Security Breach Update
22 March 2019

Data Never Expires on Dark WebDid you know that data never expires on the Dark Web?

In the ongoing slew of mega data breaches, it’s likely that our personal information has been breached and is being auctioned off on the Dark Web.

Hackers are not only scooping up more personally identifiable information (PII) than ever before, but also additional information that can be leveraged to conduct damaging fraud. At the same time, we are falling prey to the phenomenon of “data breach fatigue.”

Simply changing a few passwords is not enough. When a hacker gets his hands on persistent records such as a customer name, SSN, or permanent address, it almost never expires.

The only way to survive in this new reality is by protecting employees and customers from identity theft.

How can this be accomplished?

Investing in identity theft solutions that can detect compromises proactively by monitoring for an organization’s employee and customer data on the Dark Web.

 Recent Breaches

New Zealand – Kathmandu Holdings Ltd – Outdoor clothing and equipment retailer.

Exploit: To be determined.

Risk to Small Business: Severe: The company recently learned that an unauthorized party gained access to their website between January 8th and February 12th, compromising the personal information of customers. After hiring cybersecurity consultants, Kathmandu proceeded to reset passwords and notify potentially affected customers. Although it is unclear exactly how this will affect the retailer, a sharp decrease in brand equity and customer loyalty is imminent.

Risk to Exploited Individuals: Moderate: Everything from billing/shipping names, addresses, email accounts, and phone numbers to payment and loyalty card details was compromised. Customers who have shopped online with the store should immediately begin to contact their financial institution, reset passwords, and monitor their credit reports.

Customers Impacted: To be determined

New Zealand – Christchurch cyber scams – Largest city in the South Island of NZ that recently suffered from a mass shooting

Exploit: Dormant email account hack.

Risk to Small Business: Severe: Government agency CERT NZ warned citizens of opportunistic scams seeking to exploit the recent Christchurch tragedy. These cyber-attacks have taken the form of phishing emails for fake donations, malware-embedded videos, and fraudulent websites. Companies that offer work-from-home policies to employees and operate on networks that unsecured should beware of resulting compromises.

Risk to Exploited Individuals: Moderate: Individuals can avoid putting themselves at risk by simply exercising basic cybersecurity awareness. However, giving payment information on the wrong website or clicking the wrong video can result in fraud and malware that is difficult to trace.

Customers Impacted:  Unknown.

Being proactive in developing a cybersecurity plan can be the difference in successfully defending a breach or losing millions to a harmful attack.

Protect your data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown
22/03/2019

Follow us on LinkedIn:

Related Articles:
Your Greatest Vulnerability
Erosion of Customer Loyalty

Written by