Hacks, Attacks and Breaches: 12/11/19 – 12/17/19
Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update. The Logically team provides top cyber security stories every week to keep you up-to-date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
Exploit: Credential stuffing attack
Academy Sports + Outdoors: Sporting goods retailer
Risk to Small Business: Hackers used previously stolen, legitimate login credentials to access customer accounts. The company noticed the breach after unusual activity was detected on certain user logins. In response, Academy Sports + Outdoors is encouraging customers to reset their passwords. Unfortunately, the breach occurred during the busy holiday shopping season, and customers have increasingly shown that they are less willing to engage with platforms that have a track record of cybersecurity lapses. This could harm the company’s sales at a critical time for gaining traction.
How It Could Affect Your Business: Customers are fed up with data breaches, and they are taking out their anger on companies that can’t secure their information. Therefore, a data breach is more than just a cyber incident. It’s a collapse in customer service of the highest magnitude, and a priority that retailers looking to succeed in today’s digital environment must immediately address.
Complete Technology Solutions: IT Service Provider
Risk to Small Business: A ransomware attack on Complete Technology Solutions, an IT service provider for dentistry practices, disrupted operations at more than 100 practices. When a company server was compromised, it allowed hackers to infect client computers with ransomware that disabled network security, data backups, and phone services. The attack began on November 25th and has continued to disrupt services more than two weeks later. Complete Technology Solutions declined to pay a $700,000 ransom to release the information, and decryption keys later provided by the hackers only unlocked some of the affected computers. As a result, the recovery process is incredibly complicated, and it will certainly have long-term repercussions for the company.
How it Could Affect Your Business: Ransomware attacks always extract an expense from their victims, but the opportunity cost and reputational damage associated with a cybersecurity incident can be the most devastating. In this case, Complete Technology Solutions will almost certainly lose customers because of this incident, and their long-term business prospects are likely to be diminished. It underscores the importance of cybersecurity for any company that wants to remain competitive amidst an ominous threat landscape
Prison Rehabilitative Industries & Diversified Enterprises (PRIDE): Private, non-profit social services organization.
Risk to Small Business: PRIDE was struck by a ransomware attack that crippled its website and brought its services offline. The attack, which first occurred on December 7th, continues to disrupt services nearly a week later. As a non-profit organization, PRIDE will have a difficult time procuring the resources to remove the malware, and the service outages are making it difficult or impossible to fulfill their mission and provide critical services to a client base in need.
How It Could Affect Your Business: Ransomware attacks can feel ominous and inevitable. However, organizations can protect against these common, increasingly expensive malware attacks by ensuring that their IT infrastructure doesn’t provide a foothold for infiltration. For instance, securing employee accounts, guarding against phishing scams, and updating firewall protections can all ensure that ransomware doesn’t compromise your company’s mission or bottom line.