Security Breach – 4 Feb 2021

Security Breach – 4 Feb 2021

A major crackdowns against ransomware gangs is good news.International authorities executing major crackdowns against ransomware gangs is good news, but it doesn’t come close to addressing the full scope of the problem.

Ransomware is by far the biggest bully on the playground, and it grew by an estimated 311% in 2020. That’s because it’s still a goldmine – ransomware payments in just the health sector alone increased to more than $230k.

Protecting your business from ransomware has to be a top 2021 priority. No business is too large or too small to get walloped by ransomware, but you can add a few security precautions that can help your business be less likely to fall prey to an attack.

Successful ransomware attacks against all kinds of targets have drastically increased the odds of a spear phishing or ransomware attack arriving because of an increase in third party data breaches.

We recommend the adoption of a secure identity and access management solution.

Not only is it a fast, affordable protection against cybercrime that includes conveniences like single sign on and easy remote management, but DUO Security also features multifactor authentication, a single tool that can stop up to 99% of password-based cybercrime.

Recent Breaches

 
United States – USCellular – Mobile Phone Company

Exploit: Credential Compromise

Risk to Small Business: Extreme: USCellular, the fourth largest mobile network in the US, has suffered a data breach after a successful malware attack. Hackers used malicious code disguised as a routine software update to gain access to systems including its Customer Relationship Management (CRM) and client records. This is not USCellular’s first time at this rodeo – the company has had consistent information security problems.

Risk to Exploited Individuals: Extreme: USCellular advised customers that their account records including name, address, PIN code, and cellular telephone numbers(s) as well as information about the customer’s wireless services including service plan, usage and billing statements, personal information, PIN code, service plan, and billing statements might have been compromised. However, data such as social security numbers and credit card information remained inaccessible to the hackers. Clients should be wary of spear phishing, business email compromise and identity theft using this information.

Customers Impacted:  4.9 Million

UK- Mensa – Intellectual Club

Exploit: Password Compromise

Risk to Small Business: Severe: Mensa UK experienced a hack on its website that has resulted in the theft of members’ personal data. The organization had reportedly failed to secure the data of its 18,000 members properly. The stored passwords of Mensa members who accessed the site were not hashed or encrypted in any way, with some sent and stored in plain text, making it a snap for hackers to gain entry. The hackers were able to access and use a Director’s password, to extract an indeterminate amount of information including personal details of members and private conversations conducted on the platform.

Risk to Exploited Individuals: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.

Customers Impacted:  21,000

Protect your data and systems by implementing a solid cybersecurity plan. Talk to a TCT team member today and we can show you how.

Robert Brown
04/02/2021

Follow us on LinkedIn:

Related Articles:
Multifactor Authentication is a must in 2021
Cyberattack risks and data breach costs are on the rise



Log a Job: