Week in Breach

This week, accidental data exposure erodes brand reputation, ransomware disrupts operations, and insurers increase their scrutiny of cybersecurity policies. 

Dark Web ID Trends:

  • Top Source Hits: ID Theft Forums
  • Top Compromise Type: Domain
  • Top Industry: High-Tech & IT
  • Top Employee Count: 11 – 50

United States – Edison Mail 

https://threatpost.com/edison-mail-ios-bug-exposes-emails-to-strangers/155814/

Exploit: Coding error

Edison Mail: Email application

gauge showing severe risk

Risk to Small Business: 2.171 = Severe

A coding error in Edison Mail’s popular iOS app allowed messages to be viewed by other users. The update was released on Friday, May 15th, and the company claims that it was repaired by the end of the weekend. However, for an app that touts its advanced security features, this oversight undermines one of its primary selling points. What’s more, three days is an eternity in the cybersecurity space, giving bad actors ample time to take advantage of this vulnerability. Users, incensed by the oversight, aggressively criticized the platform on social media, adding a PR component to an already-arduous recovery process.

2.5 – 3 = Moderate Risk

Individual Risk: 2.602 = Moderate

The app’s flaw only applies to iOS users who downloaded the update on May 15th. Many victims noted that they could read up to 100 emails from accounts that didn’t belong to them, potentially compromising anything in those messages. Those impacted by the breach should carefully monitor their accounts for misuse, and they should consider enrolling in credit and identity monitoring programs to help secure their information if it falls into the wrong hands.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: After years of seemingly endless cybersecurity incidents, many consumers are finally fed up with companies that can’t protect their privacy. As many users commented on social media, this event undermined their trust in the application, which could prompt them to turn to a competitor for a more compelling platform. In this way, cybersecurity can be considered a bottom-line differentiator that can make or break companies in the digital economy.

ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal Assist, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.


United States – Home Chef 

https://www.bleepingcomputer.com/news/security/home-chef-announces-data-breach-after-hacker-sells-8m-user-records/

Exploit: Unauthorized database access

Home Chef: Meal kit & food delivery company

gauge showing severe risk

Risk to Small Business: 1.790 = Severe

Hackers obtained a database containing customer data, and sold the information on the Dark Web. The database, which was lifted in a data breach in early May, was available for just $2,500, and it contains the personal data for more than 8 million customers. This incident will further stigmatize Home Chef, which is still grappling with the cybersecurity implications of the previous breach.

gauge showing severe risk

Individual Risk: 1.980 = Severe

The database stored customer details, including email addresses, encrypted passwords, partial credit card information, genders, ages, and subscription information. Victims should immediately update their Home Chef account passwords and any other platform credentials using the compromised data. In addition, they should carefully monitor their online accounts for instances of fraud or misuse.

Customers Impacted: 8,000,000

How it Could Affect Your Customers’ Business: Customers’ personal data is a valuable commodity, and there is an army of ready buyers on the Dark Web. In response, every company needs to know when their company or client data is being circulated in this nefarious environment, potentially giving them an opportunity to respond before bad actors can capitalize on its availability.

ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web ID is the leading Dark Web monitoring platform in the Channel. The award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact.


United States – Wishbone

https://www.zdnet.com/article/hacker-selling-40-million-user-records-from-popular-wishbone-app/?&web_view=true

Exploit: Unauthorized database access

Wishbone: Poll & Comparison App

gauge showing severe risk

Risk to Small Business: 1.562 = Severe

A company database was stolen by hackers, who then released the data in full on the Dark Web. The information was captured as part of a cybersecurity incident that occurred in January 2020, and it’s unclear why it took Wishbone more than five months to identify the incident. This is the second cybersecurity incident for the perennially popular company. Now, consumers are much less forgiving. In addition, today’s regulatory environment is significantly more critical of companies’ cybersecurity stance, which could contribute to a multifaceted problem for the platform moving forward.

gauge showing severe risk

Individual Risk: 1.670 = Severe

Users’ personal data was exposed in the breach. This includes usernames, email addresses, phone numbers, hashed passwords, and profile pictures. This information is easily obtained on the Dark Web, and everyone impacted should immediately update their account passwords and take steps to secure their personal details. Since this information can quickly be redeployed in a spear phishing campaign, victims need to be especially vigilant about monitoring the veracity of incoming messages.

Customers Impacted: 40,000,000

How it Could Affect Your Customers’ Business: Consumers and data privacy regulators are increasingly critical of companies that fail to protect customer data. Moving forward, it’s evident that data security will be a bottom-line issue for many companies, as they will rely on their defensive capabilities to bolster consumer sentiment and to ward off regulators, both of whom are ready to hold businesses accountable for privacy violations.

ID Agent to the Rescue: Dark Web ID is the leading Dark Web monitoring platform in the channel for a reason. Our award-winning platform combines human and sophisticated Dark Web intelligence to identify, analyze, and proactively monitor the Dark Web for your organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact.


United States – Mathway

https://www.bleepingcomputer.com/news/security/mathway-investigates-data-breach-after-25m-records-sold-on-dark-web/

Exploit: Unauthorized database access

Mathway: Online tutoring and mathematics education platform

gauge showing severe risk

Risk to Small Business: 1.807 = Severe

Hackers accessed a company database and made it available for sale on the Dark Web. The breach was first detected by cybersecurity researchers when the platform’s data was available for private purchase. Now, it’s widely available to bad actors for $4,000. The incident is especially untimely, as students and teachers turn to online platforms to supplement learning opportunities while schools operate remotely. It could impact the platform’s ability to capitalize on this prominent moment for ed-tech services.

gauge showing severe risk

Individual Risk: 1.780 = Severe

While Mathway is unable to detail specific data sets compromised in the breach, they acknowledged that users’ account credentials were exposed. Consequently, all users should reset their account passwords and continue to monitor their accounts for instances of fraud. As the company provides more specific details, users should continue to adjust their response accordingly.

Customers Impacted: 25,000,000

How it Could Affect Your Customers’ Business: There are millions of account credentials available on the Dark Web, and businesses that are serious about securing their data will put an additional layer of protection between login credentials and IT infrastructure. Taking simple steps, like adding Dark Web monitoring to a company’s cybersecurity plan, can help companies keep their data secure even when passwords are compromised.

ID Agent to the Rescue:  Let us search the Dark Web so you don’t have to. Dark Web ID is the top solution in the channel because it works, using human and machine intelligence to monitor the Dark Web for your business information and passwords 24/7/365, giving you peace of mind that fits your business and your bottom line. https://www.idagent.com/dark-web-id-enterprise


Cyprus – Covve

https://portswigger.net/daily-swig/covve-revealed-as-source-of-data-breach-impacting-23m-individuals

Exploit: Unauthorized database access

Covve: Address book app  

gauge indicating severe risk

Risk to Small Business: 2.208 = Severe

A cybersecurity researcher identified an unsecured database containing millions of customers’ personal data. The database was first discovered in February, but the breach wasn’t linked to Covve until May 15th. It took the company several days to identify the scope of the incident before notifying customers. Although the company notes that the breach contains “mostly scrapable data from public sources,” it will undoubtedly have meaningful customer satisfaction and public relations blowback for the company.

gauge indicating moderate risk

Individual Risk: 2.702 = Moderate

The exposed database includes some users’ names, job titles, email addresses, phone numbers, and physical addresses. Covve notes that account details, including login credentials, remain secure, but this information can be repurposed for numerous identity and financial crimes. Those impacted by the breach should enroll in an identity monitoring service to ensure the long-term integrity of their information, and they need to carefully vet their incoming messages to identify potential spear phishing messages.

Customers Impacted: 23,000,000

How it Could Affect Your Customers’ Business: Today’s companies are constantly under siege from bad actors, making an accidental, avoidable data breach especially problematic. Given the numerous ways that company or customer data can make its way into the wrong hands, every company needs advanced notification when their information could be compromised.

ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at https://www.idagent.com/dark-web/.


