Monthly Breach Report: June 2019 Edition
Jun 7, 2019
Data breaches serve as a rude reminder that despite all the technological advancement, businesses need to be cautious and watchful in their data management approach. Moreover, they bring the issue to light that both business and security risks are connected and need to be addressed together.
Since compromised data can be a crushing blow to any organization irrespective of its size, shape and industry expertise, breach containment should be a top priority for businesses. Keeping in mind that data breaches can jeopardize the company’s future investments, hamper employee morale and reputation and much more, today we will throw light on some of the most crucial data breaches that shook the world of business last month. Although not all of these incidents are particularly large; however, the type of attack or the sensitivity of the compromised data proves that user data is vulnerable and should be treated on priority.
So without further ado, go through our list and prepare your business for the inevitable breach.
May 21, 2019 – Prominent IT services provider HCL Technologies became the latest target of a security breach when it unintentionally allowed online access to crucial sensitive organizational information like employee passwords, client project details, etc.
The tech giant resorted to prompt measures as soon as it was notified by Australia-based cybersecurity entity UpGuard about the incident on May 6. According to a blog posted by UpGuard, the exposed confidential data comprised candidate name, ID, contact number, date and location of joining, recruiter name, user name, offer accepted status, a link to the candidate form, cleartext password, etc.
Reports suggest that all of the data was made available on the subdomains of HCL-owned domain. Keeping the distinctiveness of the breach, UpGuard researchers decided to ‘wait and watch’ approach to inform HCL despite identifying the mishap on the 1st of last month.
May 14, 2019 – WhatsApp, a messaging app which is used by over 1.5-billion people globally, recently encountered a nasty digital attack that allowed hackers to install spyware making use of its call feature.
Reports suggest that the installation didn’t even need the device owner to answer the call as it took place making use of WhatsApp’s call feature. During the attack, the targeted device would start mentioning its encrypted content as soon as the dialed is attacked.
WhatsApp claims the attack appeared to be carried out by a private sector player that works with governments to deliver spyware. It was further suggested that the Israel-based cybersecurity enterprise, NSO Group, is likely to be the mastermind behind the attack as it was aimed at only selected individuals.
WhatsApp realized the potential of the attack when cybercriminals were able to successfully install surveillance software on iPhones and Android by simply calling the targets using the app. Apart from informing the US Justice Department and several human rights organizations, WhatsApp has advised users to upgrade the app and also clarified that their Engineering team are making concerted efforts to close any security lapse caused by the spyware installation.
Last year, WhatsApp’s parent company Facebook made headlines for a series of privacy and security breaches they encountered themselves.
3. Russian Government
May 15, 2019 – Personal and passport related information of over 2.25-million Russian citizens, comprising government employees and high-ranked politicians, were leaked by different Russian government websites.
The information leak was discovered by Ivan Begtin who is the co-founder of a Russia-based NGO called Informational Culture. Begtin’s blog stated that he made the discovery about the security leak after he carried out a detailed probe on 50 government portals, government online certification centers and an e-bidding site that are used by the government agencies.
He also said that the security breach disclosed information was available online. Begtin also claimed despite informing Russia’s government agency handling data privacy about the leak nearly eight months back, no action was taken.
Varied news report suggests that important information of top-notch Russian government officials, comprising deputy chairman of the Russian Duma (Parliament) Alexander Zhukov, two ex-deputy prime ministers Arkady Dvorkovich and Anatoly Chubais were not even spared as it was part of the leak as well.
Source: Moscow Times
4. Shubert Organization
May 24, 2019 – New York-based theatrical producing organization, The Shubert Organization has announced that it was hit by a data breach. The revelation came only after some unlawful activity was observed on an employee’s email account in February this year, and then Shubert initiated a probe in collaboration with forensic experts.
The investigation, that concluded in Mid-March, clarified that the leak allowed access to the email accounts of the employees, which comprised the customer names, credit card details like numbers and expiration dates.
