Security Breach Update
25 October 2019

Businesses underestimate the threat of stolen employee data.Businesses underestimate the threat of stolen employee data.

While every business is busy finding ways to protect their customers’ data, a recent survey found that many are not paying attention to the threat posed by stolen employee data. Only 11% of respondents reported believing that compromised employee credentials like usernames and passwords pose high risk.

However, the reality is that years of extensive data breaches have resulted in employee information being readily available on the Dark Web. Even more, hackers are leveraging tactics like credential stuffing attacks to access company networks undetected.

By failing to account for the entire threat landscape, businesses are opening themselves up to additional data exposure vulnerabilities that involve customer information.

Fortunately, companies can be proactive about identifying compromised credentials. Dark Web monitoring services alert businesses when their employee information is available for sale, providing them the opportunity to safeguard information before it is used against them.

Also, just found out that 2 well-known recruitment agencies have had their AWS buckets breached in the past month.

It was noted that both agencies buckets were exposed to the public which enabled anyone that know the right IP Address could download the candidates CVs. Taking with them their personal data.

The data breaches were found by security researcher Gareth Llewellyn.

The breach will raise questions about the security of AWS buckets, which have been accidentally configured for public access by numerous organisations, including Verizon, Dow Jones, GoDaddy and wrestling company WWE.

In July 2017, over three million wrestling fans had their sensitive personal details exposed when WWE leaked information through an AWS bucket. Voter databases have also been leaked by US firms in the same way.

While Amazon advised that they have services to help customers audit and consider configuration changes, and continue to add capabilities that give customers ways to triple check their customisations, it is still the responsibility of the business using the cloud services.

Recent Breaches

Australia – CSL – Biotherapy provider

Exploit: Insider data theft

Risk to Small Business: Extreme:  A former high-level company executive stole a treasure trove of company details that he used to procure a job with a competitor. In addition to millions of pages of trade secrets, sales information, research, and testing information, the former executive procured the information on 800 doctors working with the company. These people are contracted by the company to influence other doctors and industry members and losing these contacts could prevent CSL from capitalizing on the exclusive thought leadership of these members.

Risk to Exploited Individuals: Severe:  Although the doctors’ data was stolen for business purposes, those impacted by the breach should be aware that their information was used in an unethical and illegal manner by CSL’s former employee.

Customers Impacted: 800

New Zealand – NZ First – Political party in New Zealand

Exploit: Database exposure

Risk to Small Business: Severe:  A bad actor shared confidential information on a political party’s members with reporters. The incident is being described as “deliberate and malicious.” The data breach follows recent complaints about the party’s internal candidate selection process. Members whose data was distributed were furious, speaking with the media about their frustration over the party’s data management.

Risk to Exploited Individuals: Severe:  The compromised data reveals personally identifiable information, including names, addresses, email addresses, phone numbers, and party member due status. This information can quickly spread on hacker forums or the Dark Web where it is often used to execute additional cybercrimes. Therefore, those impacted by the breach should be especially vigilant about monitoring their accounts, and they should consider enrolling in identity monitoring services to ensure that their information isn’t being misused.

Customers Impacted:  800

Being proactive in developing a cybersecurity plan can be the difference in successfully defending a breach or losing millions to a harmful attack.

Protect your data, privacy and reputation, talk to a TCT sales team member today.

Robert Brown
25/10/2019

Follow us on LinkedIn:

Related Articles:
2019 on Pace to Set Data Breach Record
Australian businesses ill-prepared for a Data Breach

Written by