United Kingdom – EasyJet      

https://www.dailystar.co.uk/news/latest-news/breaking-easyjet-hacked-9m-customers-22050964

Exploit: Unauthorized database access

EasyJet: Airline

gauge showing severe risk

Risk to Small Business: 1.809 = Severe

Hackers accessed EasyJet’s network, compromising customer details and exposing them to potential cybersecurity risks. The company took quick action to secure compromised IT, but the breach will still have costly implications for the company, which now has a triumvirate of responsibilities, including repairing IT vulnerabilities, restoring customer trust, and addressing regulatory scrutiny. The timing couldn’t be worse, as the airline industry, like many sectors, has been severely degraded by the COVID-19 pandemic, making this breach especially problematic for the company.

gauge showing severe risk

Individual Risk: 2.191 = Severe

Customers’ personally identifiable information was exposed in the breach. This includes usernames, passwords, credit card numbers, and passport credentials. The company encourages customers to carefully monitor incoming communications, as this information is often used to craft convincing-looking spear phishing campaigns. In addition, customers should consider enrolling in a credit or identity monitoring service to help ensure their information’s security even after the immediate crisis subsides.

Customers Impacted: 9,000,000

How it Could Affect Your Customers’ Business: As many companies begin turning their attention to post-COVID-19 recovery strategies, the growing number of cybersecurity risks threaten to undermine these efforts. Companies looking to thrive after the crisis need to address these risks that stand in opposition to data security and many organizations’ viability.

ID Agent to the Rescue: Designed to protect against human error, Bullphish ID simulates phishing attacks and manages security awareness training campaigns to educate employees, making them the best defense against cybercrime. Training including video is now available in 8 languages! Learn more here: https://www.idagent.com/bullphish-id.


Australia – BlueScope Steel         

https://www.cisomag.com/bluescope-cyber-incident/

Exploit: Ransomware

BlueScope Steel: Steel manufacturer

gauge showing severe risk

Risk to Small Business: 1.702 = Severe

A cybersecurity incident at the steel producer has disrupted operations at the company’s Australia-based facilities. In response, the company shuttered parts of its digital operations, reverting to manual operations whenever possible. BlueScope Steel expects its capabilities to be diminished as it works to recover from this disruptive cyberattack.

Individual Risk: At this time, no personal data was compromised in the breach.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware attacks are a uniquely expensive cyber threat. Not only do they force companies to pay high recovery costs, but the productivity loss and opportunity costs compound the problem. These attacks are not inevitable. Companies can defend against these attacks by ensuring that their digital environment doesn’t offer a foothold to bad actors.

ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help to ensure you are getting the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.


Australia – The Toll Group     

https://www.zdnet.com/article/tolls-stolen-data-finds-itself-on-the-dark-web/

Exploit: Ransomware

The Toll Group: Transportation and logistics company  

gauge indicating extreme risk

Risk to Small Business: 1.205 = Extreme

The cascading consequences of a January cybersecurity incident are becoming increasingly apparent for The Toll Group. Earlier this month, the logistics company suffered a ransomware attack predicated on this earlier network compromise. The incident included data exfiltration. That information has now been shared and sold on the Dark Web, complicating an already arduous recovery process for the company and its customers. This incident is a reminder that cybercriminals are no longer content to encrypt networks in hopes of a financial windfall. They are willing to steal and sell company data to ensure that they earn a return on their efforts.

gauge showing severe risk

Individual Risk: 1.407 = Severe

The compromised server contains personal information for many past and present employees. While the company didn’t identify the specific data points, employees should assume the worst and take precautionary measures to secure their personal and financial information. This includes monitoring accounts for suspicious activity and enrolling in credit and identity monitoring services to oversee their personal information

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: This incident highlights a troubling trend in ransomware. Criminals are exfiltrating data before encrypting company networks, creating multifaceted income streams that make their work more lucrative, and, consequently, more advantageous. However, ransomware attacks are not inevitable, and companies can defend their networks and data by ensuring that their accounts are secure and their network is protected against bad actors.

ID Agent to the Rescue: BullPhish ID simulates phishing attacks, including new COVID-19 phishing kits, and conducts security awareness training campaigns including video to educate your employees, making them the best defense against cybercrime – and training is available in 8 languages. Click the link to get started: https://www.idagent.com/bullphish-id.


Risk Levels:

1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk

Risk scores are calculated using a formula that considers a wide range of factors related to the assessed breach.