Security Breach – 18 July 2018

Security Breach – 18 July 2018

This week we have seen a ton of media attention about the dark web markets, what is bought and sold in these shady places.

In other news, there was reports of medical records of deceased people being sold on the dark web. Medical records are classed as more valuable that credit card details, even people that have passed on!

Also found on the dark web, US Classified documents up for sale for $200 USD. Recently a lot of military documents have turned up on the Dark web after a medium level hacker exposed an existing FTP vulnerability. One of the documents is a maintenance book for the MQ-9 Reaper drone, which is regarded as one of the deadliest drones used by the United States. Who’s spying on Who now!

Recent Breaches

United States – Macy’s – Large department store chain.
Exploit: Supply chain exploit.
Risk to Small Business: High: A bad actor accessing names and card information can severely damage consumer trust in a brand.
Risk to Exploited Individuals: High: Individuals affected by this breach are at high risk of their credit card details being sold on the Dark Web.
Customers Impacted:  Unclear but the hacker operated undetected for almost 2 months.

United States – Timehop – Social media site that allows users to see posts made in the past.
Exploit: Lack of 2FA (Two-Factor Authentication) on cloud infrastructure.
Risk to Small Business: High: All of Timehop’s customers were a part of this breach, which discredits the organization and could have long-lasting effects on the business.
Risk to Exploited Individuals: High: The credentials stolen could be used to compromise other accounts.
Customers Impacted:  21 Million.

 Germany – DomainFactory – Web hosting company.
Exploit: Dirty cow vulnerability. (This is a nine-year-old critical vulnerability has been discovered in virtually all versions of the Linux operating system and is actively being exploited in the wild).
Risk to Small Business: High: A breach including banking account numbers would heavily damage the reputation of a small business.
Risk to Exploited Individuals: High: A wealth of PII was accessed during this breach and could leave individuals vulnerable to account takeover or identity theft.
Customers Impacted:  The amount of customers impacted has not been made publicly available.

Do you know if your business has had a data leakage?

Protect your data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown

Follow us on LinkedIn:

Related Articles:
Hackers rolling in it!
Not all Passwords are created Equal

Log a Job: