9 million customers didn't know their data was at risk

In this week's Cyber Weekly:

1. 9 million customers didn't know they were at risk
2. 160GB of data stolen
3. Cyber security firm HACKED
4. Major concern around this ransomware
5. In case you didn't know

Thanks to all 13,301 subscribers. It really takes a community to fight against cyberattacks. By sharing and commenting on these newsletters, we can reach more people and help others from becoming a statistic. Share your comments below or simply like the post. Also, follow me on LinkedIn for daily cyber security discussions >> Luigi Tiano.

1. 9 million customers had no idea they were at risk

‍

AT&T is an American multinational telecommunications company with revenue of USD $120.7 billion in 2022. In January of 2023, they were the target of a major cyber attack affecting 9 million of its customers. It is said to be a supply chain attack and that compromised sensitive data was limited to email address, phone numbers and account numbers.

‍

The exposure of rate plan name, past due amount, monthly payment amount and other charges were “limited” to a small percentage of customers. The telecommunication company said that their systems were unaffected.

‍

They also didn’t see a reason to notify authorities when they first identified the hack. Now, the federal law enforcement has been notified as required by the Federal Communications Commission. (techradar)

‍

My thoughts: I think this story is proof that some companies will only do what is absolutely necessary by law when is comes to reporting any breaches. They only advised the authorities because they HAD to.

This is a very sensitive subject and business don’t always make the right decisions. Some argue, if they had good intentions, they would have notified and helped their 9 million customers back in January. All they had to do was let them know. Who knows how many of them could potentially be victims of fraud because of this.

‍

2. 160GB of data stolen for sale

‍

Hardware and electronics company, Acer, admitted they were hacked last week. The data appeared on a hacking forum before the company knew what happened. The hackers revealed screenshots of the 160GB stolen.

‍

The data doesn’t seem to include customer data and was stolen from the company last month. The hackers are selling the data to the highest bidder. This is the third time Acer finds themselves in a hack. (bleepingcomputer)

‍

My thoughts: As we have learned in Cyber Weekly, once a company gets hacked, they remain targets and more likely to get hacked again. This is an ugly reminder that hackers have become very mature in their attack process. At the very least, a business should learn from a disaster and align their policies and procedures to mitigate against another attack.

3. Cyber security firm HACKED

‍

Acronis, a Swiss cyber security company was hacked by the same hackers who stole data from Acer. Apparently, the hacker was bored and wanted to humiliate Acronis. The hacker published proof of data on a hacker forum that included certificate files, command logs, system configurations and information logs. Acronis clarified that their products were not affected by the incident. It also doesn’t seem like customer data was breached except for the one client that was compromised. The hacker used one client’s credentials to access company information. (securityweek)

‍

My thoughts: In my opinion, part of a company’s policy after a breach should contain a well thought out communication plan including the PR and marketing teams. No company is perfect, stuff happens.

‍

Own it and communicate and in some cases over communicate so that clients and partners know how seriously you took it. As I was scrolling through articles, there was an ad for Acronis… and how to protect against IT vulnerability. Embarrassing or funny?

‍

Acronis advertisement to protect against IT Vulnerabilities

4. People are very concerned about this ransomware attack

When Canada’s largest bookstore got hit with a ransomware attack, no one seemed nervous or bothered. However, last week a Canadian engineering giant got hit with ransomware. They are responsible for work with the military, power and transportation infrastructure across the country.

“Black & McDonald and its subsidiary Canadian Base Operators have several multimillion-dollar contracts with the Defence Department for the support of Canadian military bases, including one signed in 2020 and valued at $157 million over 10 years.

The company, which has 5,500 employees across Canada and reported more than $1.5 billion in sales last year, also provides engineering and construction services for critical infrastructure projects, including nuclear power plants, airports and with the Toronto Transit Commission.”

People are concerned that the hackers are Russian cyber criminals. As a result, this attack poses a much larger risk to Canadian citizens.

The company refuses to comment on the hack. (ctvnews)

My thoughts: Military and infrastructure-related companies obviously need better cyber security than a retail store. That’s obvious. But let’s not forget that every successful ransomware attack gives cyber criminals the funds and “ammunition” to pull off more sophisticated attacks.

Another important note: Regardless if you are a small or large company, risks are always present. The bigger the target, rest assured the potential attack surfaces increase, ultimately increasing the risk.

5. In case you didn't know...

‍

I started Assurance IT with my childhood friend Ernesto Pellegrino in 2011. Our mission is to help 100,000 companies become cyber resilient through our services and free content. We focus on helping mid-sized organizations with data protection and data privacy. Our primary services include: endpoint management, cloud backup, DRaaS, and Microsoft 365 backup.

‍