Breach Trends and Insights – October 2020

This report summarises the top breaches between mid – September till 15th October 2020. The report will help you to keep track of the latest hacks and add insights to safeguard your organization by looking at the trends. 

Most common Breach trends identified : 

  • Elasticsearch (Non-password protected database server)
  • Operational Errors – (exposed system with sensitive information)
  • Phishing Attacks/ Social Engineering Attacks
  • Ransomware Attacks

List of Security Breaches : 

A data fail left banks and councils exposed by a quick Google search

After a London based outsourcing firm left its system exposed. More than 50,000 letters sent out by banks and local authorities were indexed by Google. The privacy breach raises doubts about the due diligence carried out by companies and local authorities using outsourced mailing services to handle sensitive customer data. Details about insolvency, council tax, and mortgage vacations were out in the open. Thousands of names and addresses were exposed and affecting people in the UK, US, and Canada. 

Source – Wired.Co.UK

The Internet’s Biggest Webmaster Forum Had a Data Breach

Digital point, that claims to be the world’s biggest webmaster forum and marketplace for web related services allegedly had a non-password-protected database, which ended with the leak of 863,412 user details. 

The database was said to be elastic, set to open, and be visible in any browser (publicly accessible) and could have been edited, downloaded, or even deleted data without administrative credentials.

Source – website planet 

Miami-based tech company suffers massive 1TB customer and business data leak

Tech company in Miami Intcomex suffered a massive data breach, with nearly 1 TB of its user’s data leaked. The company got to know of the leak on September 20th, 2020. While this breach happened over time, the data was leaked on hacker forums in phases.  The first releases were the size of 16.6 GB and the second was over 18GB. The leaker even promised to leak more interesting data (credit card, etc) later. 

Source – Cyware

German tech giant Software AG down after ransomware attack

Software AG, one of the largest software companies in the world suffered a ransomware attack recently. The ransomware gang going by the name “Clop” breached the internal network and demanded over $20million to provide the decryption key. While they have already published the data on the dark web. The data shows, employee passport, ID scan, emails, and financial documents from companies’ internal networks. 

Software AG confirmed it was a malware attack. $20million is said to be about the largest ransom ever demanded. 

Source – Znet 

Edtech Startup Edureka Suffers Server Breach, Data Of 2 Mn Users Exposed

Indian startup Edureka is said to have suffered a massive data breach compromising the data of more than 2M users. The data breach comprises user name, address, and contact details.

The SafetyDetectices report mentions that the vulnerability was with Edureka’s US-based Elasticsearch server which was left unsecured, without password protection. The SafetyDetectices security research team, led by Anurag Sen is said to have found 25 gigabytes of data, containing more than 45 Mn breached records of personal data. 

 Source – inc42.com

Breach at food delivery service Chowbus reportedly affects hundreds of thousands of customers

2 months after securing funding worth $33mn, Chowbus suffers a massive data leak that compromised thousands of their customer data. The file is said to contain over 8,000,000 rows. In an email, to the customers, the CEO confirmed the data was “illegally accessed” and not mentioning how it happened.

Source – Cyberscoop

FireCompass Insights:

30% of breaches happen due to shadow IT or blind spots that are created due to rapid digitization, cloud adoption, IoT adoption, agile disperse teams, 3rd party integrations, APIs without the knowledge of the security team..etc. Not having a real-time view of your dynamic attack surface leaves an organization in the dark and serves as low-hanging fruit for attackers to use this exposed information to fuel malicious attacks. 

Suggestions for Organizations:

  • Identify & Manage your digital attack surface
  • Identify exposed internet infrastructure
  • Identify & Mitigate Shadow IT Risks
  • Continuous Red Teaming to identify vulnerable paths

 

READ MORE >>  Gartner Predicts 30% Of Breaches Due To Shadow IT by 2020