Hacks, Attacks and Breaches: 12/18/19 – 12/24/19
Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update. The Logically team provides top cyber security stories every week to keep you up-to-date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
Exploit: Malware attack
Rooster Teeth Productions: Entertainment production company
Risk to Small Business: Hackers injected malware into the company’s online store that siphoned off customers’ payment details at checkout. The breach was first detected on December 2nd, and the company claims that the malware was removed on the same day. However, it’s unclear why they waited several weeks before notifying customers of the breach. Rooster Teeth Productions has sent breach notification letters to those impacted by the incident, but the episode will certainly have a negative impact on the brand’s reputation at a critical time of year for sales.
How It Could Affect Your Business: The timing of this data breach couldn’t be worse. Customers continually demonstrate that they aren’t willing to make purchases from platforms that can’t secure data, so Rooster Teeth Productions will almost certainly lose business during the busy holiday shopping season. Any company relying on e-commerce sales needs to understand cybersecurity risks and take necessary steps to ensure their revenue centers do not become liabilities.
Exploit: Phishing attack
Conway Medical Center: Healthcare provider
Risk to Small Business: Several employees fell for a phishing scam that provided hackers access to patients’ personal data. Although the healthcare provider quickly identified the intrusion and cut off access to those accounts, they can’t recover information already accessed by cybercriminals. As a result, Conway Medical Center will face regulatory scrutiny, which often results in fines and other penalties that can damage their reputation and profitability.
How it Could Affect Your Business: This major cybersecurity incident was entirely avoidable, since phishing scams are only effective if employees engage with malicious emails. Unfortunately, Conway Medical Center will now bear the cost of credit and identity monitoring services for thousands of patients, as well as the fines and penalties that often accompany a breach. In contrast, comprehensive employee awareness training is a bargain, protecting your company against the phishing attacks that will inevitably make their way to employee inboxes.
Exploit: Malware attack
Central Square Technologies: Technology services provider for public sector agencies
Risk to Small Business: Hackers compromised the Click2Gov payment system that allowed customers to pay their utility bills online, allowing them to siphon off payment details from customers. Specifically, the breach impacts the City of Marietta, as customers who entered payment information on the website between August 26th and October 26th may have had their credit card information stolen. However, the breach does not impact those paying in person, over the phone, or who are enrolled in the auto-pay system. Unfortunately, the company didn’t identify the breach until early December, which will complicate their recovery efforts and place customers at greater risk for data misuse.
How It Could Affect Your Business: Third-party partnerships are important business initiatives in today’s digital environment, but when they result in a cybersecurity incident, the repercussions often far outweigh the opportunities. Moreover, vendors with a track record for lax cybersecurity standards will likely find it difficult to find customers willing to work with them, making data security a critical component of any successful business model.