Skip to main content
Category

Cyber Attacks

Tribune Media Hit With Cyber Attack, Affecting Newspaper Publishing

Evolve MGA Cyber Insurance

Tribune Media was hit with a ransomware attack that affected the production of newspapers owned by the Chicago-based publishing company, which disrupted their publishing and printing systems. According to sources at the Tribune, the malware infection started on Thursday evening and involved ransomware known as Ryuk, which is potentially tied to North Korean cybercriminals. However, security experts say it’s too soon to attribute Tribune’s ransomware outbreak as anything more than an opportunistic infection, and note that anyone can potentially obtain and use malware, irrespective of their identity, political affiliation or other motivations, according to Data Breach Today.

Although this came at a price of doing business for Tribune Media, they confidently announced that this ransomware attack did not affect any financial information or website, but did affect the printing and publishing systems for all newspapers that belong to the media company. Additionally, after doing a deeper analysis of the attack, the Tribune confirmed that no customer’s personal identifiable information was exposed in the cyber attack. 

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote! If you’d like to read more about the cyber attack on Tribune Media, click here

Hack on Chromecast Devices (Cast Hack) Exposes Thousands of Users

Evolve | Hack on Chromecast

In recent news, Google’s Chromecast device and technology has been hacked, dubbed “CastHack”, resulting in tens of thousands of users being exposed. The attackers managed to hijack Chromecasts’ feeds and display a pop-up, spreading a security warning as well as controversial YouTube star PewDiePie propaganda. PewDiePie is a popular commentator who boasts the largest number of Youtube subscribers.

Although there are no obvious ties between the hackers and PewDiePie, the attackers are actively promoting his page. The hackers even went ahead and created a website with a live tracker that displays the amount of users who are being exposed. CastHack can be used to collect different kinds of victim’s data. For instance, Chromecast devices, Google Home that is connected to Wi-Fi, bluetooth paired devices, and most concerning, remotely forced attacks that affect devices into playing media of their choice, rename devices, force factory reset or reboot the device, force it to forget all WiFi networks, or force the affected device to pair with new networks.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about the CastHack, click here.

Did You Know Marriott International was hacked?

Evolve | Credit Card Data Breach

The breach exposed sensitive information on up to 500 Million guests.

It is incredibly difficult to defend your system against employees clicking on phishing links that they shouldn’t be clicking on. Contact us today to get a quality cyber policy for your clients.

How Did A Hotel Chain As Big As Marriott Get hHacked?

According to the hotel chain, up to 500 million people were exposed by a data breach that occurred within the Starwood Guest Reservation database (which Marriott International recently acquired). Marriott confirmed that an “unauthorized party” accessed the database in 2014 in order to copy and encrypt the information for their benefit. This means that anyone who made a reservation between 2014 and September 10, 2018 (the day Marriott discovered the exposure) was exposed to the hacker group. 
 
What To Do If You Were Affected?
According to Marriott, the stolen hotel database contains sensitive personal information of nearly 500 million guests, including their names, mailing addresses, phone numbers, email addresses, passport numbers, dates of birth, genders, arrival and departure information, reservation date, and communication preferences.As mentioned, if you stayed at a Starwood Hotel since 2014, there’s a good chance you were affected by this data breach. For those who were affected, please see below for ways to keep yourself protected from additional threats.

  • Change your passwords
  • Monitor your bank accounts for suspicious activity
  • Open a separate credit card for online purchases
  • Limit the amount of information that you share
  • Avoid saving credit card information on websites
  • Be vigilant

How Can I Make Sure My Client is Covered?
Hotels are huge targets for cyber-attacks. They hold tons of sensitive information, they often acquire other hotel chains and their databases, and they offer deals with third party vendors or preferred programs. Many times they are viewed as “low hanging fruit” because their systems, cyber security tools and tech processes are outdated or being accessed by hundreds of employees or contractors. It is imperative that hotels have quality cyber policies in place. This means cyber policies that include coverage for system damage, business interruption, and cyber-crime.

1,000 North Korean Defectors Exposed Via Data Breach

Evolve | North Korean Defectors

Often times, the data breaches that make the news surround the details of a business, school, government, or hospital being struck with a data breach, but most recently, an uncommon attack occurred which directly impacts the lives of the individuals affected. According to South Korean officials, a malware attack targeted and exposed personal information for 1,000 North Korean defectors.

The leak exposed the names, birth dates and addresses of 997 defectors who live in regions of South Korea. Although no harm or damage has been observed due to the leak, it is important to note that this data breach acknowledges the level of capabilities of cybercriminals in current day. The defectors who were exposed have been living in secrecy since defecting, relying on the South Korean government to protect them from this type of vulnerability.

According to South Korean officials, Hana Centers were set up by the South Korea government in 2010 to help North Korea refugees integrate into and establish stable lives in the country by helping with counseling, resettlement costs, medical expenses, children’s education and employment. Today 25 centers support about 30,000 North Korean refugees living in South Korea.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about the data leak surrounding the North Korean defectors, click here.

Quora Dismantled By Massive Data Breach – Exposing 100 Million Users

Evolve | Quora Dismantled

Question: What Happened?

Answer: Hackers Stole 100 Million Quora Users’ Data!

The world’s most popular question and answer open forum was recently hacked, resulting in 100 million users being exposed to an unknown hacker group that now has control over an enormous amount of sensitive information. Quora announced the data breach last week and discovered that the unknown hacker group managed to gain unauthorized access to their network and stole nearly half of their entire user base.

