Back to top

Hacks, Attacks and Breaches: 3/17/2021 to 3/23/2021

Suzanne Gassman

Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.

The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.

United States – Descartes Aljex Software

Exploit: Unsecured Database
Descartes Aljex Software: Shipping Software Developer

Risk to Small Business: An unsecured database is always trouble as Descartes Aljex Software discovered this week. 103 GB worth of data belonging to the New Jersey-based company was discovered by researchers after it was left exposed on a misconfigured AWS S3 Bucket. The exposed data contained corporate, client and employee information.

How it Could Affect Your Business: Third-party and supply chain risk is growing more dangerous for businesses as the ripple effect of breaches like this fuel’s cybercrime. Take precautions now to avoid headaches later.

United States – Guns.com

Exploit: Hacking
Guns.com: Online Gun Marketplace

Risk to Small Business: An enormous database from Guns.com made an appearance in a hacker forum this week and it is a major trove of information. The abundant data contains both administrator and user information including user IDs, full names, an estimated 400,000 email addresses, password hashes, physical addresses, zip codes, city, state, Magneto IDs, phone numbers, account creation date and other personal details. One of the folders in the leaked database includes customers’ bank account details including full name, bank name, account type and Dwolla IDs. To top it off, an Excel file in the database was exposed containing sensitive login details of Guns.com including its administrator’s WordPress, MYSQL, and Cloud (Azure) credentials, with all admin credentials including admin emails, passwords, login links, and server addresses in plain text format.

How it Could Affect Your Business:  Sensitive Personally Identifiable Information (PII) requires strong protection, especially when financial information for clients is at stake.

United States – Maricopa Community College

Exploit: Ransomware
Maricopa Community College: Institution of Higher Learning

Risk to Small Business: Classes have been disrupted as a suspected ransomware attack has caused extensive IT outages at Maricopa Community College. Education tools including MyInfo, Canvas, RioLearn, Maricopa email, Maricopa Google Tools and the Student Information System/Student Center are unavailable. The 10-college system has extended the semester by at least a week and expects service to be restored this week.

 How it Could Affect Your Business: One small email handling mistake can have devastating consequences. Stop ransomware from clobbering your business by preventing employees from interacting with phishing emails.