The Shubert Organization, the owner of 17 Broadway theaters and the popular ticketing service Telecharge, has resorted to security measures to ensure data protection and avoid such incidents in the future. As part of its efforts to ensure privacy, the company will train employees, launch relevant security updates and offer the affected parties with credit monitoring services.
Apart from informing the state regulators and Attorneys General about the incident, a dedicated call center has also been set up by Shubert so that queries can be resolved on priority.
5. Freedom Mobile
May 8, 2019 – Calgary-based wireless telecommunications provider owned by Shaw Communications Freedom Mobile’s operations were hit by a phishing attack.
The carrier with operations spread across Ontario, Alberta and British Columbia stated in an official statement that the security breach affected approximately 15,000 clients and the claim of 1.5-million customers affected made by vpnMentor wasn’t true. The attack was the discovery of researchers at vpnMentor Noam Rotem and Ran Locar, who had shared a warning based on their findings some time back.
Soon after the data leak incident surfaced, an in-depth investigation was initiated on March 25 in which it was found that the breached data was processed by the third-party vendor, Apptium Technologies that was responsible for streamlining Freedom Mobile’s retail customer support.
Freedom Mobile, touted as Canada’s fourth largest cell network, further said that the impacted clients were from 17 retail outlets who either opened or changed accounts as late as April 15 or made alterations to the opened accounts on April 16. By April 23rd, the issue was taken care of.
Furthermore, the telecom player has decided to carry out a complete forensic investigation soon to understand the severity of the leak.
May 21, 2019 – Looking at the data breach trend, it appears that no one is safe from the hackers. Online tutoring website Wyzant’s databases was intruded by unknown hackers with the motive to access a data subset.
An email from Wyzant stated that the personal information of the users accessed by the hackers comprised email addresses, full names, zip codes, Facebook profile images (who choose to log in through their Facebook accounts). It was also clarified that other key data like password, payment details or activity logs were not part of the breach.
Wyzant, that has more than two million registered users and more than 80,000 instructors, has not shared the exact count of customers who became a victim of this breach. To stop the recurrence of such events in the future, Wyzant has implemented additional measures that comprise scrutinizing the security protocols and processes apart from collaborating with law enforcement agencies.
7. Redtail CRM
May 21, 2019 – Few of the users of Redtail Technology’s CRM software (comprising financial advisors) became a victim of a data breach when their customers’ personal information was leaked online.
In an email sent out to the affected advisors, Redtail informed that it became aware of the incident on March 4, that had affected less than just 1% of the total customers. Redtail CEO Brian McLaughlin clarified that efforts were being made to ensure the safety of the customers’ data and hence free access to Symantec product to the affected advisors has been given.
Although the exact number of impacted customers wasn’t shared, Redtail has clarified that the data breach wasn’t an intentional third-party intrusion rather a temporary exposure. To identify which customers’ data got compromised apart from ensuring removal of the impacted files, Redtail has decided to come up with a specific solution.
Currently, Redtail’s CRM enjoys 57% market share and is hugely popular among the financial advisory market.
Source: Investment News
May 18, 2019 – Hundreds of LibertyBus customer’s data got compromised when the bus operator’s top-up website became a victim of a data leak. It was found that the hackers used a spoof platform to divert those customers who were eyeing to top up their pre-paid AvanchiCards. A probe has already been initiated by the Office of the Information Commissioner to find more details about it.
Apart from shutting down the site, the bus operator announced that the breach affected a total of 361 people in Jersey who accounted for nearly 2% of the Island’s 20,000 AvanchiCard users.
Also, LibertyBus’ sister concern CT Plus in Guernsey witnessed a similar kind of attack which impacted over 80 of its customers.
Source: Jersey Evening Post
Dataguise understands the importance of data privacy and how frustrating data breaches can be for consumers and the businesses entrusted with their data. Although anyone can be a target, Dataguise DgSecure provides enterprise solutions for businesses small and large to combat these threats while ensuring all sensitive data across an organization is accounted for, protected, and compliant with industry and global data privacy laws. To learn more about Dataguise DgSecure, contact us for additional information.