01/06/2020 – 01/10/2020


Check if your account has been compromised on the dark web


Weekly Breach: 01/06/2020 – 01/10/2020

This week, ransomware disrupts the holidays, a nonprofit organization has its donor list compromised, and “password” remains a stubbornly popular password.

Sinai Health System – Chicago-based healthcare network

Breach: Phishing scam. Two employees fell for a phishing scam that gave hackers access to email accounts containing patients’ personal data. The attack, which occurred on October 16th, wasn’t discovered until December. In response, Sinai Health Network reset employees’ email passwords and provided employees with phishing scam awareness training to prevent a similar event in the future. Unfortunately, these actions cannot undo the damage of a data breach, and the healthcare network will now endure heavy regulatory scrutiny, as the Office for Civil Rights has launched an investigation into the incident.

Patients’ personal information was compromised in the breach, including their names, addresses, dates of birth, Social Security numbers, health information, and health insurance information. Hospital administrators contend that there is no evidence of misuse, but patients impacted by the breach should not presume that their data is secure. Instead, they should closely monitor their accounts for unusual activity, and they should consider enrolling in identity monitoring services to ensure that their information isn’t misused down the road.


TD Canada Trust – Personal & small business banking institution

Breach: Phishing scam. Security researchers have unearthed a two-year phishing campaign impacting Canadian banks, including TD Canada Trust. The phishing campaigns began with legitimate-looking emails containing PDFs that included official bank logos and an authorization code. Victims are instructed to renew their digital certificate to maintain their online bank accounts. When they click on a provided link, they are directed to a page that asks for their banking credentials. Hackers registered numerous domains similar to the banks’, making their efforts even more convincing.

Phishing scams are only effective if users provide their personal details, but anyone that offered this information should be aware that it is now in the hands of cybercriminals. Those impacted by the breach should immediately notify their financial institutions of the episode. Moreover, they should carefully monitor their accounts for suspicious or unusual activity.

Maastricht University – Public post-secondary academic institution

Breach: Ransomware. A ransomware attack on Maastricht University disabled the university’s Windows computers and email services. To prevent the malware’s spread, the university brought its entire network offline. While they noted that they are taking extra precautions to protect critical scientific data, they acknowledged that they can’t predict how long it will take them to overcome this expansive attack.

Ransomware has enjoyed a troubling resurgence as a prominent way to exact low-risk, high-yield payouts from victims. Often, these attacks are levied on soft targets like organizations or entities that can’t or won’t protect against these threats. Especially for SMBs, it can be tempting to leave this risk up to chance, but the high cost of a ransomware attack makes a strong defensive posture a veritable must-have to remain competitive in today’s digital landscape.

UK Cabinet Office – Governmental department responsible for supporting the Prime Minister and Cabinet

Breach: Accidental sharing. The Cabinet Office inadvertently uploaded the home and work addresses of recipients of various New Years’ honors recipients. The honorees included several celebrities and defense personnel, many of whom took to the internet to complain about the shocking privacy blunder. The department received special ridicule because of the government’s work in holding companies accountable for data privacy with GDPR. Although the information was only available for about 90 minutes, anyone could access this sensitive data during that time, and there’s no way to recover that information.

The blunder compromised personal data, including names and addresses for many prominent public figures and security personnel. This information could invite unwanted correspondence or security concerns, and those impacted by the breach should make every effort to protect their physical and online security.

UK Travelex  – Foreign currency exchange

Breach: Malware attack. Travelex rang in the new year with an old cyberattack methodology, enduring a malware attack on December 31st. The company brought its systems offline to protect data and prevent its spread. Many UK customers experienced a “server error” when trying to access the website, and many companies that rely on Travelex services were similarly disrupted because of the outage. The incident could carry heavy opportunity costs for the company, since it’s unclear how long the malware will disable their platform.

At this time, no personal information was compromised in the breach. However, Travelex customers should stay abreast of the latest developments to ensure that they are ready to respond if personal data is compromised.

Special Olympics NY  – Nonprofit organization

Breach: Phishing scam. Cybercriminals hacked the organization’s network and used this access to send phishing emails to its previous donors. Special Olympics NY contacted those impacted by the event, asking them to disregard the phishing communication and to offer confidence that their data was secure. Criminals created a sense of urgency by alerting donors that an automatic donation for $1,942,49 was scheduled to debit in two hours, and the emails invited users to confirm their donation by inputting their personal data on a malicious website.

While it’s unclear how cybercriminals accessed the organization’s communications platform, it’s possible that they walked right through the proverbial front door. With millions of user logins available on the Dark Web many hackers have critical login information available at their fingertips. Unfortunately, the consequences for businesses can be devastating. For Special Olympics NY, it’s possible that this event could discourage donors from contributing in the future, a damaging blow to one of their critical revenue streams.

In Other News:

Financial Services Organizations Increasingly Targeted By Cybercriminals

According to the 2019 Financial Breach Report, financial services organizations are increasingly targeted by cybercriminals, and these breaches are putting peoples’ personally identifiable information at risk. In 2019, 6% of all data breaches impacted financial services organizations, including the Capital One breach that impacted 6 million Canadian and US customers. 

However, despite the relatively small fraction of organizations breached, the industry accounted for 60% of all leaked records, with hacking and malware serving as the top cause for these breaches. Financial services organizations collect and store peoples’ most sensitive information, so any failure in this sector can have devastating consequences. 

For companies, this new reality is manifesting in their bottom lines. The average cost of a stolen financial services record reached $210 in 2019, second only to the cost of a compromised healthcare record. Fortunately, preemptive measures like phishing scam avoidance training and network analysis can help ensure that cybercriminals can’t capitalize on stolen data.

The Worst Passwords of 2019 

Using strong, unique passwords is a simple and effective way for everyone to keep their online accounts secure. Unfortunately, despite numerous warnings and seemingly unending headlines about new, devastating data breaches, people are often unwilling to adopt this practice in their daily lives. 

In a year-end rundown, security researchers compiled a list of the worst commonly used passwords in 2019. Predictably, “12345,” “test1,” and “password” all made the top five most popular passwords. Other passwords included simple number combinations, popular female names, and horizontal or vertical letters or numbers on a QWERTY keyboard. It’s clear that millions of people can take a simple step to improve their defensive posture, and, when coupled with other easy-to-use features like two-factor authentication, they can promote a robust defense of their digital environment.

Share this with a friend:

Check if Your Account Has Been Compromised on the Dark Web