According to Adam D’Angelo, the chief executive officer and co-founder of Quora, the personal user information compromised in the breach includes:

  • Account information, such as names, email addresses, encrypted (hashed) passwords, and data imported from linked social networks like Facebook and Twitter when authorized by users.
  • Public content and actions, like questions, answers, comments, and upvotes.
  • Non-public content and actions, including answer requests, downvotes, direct and messages (note that a low percentage of Quora users have sent or received such messages).

Although question-answer internet company made a point to explain that they hash out passwords and sensitive information to ensure cybercriminals cannot crack their systems, they doubled down and logged all exposed users out of their accounts and forced them to reset their passwords.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about this massive data breach, click here.

Hackers Stole $800,000 From Cape Cod Community College

Evolve | Cape Cod Community College

WTF (Wire Transfer Fraud) attacks are happening daily! Here is yet another example from Cape Cod Community College. According to reports, the hacker group stole more than $800,000 by hacking into the Community College’s bank accounts. The cybercriminals used computers in the Nickerson Administration Building to infiltrate the network using a phishing malware to obtain access to the bank accounts.

The hackers obtained banking information from the school by sending computer viruses via e-mail that lodged in the computer and stole school bank information, then fraudulently transferred the money out of the school’s accounts at TD Bank, according to a school spokesman. Working with the bank, the school has recovered about $300,000 of the funds, the school said, according to The Boston Globe.

Although there is no information surrounding the identities of the cybercriminals, they have not fretted from the exposure and instead of scaling back and claiming the stolen funds, they doubled down, attacked Cape Cod Community College again (yet failed), as well as attacked other colleges in the area.

According to the school’s spokesperson, student and employee personal information was not exposed during the cyber attack. However, it’s still important to remember to protect your business (or in this case, school) with a quality cyber policy.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about the cyber attack against Cape Cod Community College, click here.

 

 

Alex Jones’ Infowars Hit With Payment Card Skimming Malware Attack

Evolve | Infowars

Infowars.com, the website of controversial Alex Jones, has recently experienced the affects of the recently popular magecart payment card skimming malware. The malware was injected into Alex Jones’ web shop where he sells survival gear and nutritional supplements.

The malware was found by cyber security consultant, William de Groot, who conducts routine internet scans to detect magecart infections, which are often found on Magento e-commerce software. Magecart works as a JavaScript malware that scraps customers payment card information and sends it to an alternative server than the one supporting the website.

In addition to claiming this attack to be an act of industrial and political sabotage, InfoWars says that around 1,600 customers may have been affected. Some of those were returning customers, who may have not needed to enter their personal and card details again, potentially saving them from the malware.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about the data breach on Infowars, click here.

Data Breach at Nordstrom Exposes Employee Information Across 380 Stores

Evolve MGA Cyber Insurance

In October, Nordstrom experienced a data breach that exposed the employee personal data across 380 stores. Initially, Nordstrom addressed the situation by stating the exposure didn’t affect any customer data and was simply an error within the system, but a month later, Nordstrom is now claiming that a contract worker purposely misused the data.

According to reports, the contractor successfully exposed employee’s social security numbers, birthdates, salaries, and bank account information. However, although Nordstrom revoked all access from the contractor, they cannot confirm that this vulnerability was misused in any way. Nordstrom has offered their employees two years of prepaid identity theft monitoring services, which has become a consistent offering that most companies that are the victims of data breaches provide to those exposed.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about the data breach on Nordstrom, click here.

North Korean Hacking Group, Lazarus, Strikes Again, This Time On ATMs

Evolve MGA Cyber Insurance

North Korean hacking group, Lazarus, figured out a way to exploit out-dated software for ATM machines in order to inject malware. The malware allows hackers to access what is being called FASTCash, which is what the U.S. Government refers to as an act of perpetrating a cash-out scheme illegally. According to Data Breach Today, the U.S. government says the FASTCash attacks are the work of the Lazarus hacking group, tied to the Pyongyang-based government of North Korea.

Since 2016, the Lazarus hacking group has used malware to target out-dated ATMs and have successfully drained tens of millions of dollars from banks across Africa and Asia. The cyber attacks by Lazarus have exposed the banks mostly opposed to customers of the banks, according to reports. The financial sector repeatedly experiences attacks and breaches because they appear as low hanging fruit to hackers as they have out-dated systems and lack of end user awareness.

EvolveMGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about the Lazarus hacking group, click here.

Colorado Timberline Went Out Of Business Due To a Ransomware Attack

Evolve MGA Cyber Insurance

Did you know a Colorado supplier recently went out of business due to a ransomware attack?

In 2019, it is projected that ransomware damage costs will rise to $11.5 billion and businesses will fall victim to a ransomware attacks every 14 seconds. — Cyber Security Ventures

What happened to Colorado Timberline?

Colorado Timberline, a 200+ employee printing company in Denver, Co, recently experienced a ransomware attack so damaging that it forced the company to shut down its business. On September 12th, the company posted a statement on their website announcing the closure due to the recent string of cyber attacks. The cybercriminals attacked the company with multiple cyber attacks, but none damaged Colorado Timberline as much as the data locker ransomware malware.

What is data locker Ransomware?
Data locker ransomware malware is deployed and tasked to access computers in order to extract data that could be valuable to the victim.  Once the data is gathered, the malware messages the victim announcing the data is being held hostage. Soon after, the cybercriminal provides instructions to pay the ransom (usually paid in cryptocurrency).

How Can I Make Sure My Client is Covered?
Ensure that your client has a cyber policy in place that includes first party crime coverage.  If you are looking to ensure that your client has quality coverage in place in the event of a ransomware attack, please contact Patrick Costello (contact info above) or click the quote/appointment buttons below.