29 Oct Security Breach – 29 Oct 2018
When looking for a job, usually you would check one of the many job hunting sites you see in commercials or circle ads in newspapers (at least at one point you did).
Some people do something very similar… but on the Dark Web searching for an illicit job. Many job postings on the Dark Web seem like normal job ads. But when you look closer you will notice that advert for a driver not only needs the person to drive but also transport drugs.
The driver would make $1,000 for a week of work, not including the living expense compensation. One of the more lucrative opportunities on the Dark Web job market is the corporate insider. The most common target is financial employees who, in one example, are offered $3,150 to get a loan or increase cash withdrawal limits on a card. Postal workers are also targeted to steal packages.
United States – Disqus – A network community platform that allows users to blog or comment on other company’s websites.
Exploit: Exposed Database.
Risk to Small Business: Severe: Although roughly 1/3 of the 17.5 million records compromised involved passwords, they happened to be salted/hashed. The company also discovered and announced the breach in a quick manner and notified the affected customers.
Risk to Exploited Individuals: Severe: Those affected by this breach will be at a high risk of identity theft.
Customers Impacted: 5.8 million
United States – Tumblr – A popular blogging website.
Risk to Small Business: Severe: While Tumblr deserves some credit for 1. Having a bug bounty program that resulted in catching this bug, and 2. Fixing the bug in less than 12 hours after it was discovered, many customers will not appreciate their personal information being leaked and will react accordingly. Tumblr’s timely response, disclosure of the breach, and its bug bounty program will likely reduce the impact on the business significantly
Risk to Exploited Individuals: Moderate: Email addresses were leaked so those affected by the breach are at a higher risk of spam.
Customers Impacted: All of the ‘recommend blogs’ shown on Tumblr.
Being proactive in developing a cybersecurity plan can be the difference in successfully defending a breach or losing millions to a harmful attack.
Protect your data, privacy and reputation, talk to a TCT sales team member today.
Follow us on LinkedIn: