Hacks, Attacks and Breaches: 7/15/2020 to 7/21/2020
Here’s the latest installment of the Hacks, Attacks and Breaches cybersecurity news update.
The Logically team provides top cyber security stories every week to keep you up to date on the latest news headlines on cybersecurity, hacking, computer security, ransomware and other cybersecurity threats.
Exploit: Account Compromise
Twitter: Social Media Platform
Risk to Small Business: The hack heard ‘round the world this week is a huge embarrassment for social media powerhouse Twitter, after dozens of high-profile accounts were accessed illegally and used to transmit messages inviting their followers to “invest” in a bitcoin scam. Some of the affected accounts included Bill Gates, Barack Obama, Elon Musk, and Jeff Bezos. The hack was quickly discovered, and those accounts were frozen briefly while Twitter assessed and fixed the security flaw. Twitter is now reporting that the hackers targeted 130 accounts, were able to take control of 45, and 8 accounts had data downloaded. While early reports speculated on the threat actors as a sophisticated hacking group, The New York Times uncovered that the attack was actually carried out by a few unorganized hackers using a Discord server who obtained access through a “social engineering attack”. The attack is under investigation by numerous authorities including the FBI.
How it Could Affect Your Business: A “social engineering attack” is often just a fancy way of saying “phishing attack”. Failing to protect sensitive communications and data channels for your clients because of failing to undertake basic training in phishing resistance will not only cause an expensive recovery when an attack lands, it can also be embarrassing. Plus, the potential regulatory scrutiny is bound to be a headache and give ammunition to those who are looking to add more regulation to social media platforms through future legislation.
BlackBaud: Cloud Services & Financial Technology
Risk to Small Business: BlackBaud admitted that its’ success in preventing a recent ransomware attack in May 2020 wasn’t quite as straightforward as it seemed. It turns out that they did pay a ransom to the hackers, but not to decrypt files. The ransom was paid to prevent the release of the stolen data in an increasingly popular double-extortion ransomware scheme. The cloud provider, which primarily works with non-profits, foundations, educational charities, and healthcare organizations, said the incident only impacted the data of only a small subset of its customers, which they have now notified.
How it Could Affect Your Business: Ransomware is the bane of every company in today’s threat environment. Improved security awareness training, especially around phishing threats, is the best way for companies to quickly boost their defenses against ransomware.
Exploit: Unsecured Database
MyCastingFile.com: Entertainment Staffing Platform
Risk to Small Business: Researchers discovered an unsecured Elasticsearch database owned by MyCastingFile.com and filled with information about clients of the casting agency, including current and aspiring actors. It is estimated that the breach started on May 31 and wasn’t addressed until mid-June. The New Orleans based company acted quickly after they were informed of the problem, but still suffered a breach estimated to be 1GB in size, with over 260,000 user profiles leaked of clients, actors, and members of staff, including minors.
How it Could Affect Your Business: Failure to secure a database is a rookie move, and no company’s clients are going to look at that kindly – especially when that failure involved children. Customers today are concerned about data privacy, and more aware of Dark Web danger than they used to be – and they will not want to continue doing business with companies that cannot keep their information safe.
Exploit: Unauthorized Database Access
LiveAuctioneers: Online Antiques Auction House
Risk to Small Business: LiveAuctioneers has reported a major data breach courtesy of one of its third-party data processing partners. The company first noted the incident on July 10, 2020, after monitors spotted Dark Web posts advertising the sale of the company’s records company records of 3.4 million LiveAuctioneers users, as well as three million cracked username and password combinations.
How it Could Affect Your Business: Third party risk is a growing menace that’s hard for businesses to overcome. By maintaining a constant watch on Dark Web markets, businesses can get notified when credentials, including those used in accounts at third party partners, suffer a breach, lowering their risk of compromise from the stolen information.