Security Breach – 29 Jan 2021

Security Breach – 29 Jan 2021

DUO makes it easy and affordable to defend against password-based attacks It sounds logical that you’d want the most secure lock to your office, but many business owners don’t have the same logical thinking to their systems and data, leaving them wide open to cybercriminal mischief.

In a recent survey, only 24% of businesses were using security access controls, like a secure identity and access management solution instead of old-fashioned password-based security.

That’s a boon for cybercriminals – compromised passwords are the key to entry for them in around 85% of all data breaches. Strong access point security isn’t just something for major corporations anymore. Every business needs it, and solutions like DUO Security.

Protecting your systems and data with just a password isn’t going to cut it anymore.

Even if your employees are making good, complex passwords and practicing excellent password hygiene, relying on passwords alone is outmoded and dangerous.

Huge stores of passwords that have been stolen in past data breaches are now available in Dark Web markets and data dumps to power credential stuffing attacks and other cybercrime.

DUO makes it easy and affordable to defend against password-based attacks with the tools that experts recommend: multifactor authentication, single sign-on, secure shared password vaults and more.

Don’t wait to beef up your access point security. Add a secure identity and access management solution like DUO today and make sure that the access points to your systems and data are really protected.

Recent Breaches

Australia – Australia Securities and Investments Commission

Exploit: Hacking

Risk to Small Business: Severe: A security breach at Australia’s security regulator may have led to a significant data exposure. The breach occurred on a server that the organization used to transfer files including credit license applications where some information may have been viewed. This breach may have been caused by a suspected flaw in third-party software that may have also spurred a similar breach at the New Zealand central bank a few weeks ago.

Risk to Exploited Individuals: No personal or business data was reported as confirmed to be stolen in this incident that is still under investigation.

Customers Impacted:  Unknown

 Sweden- Pixlr – Photo Editing Software Developer

Exploit: Third Party Data Breach

Risk to Small Business: Severe: ShinyHunters are at it again, this time with a dump of data from Pixlr. The gang claims that the Pixlr data was obtained through their earlier successful breach at stock photo site 123rf, which is owned by the same parent company. The Pixlr database posted by ShinyHunters contains 1,921,141 user records consisting of email addresses, login names, SHA-512 hashed passwords, a user’s country, whether they signed up for the newsletter, and other internal information.

Risk to Exploited Individuals: Severe: User information was stolen that includes basic contact information for users, leaving them at risk for spear phishing attacks.

Customers Impacted:  1,921,141

Protect your data and systems by implementing a solid cybersecurity plan. Talk to a TCT team member today and we can show you how.

Robert Brown

Follow us on LinkedIn:

Related Articles:
Can your staff really spot phishing messages?
Ransomware Recovery is Long and Expensive

Log a Job: