This week, compromised email accounts expose customer data, ransomware disrupts remote work, and the FBI releases a new warning about COVID-19 related healthcare cybercrime.  

Dark Web ID Trends:

  • Top Source Hits: ID Theft Forums
  • Top Compromise Type: Domain
  • Top Industry: High-Tech & IT
  • Top Employee Count: 11-50

United States – Edison Mail

https://threatpost.com/edison-mail-ios-bug-exposes-emails-to-strangers/155814/

Exploit: Coding error

Beaumont Health: Email application

Risk to Small Business 2.171 = Severe

A coding error in Edison Mail’s popular iOS app allowed messages to be viewed by other users. The update was released on Friday, May 15th, and the company claims that it was repaired by the end of the weekend. However, for an app that touts its advanced security features, this oversight undermines one of its primary selling points. What’s more, three days is an eternity in the cybersecurity space, giving bad actors ample time to take advantage of this vulnerability. Users, incensed by the oversight, aggressively criticized the platform on social media, adding a PR component to an already-arduous recovery process.

Individual Risk: 2.602 = Moderate

The app’s flaw only applies to iOS users who downloaded the update on May 15th. Many victims noted that they could read up to 100 emails from accounts that didn’t belong to them, potentially compromising anything in those messages. Those impacted by the breach should carefully monitor their accounts for misuse, and they should consider enrolling in credit and identity monitoring programs to help secure their information if it falls into the wrong hands.

 

Customers Impacted: Unknown

How it Could Affect Your Business: After years of seemingly endless cybersecurity incidents, many consumers are finally fed up with companies that can’t protect their privacy. As many users commented on social media, this event undermined their trust in the application, which could prompt them to turn to a competitor for a more compelling platform. In this way, cybersecurity can be considered a bottom-line differentiator that can make or break companies in the digital economy.

Geek To You Technology to the Rescue: We go into the Dark Web to keep you out of it. Get a free Dark Web Scan to see if your information is for sale on the Dark Web. We use the leading Dark Web monitoring platform combining human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data.

United States – Home Chef

https://www.bleepingcomputer.com/news/security/home-chef-announces-data-breach-after-hacker-sells-8m-user-records/

Exploit: Unauthorized database access

Home Chef: Meal kit & food delivery company

Risk to Small Business: 1.790 = Severe

Hackers obtained a database containing customer data, and sold the information on the Dark Web. The database, which was lifted in a data breach in early May, was available for just $2,500, and it contains the personal data for more than 8 million customers. This incident will further stigmatize Home Chef, which is still grappling with the cybersecurity implications of the previous breach.

 

 

Individual Risk: 1.980 = Severe

The database stored customer details, including email addresses, encrypted passwords, partial credit card information, genders, ages, and subscription information. Victims should immediately update their Home Chef account passwords and any other platform credentials using the compromised data. In addition, they should carefully monitor their online accounts for instances of fraud or misuse.

 

 

Customers Impacted: 8,000,000

How it Could Affect Your Business: Customers’ personal data is a valuable commodity, and there is an army of ready buyers on the Dark Web. In response, every company needs to know when their company or client data is being circulated in this nefarious environment, potentially giving them an opportunity to respond before bad actors can capitalize on its availability.

Geek To You Technology to the Rescue: We go into the Dark Web to keep you out of it. Get a free Dark Web Scan to see if your information is for sale on the Dark Web. We use the leading Dark Web monitoring platform combining human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data.

United States – Wishbone

https://www.zdnet.com/article/hacker-selling-40-million-user-records-from-popular-wishbone-app/?&web_view=true

Exploit: Unauthorized database access

Wishbone: Poll & Comparison App

Risk to Small Business: 1.562 = Severe

A company database was stolen by hackers, who then released the data in full on the Dark Web. The information was captured as part of a cybersecurity incident that occurred in January 2020, and it’s unclear why it took Wishbone more than five months to identify the incident. This is the second cybersecurity incident for the perennially popular company. Now, consumers are much less forgiving. In addition, today’s regulatory environment is significantly more critical of companies’ cybersecurity stance, which could contribute to a multifaceted problem for the platform moving forward. 

Individual Risk: 1.670 = Severe

Users’ personal data was exposed in the breach. This includes usernames, email addresses, phone numbers, hashed passwords, and profile pictures. This information is easily obtained on the Dark Web, and everyone impacted should immediately update their account passwords and take steps to secure their personal details. Since this information can quickly be redeployed in a spear phishing campaign, victims need to be especially vigilant about monitoring the veracity of incoming messages.

