This week, compromised email accounts expose customer data, ransomware disrupts remote work, and the FBI releases a new warning about COVID-19 related healthcare cybercrime.
Dark Web ID Trends:
- Top Source Hits: ID Theft Forums
- Top Compromise Type: Domain
- Top Industry: Manufacturing
- Top Employee Count: 50-100
United States – Beaumont Health
https://www.cyberscoop.com/beaumont-health-data-breach/
Exploit: Phishing scam
Beaumont Health: Healthcare provider
Risk to Small Business: 1.537 = Severe
A phishing scam gave hackers access to IT infrastructure containing patients’ protected health information. The breach was identified on March 29, 2020, but data was exfiltrated between May 23, 2019, and June 2, 2019, leaving patient data exposed for nearly a year. This incident has come to light as healthcare providers face cybersecurity threats while battling the COVID-19 crisis, and Beaumont Health will undoubtedly face both regulatory troubles and financial woes on a long road to recovery.
Individual Risk: 1.509 = Severe
Hackers accessed patients’ personally identifiable information and protected health information, including names, birth dates, Social Security numbers, and medical conditions. In some cases, hackers also accessed bank accounts and driver’s license information. Those impacted by the breach should immediately contact their financial service providers to notify them of the incident. In addition, they will need to closely monitor their accounts for suspicious or unusual activity. They should be especially critical of incoming messages, as hackers often use information from one breach to craft authentic-looking spear phishing campaigns that can compromise additional data.
Customers Impacted: 112,000
How it Could Affect Your Business: Phishing scams are a significant risk to every company’s data. Especially during the COVID-19 pandemic, healthcare companies have seen a precipitous increase in these attacks, as hackers look to capitalize on the urgency and unease of the situation to trick employees into compromising critical data.
Geek To You to the Rescue: BullPhish ID simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime – now with COVID-19 scam awareness kits.
United States – Small Business Administration
Exploit: Unauthorized database access
Small Business Administration: Government agency overseeing small business affairs
Risk to Small Business: 2.177 = Severe
A cybersecurity vulnerability in the portal processing small business owners applying for an emergency loan under the Economic Injury Disaster Loan Program experienced a data breach. The breach, which was detected on March 25th, impacts a vital program for small businesses, and it could harm small business owners who are already grappling with an especially challenging time. Additionally, this oversight has caught the attention of news media, legislatures, and small business owners, weakening its credibility at a critical time.
Individual Risk: 2.230 = Severe
The breach exposed applicants’ names, addresses, email addresses, dates of birth, citizen status, and insurance information. This data can quickly circulate on the Dark Web, and bad actors will frequently reuse the information in phishing scams and other fraud attempts. The Small Business Administration is offering victims a year of free identity monitoring services, and victims should enroll in this program to receive a notification if their information is misused.
Customers Impacted: 8,000
How it Could Affect Your Business: Now, more than ever, the consequences of a data breach are traumatic for victims. Organizations collecting and storing personal data can support their users during the COVID-19 pandemic by taking extra care to ensure that personal data remains private. It’s a priority that always matters, but that is especially amplified during the pandemic.
In Other News
Hackers Use Stolen Credentials to Attack Hospitals with Ransomware
Since the onset of the COVID-19 pandemic, hospitals, and healthcare facilities have dealt with a deluge of cyberattacks, and ransomware has been especially pernicious. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), hackers infiltrated many of these organizations using stolen credentials obtained from a known vulnerability in their Pulse Secure VPN servers.
This threat was first identified in October 2019, with the CISA and the US Federal Bureau of Investigation both issuing subsequent alerts in January and April of 2020. Unfortunately, even after repairing the vulnerability, the agencies have seen examples of cybercriminals using compromised credentials to access company networks.
The incident is a reminder of the importance of acting swiftly to address cybersecurity vulnerabilities but also of maintaining insights into the Dark Web, where stolen login information can quickly circulate and create chaos for your IT infrastructure.
COVID-19 is creating a more perilous digital environment for companies, making now the right time to double-down on cybersecurity initiatives that can prevent a breach.
50,000 Companies Send Employees Home with Infected Devices
In a rush to enable employees to work remotely, many companies unknowingly sent staffers home with compromised devices. A recent study found that as many as 50,000 companies issued already-compromised devices that were protected at the office by company firewalls and other in-house defensive measures but not outside of it.
These compromised devices are now operating on lightly-secured home or public Wi-Fi networks in an unmoderated environment, and that brings a deluge of cybersecurity risks.
Adding an extra layer of protection for access to your data and systems is crucial. That’s why we’re excited to be able to provide you with a cutting-edge secure identity and access management solution that was designed with remote workers in mind – at an excellent value.
We’re here to help as your company adjusts its cybersecurity strategy to meet the new challenges of our changed world and shifting threat landscape. If we can support your efforts during this tumultuous time, please contact us today at 603-292-6503!
Now is the time for every company to reassess its cyber preparedness in light of the new realities posed by COVID-19. If we can support these efforts in any way, please don’t hesitate to contact our team!
Get our new free remote workforce cybersecurity toolkit now, and follow us on social media to get our latest news, events, blog posts, insights, product updates, marketing tools, and so much more!
