Security Breach Update
25 June 2020

Using strong passwords helps in identity protection and theftImproving password security improves all of your defences, especially for identity protection.  

One of the top concerns that many businesses have when making a cybersecurity plan is how to protect themselves from cybercriminals. But that’s not the right thing to have at the top of your cybersecurity checklist.

More cybersecurity incidents like a data breach are caused by human error than anything else – and one of the worst errors that many staffers make is creating a terrible password.

Bad, weak, cracked, or compromised passwords are the bread and butter of cybercrime. Login credentials are currency, especially for privileged users.

The fastest, cheapest, and easiest way to immediately improve your cybersecurity is to teach and enforce good password hygiene. It is not just about the business data, privacy and reputation, it is also about identity protection.

There are a number of good password vault programs out there. We use and recommend F-Secure ID Protection (formally F-Secure KEY).

F-Secure have now included into ID Protection email monitoring for up to 5 email addresses. This addition to the program is fantastic for identity protection so you can action quickly if your credential has been detected in a breach.

Recent Breaches

United States – Netsential – Web Development Firm

Exploit: Unauthorized Database Access

Risk to Small Business: Extreme: A security breach at this Texas-based web development company led to the exposure of hundreds of thousands of potentially sensitive files from U.S. police departments. Dubbed “BlueLeaks”, this massive data breach contained 270 gigabytes of information going back 24 years, from August 1996 through June 19, 2020. Files contained names, email addresses, phone numbers, PDF documents, images, and video, CSV, and ZIP files related to criminal investigations. Some of these files also contained sensitive financial information as well as personally identifiable information and images of suspects from law enforcement and government agency reports.

Risk to Exploited Individuals: Extreme:  While there is no estimation of how many individual records were exposed, anyone who suspects that their information may have been affected should monitor their personal and financial accounts for potential fraud and beware of spear phishing attempts

Customers Impacted:  Unknown

Australia – BigWorld Technology – Massively Multiplayer Online Game Developer

Exploit: Unauthorized Database Access

Risk to Small Business: Severe:  Usernames, passwords, email addresses, phone numbers, and IP addresses belonging to players of popular adventure MMO Stalker Online recently appeared on the Dark Web. Game developer BigWorld Technology admits the passwords were stored in MD5, a known insecure secure encryption algorithm. Two databases were found on underground sites by cybersecurity researchers, one containing around 1.2 million records and another of 136,000 records.  Bad actors had also set up a shop on Shoppy.gg hawking the data, which was operational for more than a month and has since been shut down.

Risk to Exploited Individuals: Severe: While no financial information was reported compromised in the breach, Stalker Online does involve micro transactions making account data compromise a risk. Players may also be at risk of identity theft and should reset their credentials immediately.

Customers Impacted:  1.3 million.

Being proactive in developing a cybersecurity plan can be the difference in successfully defending a breach or losing millions to a harmful attack.

Protect your staff, data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown
25/06/2020

Follow us on LinkedIn:

Related Articles:
Ransomware is everywhere, and every company is at risk
Small businesses suffer more than a quarter of all breaches

Written by