Breaches, breaches everywhere, it must be the season
Credit to Author: Malwarebytes Labs| Date: Wed, 05 Dec 2018 19:57:59 +0000
After last weeks shocker from Marriott this week started off with disclosures about breaches at Quora, Dunkin’ Donuts, and 1-800-Flowers.
Quora
Quora is an online community that focuses on asking and answering questions. It was founded in 2009 by two former Facebook employees.
The stolen data may concern up to 100 million users of the platform and included the username, the email address, and the encrypted password. In some cases, imported data from other social networks and private messages on the platform may have been taken as well.
To counter future abuse of the login credentials we would advise Quora users to change their password and make sure that the combination of credentials they used on Quora aren’t used elsewhere. Even though Quora used encryption and salted the passwords, it is not prudent to assume nobody will be able to decrypt them. For those that are in the habit of re-using passwords across different sites, please read: Why you don’t need 27 different passwords.
For those who no longer want to be registered at Quora, we also advise you to check under Settings and Disconnect any and all Connected Accounts.
Quora’s official statement can be checked for further details and updates.
Dunkin’ Donuts
A threat-actor successfully managed to gain access to Dunkin’ Donuts Perks accounts. The Perks accounts is a run-of-the-mill loyalty reward system. Dunkin’ Donuts claims that there was no breach into their systems but that re-used passwords were to blame.
we’ve been informed that third parties obtained usernames and passwords through other companies’ security breaches and used this information to log into some Dunkin’ DD Perks accounts.
As a countermeasure they forced password resets for all the customers the company believes were affected. If you are one of these customers the threat actors could have learned your first and last names, email addresses, 16-digit DD Perks account numbers, and DD Perks QR codes.
I repeat myself: For those that are in the habit of re-using passwords across different sites, please read: Why you don’t need 27 different passwords.
1-800-flowers
The Canadian online outpost of the floral and gourmet foods gift retailer reported an incident where a threat-actor may have gained access to customer data from 75,000 Canadian orders, including names and credit card information, over a four-year period. Even though the breach did not impact any customers on its U.S. website, 1-800-Flowers.com, the company has filed a notice with the attorney general’s office in California.
The stolen payment information seems to include credit card numbers and all the related information: names, expiration dates, and security codes. That’s really all any seasoned criminal needs to plunder your account.
Are you afraid to be a victim of this breach, here’s what you can do to prevent further damage:
- Review your banking and credit card accounts for suspicious activity.
- Consider a credit freeze if you’re concerned your financial information was compromised.
- Watch out for breach-related scams; cybercriminals know this is a massive, newsworthy breach so they will pounce at the chance to ensnare users through social engineering
Or download our Data Breach Checklist here.
Is it the season?
Some of the recent breaches happened quite some time ago or have been ongoing for years, so why are they all telling us now?
Possible reasons:
- New legislation requires companies to report breaches
- Breaches happen all the time, but these happen to be some very serious or big ones, so the media talks about them
- When a big breach is aired you will always see a few smaller ones, trying to hide in their shadow
If you’re a business looking for tips to prevent getting hit by a breach:
- Invest in an endpoint protection product and data loss prevention program to make sure alerts on similar attacks get to your security staff as quickly as possible.
- Take a hard look at your asset management program:
- Do you have 100 percent accounting of all of your external facing assets?
- Do you have uniform user profiles across your business for all use cases?
- When it comes to lateral movement after an initial breach, you can’t catch what you can’t see. The first step to a better security posture is to know what you have to work with.
In a world where it seems breaches cannot be contained, consumers and businesses once again have to contend with the aftermath. Our advice to organizations: Don’t become a cautionary tale. Save your customers hassle and save your business’ reputation by taking proactive steps to secure your company today.
The post Breaches, breaches everywhere, it must be the season appeared first on Malwarebytes Labs.