This week there was a TON of attention in the media about dark web markets and what’s bought and sold in these shady marketplaces. Timehop, a social media nostalgia app was breached exposing the PII of at least 21 million individuals, due to lack of 2FA, while Macy’s was hit with a breach where credit card data was accessed.
Highlights from The Weekly Cyber Threat Report:
- Pedal to the metal! Gas stolen in hack.
- Tracking military workouts!
- Macy’s falls victim to a breach.
- Timehop wishes it could turn back time for more security!
United States – Macy’s
Exploit: Supply chain exploit.
Risk to Small Business: High: A bad actor accessing names and card information can severely damage consumer trust in a brand.
Individual Risk: High: Individuals affected by this breach are at high risk of their credit card details being sold on the Dark Web.
Macy’s: Large department store chain.
Date Occurred/Discovered: April 26 – June, 2018
Date Disclosed: July, 2018
Data Compromised:
Full name
Address
Phone number
Email address
Date of birth
Debit/ credit card numbers
Expiration dates
Customers Impacted: Unclear but the hacker operated undetected for almost 2 months.
https://cyware.com/category/breaches-and-incidents-news
United States – Timehop
Exploit: Lack of 2FA on cloud infrastructure.
Risk to Small Business: High: All of Timehop’s customers were a part of this breach, which discredits the organization and could have long-lasting effects on the business.
Individual Risk: Moderate: The credentials stolen could be used to compromise other accounts.
Timehop: Social media aggregation site that allows users to see posts made in the past.
Date Occurred/Discovered: July 4, 2018
Date Disclosed: July 8, 2018
Data Compromised:
Names
Email addresses
Phone numbers
Date of birth
Gender
Customers Impacted: 21 Million.
https://www.infosecurity-magazine.com/news/timehop-breach-hits-21-million/
https://www.timehop.com/security
https://techcrunch.com/2018/07/11/timehop-data-breach/
United States – Cass Regional Medical Center
Exploit: Ransomware.
Risk to Small Business: High: A ransomware attack on any business in any sector would greatly diminish the organization’s ability to operate as needed. In some ransomware cases the data encrypted is lost entirely.
Individual Risk: Moderate: At this point in time there is no evidence that the data affected was also exfiltrated.
Cass Regional Medical Center: Missouri based medical center.
Date Occurred/Discovered: July 9, 2018
Date Disclosed: July 9, 2018
Data Compromised: The medical center’s internal communications system and access to their electronic health record system were affected by the hack, but there is no public indication that patient data has been accessed.
Customers Impacted: Many details surrounding the attack are being withheld from the public at this time, but restoration of the affected systems were at 50% as of July 10, 2018.
https://cyware.com/news/missouris-cass-regional-medical-center-hit-with-ransomware-attack-92884b12
Germany - DomainFactory
Exploit: Dirty cow vulnerability. (this is a nine-year-old critical vulnerability has been discovered in virtually all versions of the Linux operating system and is actively being exploited in the wild)
Risk to Small Business: High: A breach including banking account numbers would heavily damage the reputation of a small business.
Individual Risk: High: A wealth of PII was accessed during this breach and could leave individuals vulnerable to account takeover or identity theft.
DomainFactory: Web hosting service based in Ismaning.
Date Occurred/Discovered: July 6, 2018
Date Disclosed: July 9, 2018
Data Compromised:
Names
Addresses
Phone numbers
DomainFactory passwords
Dates of birth
Bank names/ account numbers
Schufa scores
Customers Impacted: The amount of customers impacted has not been made publicly available.
https://www.zdnet.com/article/user-data-exposed-in-domain-factory-hosting-security-breach/
https://www.infosecurity-magazine.com/news/unauthorized-party-accessed/