The Week in Breach: 07/24/19 – 07/30/19

Home » Cybersecurity » The Week in Breach: 07/24/19 – 07/30/19

darkweb breach

The Week in Breach: 07/24/19 – 07/30/19

This week, credentials from the Dark Web compromise a company’s network, healthcare records are held for ransom, and data breaches become more expensive. 

Dark Web ID Trends:

Top Source Hits: ID Theft Forums
Top Compromise Type: 
Domain 
Top Industry: 
Education & Research
Top Employee Count: 
1 – 10 Employees 

 

United States – New Haven Public Schools
https://www.nhregister.com/news/article/New-Haven-Public-Schools-hit-by-ransomware-attack-14119810.php

Exploit: Ransomware
New Haven Public Schools: Public school district serving students in New Haven, Connecticut

Risk to Small Business: 2.333 = Severe: A network vulnerability allowed hackers to install ransomware on the district’s servers, prohibiting access to many of their critical digital assets. Fortunately, New Haven Public Schools maintained comprehensive backups, allowing them to restore functionality without paying the ransom. Many attacks in this realm are self-initiated, with an employee accidentally clicking into a phishing email that installs malware into a system. However, in this case, the district insists that technical vulnerabilities were the culprit.
Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: A holistic ransomware response plan is a mission-critical component of any organization. This plan, which must include everything from attaining the right insurance policy to determining a philosophical position on paying ransom demands, can mitigate the consequences of an attack. In this case, New Haven Public Schools had the backups in place to avoid paying a ransom and to quickly restore operations. Of course, securing IT infrastructure is a complicated process, and partnering with third-party experts can help spot vulnerabilities before the lead to a data breach.

 

United States – iNSYNQ
https://z6mag.com/2019/07/23/insynq-ceo-asked-clients-for-patience-following-ransomware-attack/

Exploit: Ransomware
iNSYNQ: Cloud hosting platform providing virtual desktops for enterprise clients

Risk to Small Business: 2.111 = Severe: A ransomware attack on July 16th crippled the cloud hosting platform’s services. The attack had cascading consequences, impacting both iNSYNQ and companies that use its products. In response, iNSYNQ was forced to take down their entire network, which instigated a lengthy recovery process that encouraged significant criticism on social media. Therefore, iNSYNQ’s ransomware battle is playing out on two fronts. Their IT team is struggling to restore its comprehensive digital infrastructure even as the company is navigating a PR disaster that could have grave financial implications down the road.
Individual Risk: 2.428 = Severe: While no personal information was compromised in the event, the unique nature of iNSYNQ’s product offering means that many users may have lost access to their data without a clear path to restoration. The company is encouraging all users to back up their data for thirty days to hedge against the threat of data loss from this ransomware attack.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware attacks have become so prominent that they can feel like an inevitability, and companies should treat them as such. Losing access to company data is devastating, but when client services are implicated, the consequences are magnified. As a result, supportive services like identity or credit monitoring can offer customers the peace-of-mind necessary to begin restoring the company’s badly damaged reputation.

 

United States – Park DuValle Health Center
https://www.wdrb.com/in-depth/park-duvalle-health-center-pays-ransom-for-patient-records-in/article_68416546-af0b-11e9-ba4d-0bd49b023c3e.html

Exploit: Ransomware
Park DuValle Health Center: Non-profit medical center serving patients in Louisville, KY

Risk to Small Business:  1.777 = Severe: After successfully restoring their network following a ransomware attack in April, Park DuValle Health Center was attacked again in June, ultimately choosing to pay $70,000 to restore access to their network. The most recent ransomware attack encrypted medical records, contact information, insurance information, and all other patient-related data for past and present patients. The healthcare provider has been without this information since June 7th, and they’ve been unable to schedule new patients during that time. Consequently, the clinic is relying on patients’ memories about treatment and medications, a troubling reality for any healthcare provider.
Individual Risk: No personal information was compromised in the breach.

Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: A ransomware attack is a costly ordeal with broad consequences that extend beyond the immediate expense of restoring system access. In this case, Park DuValle’s entire business was crippled, making the $70,000 ransom payment the least of their financial worries. It’s a reminder that having the tools necessary to respond to a ransomware attack is part of the cost of doing business in today’s digital environment.

 

United States – Cancer Treatment Centers of America
https://www.beckershospitalreview.com/cybersecurity/cancer-treatment-centers-of-america-alerts-3-900-patients-of-data-breach.html

Exploit: Phishing attack
Cancer Treatment Centers of America: National, for-profit network of cancer care, research, and outpatient care centers

Risk to Small Business: 1.888 = Severe: On June 6th, the Cancer Treatment Centers of America detected unauthorized email account access at its Philadelphia-based medical center. The account was compromised when an employee fell for a phishing scam in early May, meaning that intruders had access to patient data for more than a month before it was detected. As a result, the company will face enhanced regulatory scrutiny even as they grapple with the technological and public relations implications associated with a data breach.
Individual Risk: 2.142 = Severe: A single phishing scam compromised the personally identifiable information for thousands of patients. This includes their names, addresses, phone numbers, dates of birth, medical record numbers, and other patient-related information. Those impacted by the breach should monitor their accounts for unauthorized access, and they should consider identity or credit monitoring services to help ensure the long-term integrity of their data.

Customers Impacted: 3,904
How it Could Affect Your Customers’ Business: Personally identifiable information can quickly make its way to the Dark Web, and every organization needs a plan for protecting that information in the event of a data breach. At the same time, providing supportive services, like credit or identity monitoring, is a good first step toward repairing the damage and restoring customer confidence in your organization.

 

 


In Other News:

Ransomware Gets a New Lease on Life 

Ransomware attacks have made a precipitous return to public life, making them one of the most potent threats in today’s digital landscape.

Once targeting individual computer systems, ransomware fell out of favor with cybercriminals as it failed to net significant returns. That changed when cybercriminals began targeting local governments and small and medium-sized businesses where they can earn thousands of dollars from the relatively inexpensive attack method.

Many attributes this shift in approach to the WannaCry ransomware virus, which captured national headlines and set a new direction for future cybercriminals.

As municipalities and organizations grapple with the best response plan, it’s clear that bad actors will continue to wreak havoc with new iterations of ransomware. A strong defense is the most affordable and advantageous approach to these attacks and getting expert eyes (like ours!) on your cybersecurity landscape can ensure that your vulnerabilities are accounted for.

https://www.zdnet.com/article/ransomware-why-cities-have-become-such-a-big-target-for-cyberattacks-and-why-itll-get-worse-before-it-gets-better/

 

The Increasing Cost of a Data Breach 

As the headlines continually demonstrate, data breaches are quickly becoming a prominent problem for organizations of any size and operating in any sector. The bad news, according to IBM’s annual report on the cost of data breaches, is that they are also becoming more expensive.

In 2019, companies can expect to spend $3.92 million on a data breach, a 12% increase in just five years.

With today’s regulatory landscape trending toward consumers, companies can expect these numbers to continue increasing as governments intend to exact financial penalties from organizations that can’t protect their customers data.

Consequently, highly-regulated industries like healthcare and financial services saw the most significant price escalations.

The report is especially troubling for SMBs. IBM concluded that companies with less than 500 employees will still incur losses in excess of $2 million if a data breach occurs, and they can expect these costs to continue to for several years after a breach.

The high cost of a data breach makes cybersecurity partnerships a relatively inexpensive way to protect your organization from the catastrophic consequences that accompany a breach.

https://www.cbronline.com/news/data-breach-costs-2

 

 

Posted on