company’s Wallet page. The malware retrieved names, addresses, phone numbers, email addresses, payment card numbers, card security codes, and card expiration dates.

11/22

T-Mobile – T-Mobile had over a million customers’ information accessed by a hacker. Information accessed included names, billing addresses, phone numbers, rates, and calling features.

Unknown – An unsecured server containing over 622 million email addresses and 50 million phone numbers, and millions of pieces of other information was discovered. It is unknown what organization this data is tied to as the time of writing.

With hundreds of millions of records being exposed each month, it’s hard to feel confident about giving your personal or financial information to anyone in the current threat landscape. If your business needs help trying to be secure, call us today at 810.230.9455.

Nov, 2019

Former Trend Micro Employee Sold 68,000 Customer Records to Scammers

Antivirus developer Trend Micro is doing some damage control after an ex-employee stole customer data and sold it to online scammers. These scammers have been calling Trend Micro customers. If you use Trend Micro, it’s best to be wary of any calls you get.

How Does This Happen?

An employee had access to data that they weren’t authorized to have. According to Trend Micro, they were able to “gain access to a customer support database that contained names, email addresses, Trend Micro support ticket numbers, and in some instances telephone numbers. There are no indications that any other information such as financial or credit payment information was involved…”

This employee, who remains unnamed, apparently had planned to steal data, and ended up being able to bypass the internal protections Trend Micro had in place.

Since the data had more than enough information for a scammer to use to trick a user into believing they were calling from Trend Micro (all it really takes is a name and phone number, and knowing that they use the product), this kind of data has a great deal of value to scammers. It gives them an easy way in to steal money from unsuspecting people under the guise of Trend Micro tech support.

Be Wary of Any Unsolicited Tech Support Calls

This isn’t a new problem, and it definitely isn’t only a problem for Trend Micro customers. Fake tech support scammers have been around for years, often preying on older, less-technically-savvy users. They use scare tactics and feign urgency to get their victim to hand over credit card information or allow remote access to the PC.

More often than not, these calls will come in saying they are “Microsoft Windows Support” or some general computer support. If the scammer thinks they are targeting an individual at a business, they might say they are from the IT department.

It’s important to be wary and educate your employees so they know the proper channels for getting support requests handled.

The Other Lesson – Don’t Let Employees Access Data They Don’t Need

As a business owner, you need to ask yourself who has a little too much access. Can all employees wander into folders on your network that contain personal or financial information?

An employee should only have access to the data that they need, although it’s also important to not make it too difficult for an employee to do their job. Establishing the policies for this can be tricky but setting up the permissions on your network just takes a little work with your IT provider.

Enforcing security policies, like controlling who has access to what data, requiring strong passwords, and setting up multi-factor authentication can go a long way in protecting your business and its customers from a rogue employee running off with data. An ounce of prevention is worth a ton of damage control, in this case.

Need help? Our IT experts can work with you to lock down your data. Give us a call at 810.230.9455.

Sep, 2019

Biggest Data Breaches Since May

Has your business’ network been breached? If not, you will need to continue to prioritize network security to keep hackers at bay. With 446 million records compromised in 2018 alone, businesses need to understand what threats they are currently under. Let’s take a look at some of the biggest data breaches that have happened since the beginning of May.

May

May 2, 2019 – Citrix

Conferencing and digital workplace software company, Citrix, revealed that hackers gained access to the company’s network between October 2018 and March 2019. Data stolen included Social Security numbers, financial information, and data of current and former employees.

May 3, 2019 – AMC Networks

1.6 million users of AMC Network’s Sundance Now and Shudder streaming services had their data left exposed through a database that was left unsecured. Names, email addresses, subscription details were compromised.

May 9, 2019 – Freedom Mobile

Freedom Mobile, a Canadian mobile provider had an estimated 1.5 million customers’ personal and financial information left exposed on a third-party server. The types of data left exposed included names, email addresses, mailing addresses, dates of birth, and credit card information.

May 13, 2019 – Indiana Pacers

The legal team behind the National Basketball Association’s Indiana Pacers was the victim of a major phishing attack. Employee and customer names, addresses, dates of birth, Social Security numbers, passport numbers, driver’s license numbers, medical insurance information, card numbers, digital signatures and login information. No number of affected individuals has been given by the team.

May 14, 2019 – WhatsApp

WhatsApp has experienced a security flaw that provided access to an Israeli government surveillance agency, NSO Group. NSO Group had limited access to the microphone, camera, and WhatsApp message text of the app’s 1.5 billion users.

May 20, 2019 – Instagram

Facebook-owned Instagram, fell victim to a data breach that exposed more than 49 million Instagram influencers, celebrities, and brands’ Instagram information when an Indian-based social media marketing company left it exposed.

May 24, 2019 – Canva

The 139 million users of Canva, a cloud-based graphic design tool, had their names, usernames, and email addresses exposed when hackers infiltrated their server.

May 24, 2019 – First American Financial Corporation

First American Financial Corp., a leading title insurer for the U.S. real estate market, had 885 million customers’ Social Security numbers, bank account numbers, mortgage and tax records, wire transaction receipts, and driver’s license images compromised for all customers as far as back as 2003.

Other May breaches: Inmediata Health Group, Uniqlo, Wyzant, Flipboard, Checkers (the fast food chain).

June

June 3, 2019 – Quest Diagnostics

Almost 12 million patient records have been compromised when hackers took control of the payments page of AMCA, a major payment vendor for Quest Diagnostics. Data such as financial account data, Social Security numbers, and health information (ePHI) were left exposed.

June 4, 2019 – LabCorp

In the same hack, LabCorp announced that 7.7 million of its customers were impacted.

June 6, 2019 – Opko Health

In the same attack, Opko Health had 422.600 customer and patient records compromised.

June 10, 2019 – Emuparadise

The gaming website Emuparadise had their users’ IP addresses, usernames, and passwords exposed in a data breach.

June 11, 2019 – Evite

More than 100 million users of the Evite event planning app have had their information put up for sale on the dark web. Information that was stolen included names, email addresses, IP addresses, and cleartext passwords. Some even had their dates of birth, phone number, or postal address exposed.

June 11, 2019 – Total Registration

Kentucky-based Total Registration, a facilitator of scholastic test registrations had their entire service compromised. Victims, who were mainly students who had registered for PSAT and Advanced Placement tests, had their names, dates of birth, grade level, gender, and Social Security number exposed.

June 12, 2019 – Evernote

A security vulnerability in Evernote’s Web Clipper Chrome extension gave hackers access to the online data of over 4.5 million users. Exposed data includes authentication, financial, all private communications, and more.

June 20, 2019 – Desjardins

Over 2.7 million individuals and 173,000 businesses had their data stolen by a single Desjardins employee. Canada’s largest credit union, the hack resulted in the exposure of names, dates of birth, social insurance numbers, addresses, phone numbers, and email addresses of customers

Other June breaches: Oregon Department of Human Services, U.S. Customs and Border Protection, EatStreet, Dominion National

July

July 17, 2019 – Clinical Pathology Laboratories

Due to the AMCA breach that affected Quest Diagnostics, Opko Health, and Labcorp, Clinical Pathology Laboratories had 2.2 million patients’ personal and medical information exposed with an additional 34,500 patients’ credit card or banking information breached.

July 18, 2019 – Sprint

A still unknown number of Sprint customer accounts were hacked through Samsung.com’s “add a line” website. Some exposed information included names, billing addresses, phone numbers, device types, device IDs, monthly recurring charges, account numbers, and more.

Other July breaches: Maryland Department of Labor, Los Angeles County Department of Health Service, Essentia Health, Fieldwork Software, Los Angeles Personnel Department

August

August 5, 2019 – Poshmark

The online marketplace, Poshmark, has announced that they’ve been hacked. Usernames and email addresses of an unreported amount of clients have been exposed in the breach. Poshmark has nearly 50 million users.

August 5, 2019 – Stock X

The online fashion-trading platform had its over 6.8 million user accounts exposed. Data that was out there included customer names, email addresses, usernames and passwords, shipping addresses, and purchase histories.

August 9, 2019 – CafePress

A data breach at CafePress, a custom t-shirt and merchandise company, exposed the names, email addresses, physical addresses, phone numbers, and passwords of over 23.2 million customers.

August 15, 2019 – Choice Hotels

Hackers left over 700,000 guest records exposed in a coordinated extortion attempt on the Choice Hotel chain. Stolen information included names, addresses, and phone numbers.

August 16, 2019 – Biostar 2

VPNMentor and independent security researchers uncovered a data breach containing over a million individuals’ facial recognition information as well as the unencrypted passwords and usernames of 27.8 million individuals exposed from Biostar 2, a biometric security platform.

August 27, 2019 – Hostinger

Hostinger, a web hosting company sent out an email to their 14 million clients who had their information hacked through an API server. As a result, first names, usernames, email addresses, IP addresses and hashed passwords were exposed.

Other August breaches: Presbyterian Healthcare Services, State Farm, MoviePass

Before your business has its network breached, data stolen, and reputation irreparably harmed, call the security professionals at NuTech Services to do a full security assessment. We can help you keep your data and reputation intact. Call us today at 810.230.9455 to learn more.

May, 2017

Study Finds Social Media Phishing Scams to Be the Most Dangerous

Ordinary fishing, where you hope for a simple-minded fish to latch onto your hook, relies on using a proper lure. The same can be said for the virtual method of phishing, where a hacker will use a similar type of “lure” to convince the target to bite. These phishing scams are especially useful for hackers who want to take advantage of social media to find new targets. A recent study has shown that this is a surprisingly effective method of phishing.

A report from phishd by MWR InfoSecurity orchestrated a simulated phishing attack that attempted to target a million users. ITProPortal told of their findings: “Almost a quarter of users clicked a link to be taken to a fake login screen. Out of that number, more than half (54 percent) provided user credentials, and 80 percent downloaded a file.”

This means that about 10 percent of users fell victim to the first two stages of the simulation and gave up their account credentials. Now, compare this rate to how often a normal scam, like spam, accomplishes its goal. While the typical spam message will only have a fraction of a percentage point rate of success, social media provides a substantially larger chance of success to hackers.

James Moore, the Managing Director of phishd by MWR InfoSecurity, states: “More concerning is that out of those targeted with a social media request or a promotional offer, more than 10 percent downloaded a potentially malicious file via their corporate email accounts.” This is especially a problem, as there are so many people who connect their social media accounts to their work accounts–risky business for any organization that wants to avoid a critical data breach.

If anything, this study shows why your business needs to keep data safe. This includes being capable of identifying phishing scams and responding to them properly, but also the implementation of security tools like antivirus, spam blocking, and content filtering. If you’re very concerned about social media phishing, you can go so far as to block social media websites completely on your network. Additional measures such as comprehensive training can help your users identify phishing attacks both in and out of the office, on a variety of platforms. Often times, the lures used by hackers can be so tantalizing that they’re able to bypass your security, so the only thing standing between you and a data breach is the knowledge you’ve imparted to your users.

You can’t trust anyone on the Internet, be it a new friend on social media, a new entry into your address book, or a seemingly-legitimate website. You have to be ready for anything, but this can be a daunting task. Thankfully, you don’t have to endure it alone. With NuTech Services by your side, you’ll be prepared to handle any cyber threat. To learn more about what we can offer your business, reach out to us at 810.230.9455.

Apr, 2017

Alert: LastPass Vulnerability Found. Is Any Password Manager Safe?

Thanks to one of Google’s researchers with the Zero Day Project, it has been discovered that LastPass has a major vulnerability as a result of a major architectural problem. This news comes on the heels of many other flaws the same researcher discovered within LastPass. However, based on what the researcher claims, these vulnerabilities were much less serious than his latest discovery.

After having “an epiphany in the shower,” Tavis Ormandy realized that the latest version of the password manager’s browser extension is subject to a flaw that allows some malicious websites to have their way with the user’s system. Otherwise, the vulnerability allows malicious websites to steal the user’s passwords from behind LastPass’ protections. Unfortunately, this vulnerability seems to be present in the extensions for every major browser on Windows and Linux, and is most likely present for Mac users as well.

Making this vulnerability even more significant, the vulnerability only requires the extension to be installed in order for it to be exploited. A user could be logged out and still be subject to receiving malicious code from the website they’re visiting.

To their credit, LastPass is committed to resolving this issue, acknowledging Ormandy’s report a mere hour after he submitted it. Two days later, LastPass released a blog post going over these events and offering a few recommendations:

Launch websites from the LastPass vault: To retain the highest level of security as possible, it’s better to access websites from the LastPass vault itself.
Use Two-Factor Authentication wherever possible: This will add an extra layer of security to prevent leaked credentials from granting easy access to your accounts.
Keep an eye out for phishing attacks: Clicking on a malicious link is a great way to hand over your access credentials to malicious entities, so before you click on a link in a received message, take a moment to ask yourself if the link makes sense to be coming from who allegedly sent it.

LastPass has also been vocal in their appreciation for people like Ormandy finding issues like these before they are found the hard way. According to Joe Siegrist, cofounder and vice president of LastPass, “We greatly appreciate the work of the security community to challenge our product and uncover areas that need improvement.

LastPass now has 90 days before Ormandy and Project Zero release the technical details as part of their disclosure policies. In the meantime, it would be prudent to take LastPass’ advice to heart for the sake of your own network security.

To ensure your credentials are protected, and to schedule a full security audit, contact NuTech Services at 810.230.9455.

Mar, 2017

20% of Customers and Revenue are a Lot to Lose From a Single Data Breach

Data breaches are common problems for businesses of all shapes and sizes. In fact, they often have huge repercussions that aren’t initially seen in the heat of the moment. How can you make sure that a data breach won’t negatively impact your business, even well after you’ve fixed the initial problem?

Cisco, for example, claims that out of all companies that experienced a major data breach in 2016, over one-third of them lost more than 20 percent of their customers, opportunities, or revenue. This clearly shows that your business has far more than just data on the line when it comes to cybersecurity. Simply put, by not taking measures to keep your organization secure, you stand to put the future of your business itself at risk.

This makes sense, especially when you consider a consumer’s natural reaction to a poor experience with a specific vendor or brand. If you were a customer at a store that experienced a major data breach (one in which your financial information was stolen), would you still want to shop there? Many organizations will reassure their customers that the vulnerability has been resolved, and some might even offer to make amends for their careless handling of customer data. Yet, sometimes even this isn’t enough to retain customers, and often times, you won’t find this out until it’s too late.

As a small business owner, can you imagine what it would feel like to lose as much as 20 percent of your current clientele? Large organizations might have enough resources and offerings to make the loss seem more manageable, but chances are that a 20-percent loss would be a huge hit for any smaller organization.

Furthermore, it’s likely that such a loss of customers, opportunities, or revenue would affect long-term growth. If your organization loses 20 percent of its customers, that’s not just lost business for you–that’s a whole bunch of customers who won’t recommend your organization to new clients. What’s worse, they may even tell others about your business, but not in the way that you want them to. Before you know it, you’ll have former customers telling their contacts all of the ugly details about their experience with your business, data breaches notwithstanding.

In other words, not only does a data breach represent a loss of revenue, but also a loss of potential resources that could be utilized to further advance your business in the future.

Thus, a relatively small issue could transform into a major problem that puts the future of your business in jeopardy. Cisco also found that the following problems were concerning for organizations that experienced a data breach:

Cyber threats in 2016 increased in power and sophistication.
Cybersecurity efforts by organizations aren’t able to investigate all of the alerts they get in a single day (56 percent is the average).
However, despite cyber attacks growing in complexity, hackers still utilized “classic attack methods seen in 2010.”

Cyber threats continue to evolve into bigger, more dangerous threats that are harder to counter and prepare for. Despite this fact, it’s still your responsibility to make sure that any potential data breach doesn’t spell the end for your enterprise. It’s clear that, in order to guarantee the success of your business’s future, you need to implement powerful and focused security solutions designed to prevent breaches in the first place.

NuTech Services can help your business implement technology solutions designed to limit breaches and manage risk more effectively. With a Unified Threat Management device and remote monitoring and management service, you will have little to fear. To learn more, reach out to us at 810.230.9455.