British Airways Breach: Over 500,000 Customer Accounts Compromised

The details are continuing to emerge – and get worse – about the hack of British Airways. In September it was revealed that for over two weeks, hackers stole over 385,000 customer data records which included full name and address info and complete credit card data including CCV numbers (for 77,000 of the users) from the BA website and Mobile app.

A follow up notice published by BA’s parent International Airlines Group, on Thursday last week admitted that passengers who made bookings between April and July using rewards points were also snooped on by the cybercriminals.

What’s the takeaway? As usual, we recommend that it’s important to have  Dark Web monitoring in place for your entire organization so that you can watch for these stolen credentials to appear for sale. Personal monitoring is also important so make sure you’re using a reputable product like our Spotlight ID.

And if you’ve flown British Airways recently make sure you change those account credentials, get a replacement for whatever card you used for reservations, and if you used the same credentials at any other site, make sure you change all those passwords, too.

Everyone stay safe out there!


 

 

 

 

 

Panera Bread *finally* acknowledges data compromise

A vulnerability was discovered at Panera Bread in August of 2017 and was finally acknowledged by the company on April 3 of this year. Compromised data includes names, emails, physical addresses, birthdays and the last four digits of the customer’s credit card number. “There is no evidence of payment card information nor a large number of records being accessed or retrieved,” Panera Chief Information Officer John Meister wrote in an emailed statement.

The data was obtained through a website vulnerability that has now been reported as corrected.

The bad news here is that data was leaked for 8 months after a security researcher contacted Panera in August 2017 with details of the exploit.

The actual fix was a patch to the website that took 1 hour to deploy.

While Panera has talked about “[not] a large number of records” being affected, they have apparently identified 10,000 customers who likely did have their information exposed. Other reports suggest as many as 37 million accounts may have been exposed.

This is another good reason why your company should have a Dark Web monitoring solution like MicroData’s Dark Web Guardian in place. You may never know exactly what credentials and PII have been compromised in any given breach. And some compromises may never be reported, so your business needs to aggressively be checking for compromises.

And tell your users that if they previously set up and used an online Panera Bread account, to be safe they should change their password at the site and any other place where they may have used the same email/password credentials.

And of course, remind your employees to never use their corporate email address and password for account registration with other businesses/social media sites/entities.


 

Orbitz Data Breach: What You Need to Know.

If you’ve ever used Orbitz you’ll want to pay attention.

As reported by The Hacker News, it took Orbitz almost 3 months to discover that attackers exploited a legacy version of their travel booking platform

between October 1, 2017 and December 22, 2017. Users of Amextravel.com may also be affected.

Compromised data includes full names of customers, credit card numbers, birth dates, phone numbers, mailing addresses, billing addresses and email addresses. More than 880,000 individuals are affected.

Orbitz is currently working to notify the thousands of affected customers and plans to offer one year of free credit monitoring and identity protection service. Affected individuals should proactively monitor their personal data for misuse.


 

60% of SMBs Go Out of Business After This Happens

A survey just published by The Business Journals has some sobering statistics. Only 28 percent of owners of small and mid sized businesses responded that they are very concerned about ‘the safety and security of their firm’s technology, email and documents.’

What makes that particularly concerning is that it runs directly counter to the potential impact for small companies should they suffer a data breach. The Insights report said 60 percent of U.S. businesses with between 1 and 499 employees that suffer a data breach shut down within six months.

As a business owner or manager, if IT security isn’t one of your highest priorities, change your thinking and get some help. Proper IT security usually isn’t hugely expensive but it does require an understanding of the issues, threats and environment, and then implementing a comprehensive plan.

If you’re not sure where to start MicroData is offering a free, no-obligation IT assessment of your business. You’ll get detailed, specific information about the security of your IT environment along with recommendations for corrective actions. And of course we can handle all aspect of implementing and managing IT security for your business. Click here to learn more.


 

Fake Windows Update is Actually Ransomware

A new strain of ransomware is making its way around the Internet and what’s so nefarious about this version is that it disguises itself as a Windows update.

What happens is that an attachment in a phishing email, when clicked, actually launches a process that brings up a prompt advising the user that an important Windows update is available. People go along with it thinking that they are doing the right thing by keeping their computer up to date.

The ransomware itself is called “Fantom” and the actual executable that starts the process is “CriticalUpdate01.exe.” Once executed it extracts “WindowsUpdate.exe,” and the screen that displays as it begins to encrypt your files looks very much like the modern blue screen that Windows 8, 8.1 and 10 users are familiar with.

But what’s actually happening is that your files are being encrypted. The next thing you’ll see is a screen telling you all your data has been encrypted:

Fantom ransom screen
Fantom!

At this point your only options will be to restore all data from a backup or pay the ransom.

So what can you do to stay safe? Here are 5 basic steps to take.

  • Remind all your users never to open or click on links in messages they are unsure of
  • Don’t run Windows in Administrative mode
  • Make sure you have a good and up-to-date antivirus/anti-malware product installed
  • Be sure your Windows firewall is working and up to date
  • Don’t run old, out-of-date software. It often contains known vulnerabilities that cyber-criminals exploit

Everyone stay safe out there!


 

412 Million FriendFinder Accounts Hacked

LeakedSource Sunday reported that 412 million accounts on the FriendFinder network had been exposed, making this one of the largest hacks in 2016. And worse, this is the second time that the FriendFinder network has been breached. The first time was in May 2015.

If you have an account on any of the FriendFinder sites you’ll want to change your passwords and check any credit card info you may have stored with your profile.

Everyone stay safe out there!


 

Data Mishandling Could Cost CA Hospital $25,000 per Patient Record

Think that professional IT services are expensive? How about the cost of your current provider making a mistake? Last month a California state court judge finalized the highest ever per-plaintiff cash settlement in a data breach case. St. Joseph Health System, based in Irvine, is set to pay upwards of $28 million to settle a 31,074-member class action. The dispute arose out of a 2012 incident that exposed over 31,000 patient records to the Internet. The cause was not malware in this case but rather simple mis-configuration of the hospital’s intranet.

The takeaway? Security for your network and data needs to be one of your highest priorities. Even a small business can have thousands of customer records with sensitive information that must be secured.

If you’re not sure about your organization’s IT security, I urge you to take advantage of a special, limited-time promotion we’re offering where we’ll review your IT systems and provide you with a detailed 57-Point IT Systems Security and Performance Assessment – all for FREE. Click here to learn more.