Security Breach Update
13 December 2019

An online presence is a vital part of an online strategy. So concerns are raised when 20% on online businesses will suffer a service interruption by 2020.60% of Digital businesses will suffer service interruption by 2020

For many businesses, an online presence is a vital part of their competitive strategy. Unfortunately, it’s also creating their most prescient vulnerability. According to a recent study by Gartner, by next year, more than half of all digital businesses will incur one or more cyber threats that will significantly disrupt their business.

The report notes that cybercriminals are aware of the increasingly critical and valuable data sets that companies are bringing online, and they are targeting that information to turn a profit. It also found that products for perpetuating cybercrime such as pre-packaged ransomware and phishing capabilities, have never been more prevalent, with an underground marketplace fuelled by the Dark Web.

In response, companies with a digital agenda have a responsibility to audit their defensive posture, ensuring that they are prepared to meet the moment by identifying and addressing the latest cyber trends. Notably, most cyber threats can be addressed in-house by ensuring that employees are able to identify risks and implement best practices, like strong unique passwords, and two-factor authentication across all their accounts.

Recent Breaches

Australia – Monash IVF

Exploit: Phishing scam

Risk to Small Business: Severe: A widespread phishing scam at Monash IVF was more effective than originally thought. While the group reported the breach in early November, the original assessment did not account for patient data that was compromised in the breach. The company’s confidential patient databases were unharmed in the attack, but many of the compromised staff emails contained patient data, which could have been accessed by hackers. Monash IVF stores peoples’ highly sensitive personal data, and it’s likely that this updated assessment will bring further customer and regulatory scrutiny to their business, a development that will slow the recovery process and could increase costs.

Risk to Exploited Individuals: Severe: Monash IVF stressed that many of those impacted by the breach only had their email addresses accessed, but some patients had more sensitive information compromised. This includes names, contact information, partner details, dates of birth, nationality, occupation, financial details, medical insurance details, health information, drivers’ license or passport numbers, and medical history. Victims should be aware that this data is often repurposed to compile authentic-looking phishing scams that, if acted upon by recipients, can further compromise personal data.

Customers Impacted: Unknown

New Zealand – Council of Licensed Firearm Owners

Exploit: Accidental data exposure

Risk to Small Business: Severe: A buyback program for registered gun owners failed to protect its database, exposing participants’ information to the public. The error brought significant ridicule from the program’s critics, and it underscores the importance of ensuring that user data is locked down and secure at all times. As a result of this oversight, the organization was forced to take their website offline, which will undermine its goals and could hinder its long-term prospects.

Risk to Exploited Individuals: Moderate: Internet users were able to view and take screenshots of participants’ personal details and financial information. Not only does this potentially produce a security concern because of the controversial nature of the program, but this information can quickly make its way to the Dark Web where it can be repurposed into other, more nefarious, cybercrimes. Those impacted by the breach should notify their financial institution of the event, and they should enrol in identify and credit monitoring services to ensure that their information remains secure.

Customers Impacted:  70,000

Being proactive in developing a cybersecurity strategy can be the difference in successfully defending a breach or losing millions to a harmful attack.

Protect your data, privacy and reputation, talk to a TCT sales team member today about a sound cyber strategy.

Robert Brown
13/12/2019

Follow us on LinkedIn:

Related Articles:
Ransomware attacks are impacting businesses of every day
New Threat Actor Impersonates Government Agencies

Written by