 

Customers Impacted: 40,000,000

How it Could Affect Your Business: Consumers and data privacy regulators are increasingly critical of companies that fail to protect customer data. Moving forward, it’s evident that data security will be a bottom-line issue for many companies, as they will rely on their defensive capabilities to bolster consumer sentiment and to ward off regulators, both of whom are ready to hold businesses accountable for privacy violations.

Geek To You Technology to the Rescue: We go into the Dark Web to keep you out of it. Get a free Dark Web Scan to see if your information is for sale on the Dark Web. We use the leading Dark Web monitoring platform combining human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data.

United States – Mathway

https://www.bleepingcomputer.com/news/security/mathway-investigates-data-breach-after-25m-records-sold-on-dark-web/

Exploit: Unauthorized database access

Mathway: Online tutoring and mathematics education platform

Risk to Small Business: 1.807 = Severe

A Hackers accessed a company database and made it available for sale on the Dark Web. The breach was first detected by cybersecurity researchers when the platform’s data was available for private purchase. Now, it’s widely available to bad actors for $4,000. The incident is especially untimely, as students and teachers turn to online platforms to supplement learning opportunities while schools operate remotely. It could impact the platform’s ability to capitalize on this prominent moment for ed-tech services.

 

Individual Risk: 1.780 = Severe

While Mathway is unable to detail specific data sets compromised in the breach, they acknowledged that users’ account credentials were exposed. Consequently, all users should reset their account passwords and continue to monitor their accounts for instances of fraud. As the company provides more specific details, users should continue to adjust their response accordingly.

.

 

Customers Impacted: 25,000,000

How it Could Affect Your Business: There are millions of account credentials available on the Dark Web, and businesses that are serious about securing their data will put an additional layer of protection between login credentials and IT infrastructure. Taking simple steps, like adding Dark Web monitoring to a company’s cybersecurity plan, can help companies keep their data secure even when passwords are compromised.

Geek To You Technology to the Rescue: We go into the Dark Web to keep you out of it. Get a free Dark Web Scan to see if your information is for sale on the Dark Web. We use the leading Dark Web monitoring platform combining human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data.

 

In Other News

Hackers Use Stolen Credentials to Attack Hospitals with Ransomware 

Since the onset of the COVID-19 pandemic, hospitals, and healthcare facilities have dealt with a deluge of cyberattacks, and ransomware has been especially pernicious. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), hackers infiltrated many of these organizations using stolen credentials obtained from a known vulnerability in their Pulse Secure VPN servers.

This threat was first identified in October 2019, with the CISA and the US Federal Bureau of Investigation both issuing subsequent alerts in January and April of 2020. Unfortunately, even after repairing the vulnerability, the agencies have seen examples of cybercriminals using compromised credentials to access company networks.

The incident is a reminder of the importance of acting swiftly to address cybersecurity vulnerabilities but also of maintaining insights into the Dark Web, where stolen login information can quickly circulate and create chaos for your IT infrastructure.

COVID-19 is creating a more perilous digital environment for companies, making now the right time to double-down on cybersecurity initiatives that can prevent a breach.

https://www.bleepingcomputer.com/news/security/us-govt-hacker-used-stolen-ad-credentials-to-ransom-hospitals/?&web_view=true

50,000 Companies Send Employees Home with Infected Devices   

In a rush to enable employees to work remotely, many companies unknowingly sent staffers home with compromised devices. A recent study found that as many as 50,000 companies issued already-compromised devices that were protected at the office by company firewalls and other in-house defensive measures but not outside of it.

These compromised devices are now operating on lightly-secured home or public Wi-Fi networks in an unmoderated environment, and that brings a deluge of cybersecurity risks.

Adding an extra layer of protection for access to your data and systems is crucial. That’s why we’re excited to be able to provide you with a cutting-edge secure identity and access management solution that was designed with remote workers in mind – at an excellent value.

We’re here to help as your company adjusts its cybersecurity strategy to meet the new challenges of our changed world and shifting threat landscape. If we can support your efforts during this tumultuous time, please contact us today at 603-292-6503!

Now is the time for every company to reassess its cyber preparedness in light of the new realities posed by COVID-19. If we can support these efforts in any way, please don’t hesitate to contact our team!

https://www.darkreading.com/endpoint/work-from-home-exposes-already-infected-machines-in-50k-us-organizations-/d/d-id/1337606?&web_view=true

Get our new free remote workforce cybersecurity toolkit now, and follow us on social media to get our latest news, events, blog posts, insights, product updates, marketing tools, and so much more!