Security Breach Update
18 October 2018

New research has revealed that a whopping 90% of all malware is delivered via email. It was also discovered that the average employee will not go 48 hours without seeing a phishing message.

In addition, over half of the phishing messages examined used the word “invoice” in the subject line.

A little under a quarter (21%) of the flagged emails also had malicious attachments sent with the phishing message.

Recent Breaches

United States – Shopper Approved – Utah-based company that provides a review widget for other companies’ websites, that allows customers to post reviews.
Exploit: Malicious code.
Risk to Small Business: Severe: This is another attack conducted by one (or more) of the several groups who operate under a similar style, given the term Magecart as a general identifier. Magecart is also responsible for the hacking of Ticketmaster and British Airways.

If your business uses Shopper Approved, you should remove the code from your website immediately.

Risk to Exploited Individuals: Severe: Those affected by this breach should cancel their credit cards and enrol in a credit monitoring service.
Customers Impacted:  Unknown at this stage, however the incident only lasted 2 days before being discovered.

United States – Rebound Orthopaedics and Neurosurgery – Vancouver-based orthopaedics and neurosurgery practice
Exploit: Compromised employee credentials.
Risk to Small Business: Severe: This breach would have a long-lasting effect on customer trust for any business, and in many countries the government will fine an organization heavily for failing to secure health data.
Risk to Exploited Individuals: Severe:  Health information is valuable data for hackers and useful for identity theft. Those affected by this breach are at a severe risk for insurance fraud and identity theft.
Customers Impacted:  2800

Being proactive in developing a cybersecurity plan can be the difference in successfully defending a breach or losing millions to a harmful attack.

Protect your data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown
18/10/2018

Follow us on LinkedIn:

Related Articles:
October – National Cybersecurity Awareness Month
Human Factor in Cyber Security

Written by