Hacks, Attacks and Breaches: 1/20/2021 to 1/26/2021
Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
Teespring: eCommerce Platform
Risk to Small Business: Hackers have dropped a huge trove of user and creator data allegedly from Teespring, an e-commerce platform that specializes in enabling designers to market their wares. The two massive files of stolen data include email addresses and last update dates for 8,242,000 user accounts.
How it Could Affect Your Business: Data like this is sought-after by cybercriminals and often hangs around for years on the Dark Web, acting as fuel for future cybercrime.
Exploit: Unsecured Server
Circuit Court of Cook County: Municipal Court System
Risk to Small Business: An unsecured Elasticsearch server is the cause of a huge data exposure containing more than 323,277 Cook County court-related records. Researchers estimate that the database may have belonged to a specialist Cook County department of caseworkers working with people who needed additional help.
How it Could Affect Your Business: Failing to take a simple step to secure a server that contains sensitive information doesn’t speak well to an organization’s commitment to cybersecurity.
MeetMindful: Dating Site
Risk to Small Business: Details of an estimated 2.28 million users of dating site MeetMindful was just released online in the latest in a series of stolen data dumps by cybercrime gang ShinyHunters. There’s no clear origin of the data, but researchers expect that it may have come from an unsecured AWS S3 bucket.
How it Could Affect Your Business: Keeping data safe from hackers starts with keeping data secure using strong access point controls and basic security protocols like multifactor authentication.
Bonobos: Menswear Retailer
Risk to Small Business: Men’s clothier Bonobos has experienced a huge 70GB data breach exposing millions of customers’ personal information after a cloud backup of their database was snatched. ShinyHunters, who had a very busy week, posted the full Bonobos database to a free hacker forum. ShinyHunters was kind enough to transform the stolen password data into a handy list for credential stuffing.
How it Could Affect Your Business: Data theft is an increasingly worrisome problem for everyone. Not only is the original business impacted, the addition of such large troves of information to the Dark Web fuels further cybercrime.