The details are continuing to emerge – and get worse – about the hack of British Airways. In September it was revealed that for over two weeks, hackers stole over 385,000 customer data records which included full name and address info and complete credit card data including CCV numbers (for 77,000 of the users) from the BA website and Mobile app.
A follow up notice published by BA’s parent International Airlines Group, on Thursday last week admitted that passengers who made bookings between April and July using rewards points were also snooped on by the cybercriminals.
What’s the takeaway? As usual, we recommend that it’s important to have Dark Web monitoring in place for your entire organization so that you can watch for these stolen credentials to appear for sale. Personal monitoring is also important so make sure you’re using a reputable product like our Spotlight ID.
And if you’ve flown British Airways recently make sure you change those account credentials, get a replacement for whatever card you used for reservations, and if you used the same credentials at any other site, make sure you change all those passwords, too.
Equifax has released more info about the data stolen by the hacks in 2017 and it’s pretty grim. According to a letter Equifax submitted to the SEC on Monday, here are the numbers of actual compromises:
146.6 million names
146.6 million D.O.B.
145.5 million Social Security Numbers
99 million addresses
27.3 million gender
20.3 million phone numbers
17.6 million driver’s license numbers
1.8 million email addresses (without credentials)
209,000 credit card numbers and expiration dates
97,500 tax ID numbers
And the following government issued IDs:
38,000 Driver’s license numbers
12,000 Social Security or Taxpayer ID Card
3,200 passport or passport card
What’s the takeaway? You really need to be monitoring your personal credit info. And we don’t recommend LifeLock™ as ironically they use Equifax for monitoring. Take a look at SpotLight ID which I personally use and we recommend to our customers. SpotLight ID provides more comprehensive protection plus it’s about 1/3 less expensive than LifeLock.
A survey just published by The Business Journals has some sobering statistics. Only 28 percent of owners of small and mid sized businesses responded that they are very concerned about ‘the safety and security of their firm’s technology, email and documents.’
What makes that particularly concerning is that it runs directly counter to the potential impact for small companies should they suffer a data breach. The Insights report said 60 percent of U.S. businesses with between 1 and 499 employees that suffer a data breach shut down within six months.
As a business owner or manager, if IT security isn’t one of your highest priorities, change your thinking and get some help. Proper IT security usually isn’t hugely expensive but it does require an understanding of the issues, threats and environment, and then implementing a comprehensive plan.
If you’re not sure where to start MicroData is offering a free, no-obligation IT assessment of your business. You’ll get detailed, specific information about the security of your IT environment along with recommendations for corrective actions. And of course we can handle all aspect of implementing and managing IT security for your business. Click here to learn more.
A new strain of ransomware is making its way around the Internet and what’s so nefarious about this version is that it disguises itself as a Windows update.
What happens is that an attachment in a phishing email, when clicked, actually launches a process that brings up a prompt advising the user that an important Windows update is available. People go along with it thinking that they are doing the right thing by keeping their computer up to date.
The ransomware itself is called “Fantom” and the actual executable that starts the process is “CriticalUpdate01.exe.” Once executed it extracts “WindowsUpdate.exe,” and the screen that displays as it begins to encrypt your files looks very much like the modern blue screen that Windows 8, 8.1 and 10 users are familiar with.
But what’s actually happening is that your files are being encrypted. The next thing you’ll see is a screen telling you all your data has been encrypted:
At this point your only options will be to restore all data from a backup or pay the ransom.
So what can you do to stay safe? Here are 5 basic steps to take.
Remind all your users never to open or click on links in messages they are unsure of
Don’t run Windows in Administrative mode
Make sure you have a good and up-to-date antivirus/anti-malware product installed
Be sure your Windows firewall is working and up to date
Don’t run old, out-of-date software. It often contains known vulnerabilities that cyber-criminals exploit
LeakedSource Sunday reported that 412 million accounts on the FriendFinder network had been exposed, making this one of the largest hacks in 2016. And worse, this is the second time that the FriendFinder network has been breached. The first time was in May 2015.
If you have an account on any of the FriendFinder sites you’ll want to change your passwords and check any credit card info you may have stored with your profile.
I’ve had many frustrated people as me why cybercriminals create and distribute ransomware. The answer is money, of course. But some new data from a report by Check Point software’s researchers is helpful because it shows just how much money we’re talking about.
Check Point focused on just one product: Cerber. The Cerber platform is software created specifically to be resold to create ransomware. Aspiring cybercriminal affiliates create their own ransomware campaign using Cerber and the deal is that Cerber gets to keep 40% of whatever their customers make with their ransomware attack.
Check Point was able to determine that Cerber had more than 160 participants at current count and that the combined direct sales plus affiliate revenue was almost $200,000 just in July – and this despite a victim payment rate of only 0.3%.
Doing the math means that Cerber is on track to net 2.4 million dollars this year.
So what’s the takeaway for businesses? Ransomware is a highly profitable criminal activity and you should expect to see increases in attacks on your business.
And that means that if you haven’t yet, you should get your organization up to speed both in terms of hardware/software preparedness, but also user training.
It’s happened again. Federal employee databases have been hacked and now the cyber criminals have millions of employee records. You can expect this info to get sold quickly and then the email messages will start arriving trying to scare recipients into clicking on a link which will then infect their computer with malware or the message will try and manipulate users into giving out more personal information. If you’re concerned that you or someone you know may be affected, send your friends and users the following:
‘If you receive an email that claims your personal information has been hacked and that you need to click on a link, open an attachment, or even call someone to protect yourself, stop! Never click on such links, don’t open any attachments, and never call someone whose information is only provided in an email message. These messages are scams designed to scare you into taking action that would infect your computer with malware/spyware and potentially release even more of your personal info.”
With the news of dozens of female celebrities’ nude photos being stolen off iCloud over this past weekend, there are a couple of lessons to be learned.
Apple devices aren’t somehow ‘safer’ or ‘immune’ to being compromised. Most likely the accounts in question were compromised by phishing attacks – targeted emails or sites designed to trick users into revealing account information.In some ways Apple users are more vulnerable because Internet legend tells them that Apple devices are immune to viruses and malware. Apple themselves does little to dispel this myth – most likely as it works so well for them.
The reality? Any device including web-only appliances like Chromebooks are susceptible to phishing attacks. The only defense is to educate users.
When you sync data from a local device to a cloud service then later delete it, the cloud data probably still exists. People tend to think about data as residing in the device that generated it but once you link to the cloud that isn’t the case. Just look at the IRS email scandal where it was claimed that Ms. Lerner’s email was ‘lost’ because her computer hard drive crashed. Only a copy of email makes it to the user’s local computer. All the email really exists on email servers which is why this claim is so ridiculous to people in the tech community.Remember that if you have any device linked to the cloud, a copy of everything is probably somewhere else.
When your data is in a shared Cloud, you no longer control it. Apple has robust security on its cloud service. As does, Microsoft, Amazon, Yahoo, etc. But it’s still not in your control.This is one of the reasons we developed our Private Cloud service. With Private Cloud, your data is exclusive to you and isn’t co-mingled with anyone else’s data. Your organization maintains control.
Think before you create data. It’s probably not a good idea to snap those nude photos or write that manifesto if you’d ultimately be uncomfortable about it get out into the public. Once created, data has a way of moving easily and silently around the Internet.