Sontiq BreachIQ Data Breach Report: Week of Nov. 22 – Security Boulevard

sontiq-breachiq-data-breach-report:-week-of-nov.-22-–-security-boulevard

Did you know that camDown is the only solution you need to block webcam hackers?

Each week, Sontiq uses its BreachIQ capability to identify recent notable reported data breaches. These breaches are highlighted because of the heightened identity security risks to the victims. BreachIQ uses a proprietary algorithm to analyze more than 1,300 factors of a data breach and create a risk score on a scale of 1-10. The higher the score, the more severe the breach and level of risk.

One of the major challenges we’ve found in motivating consumers to take action about data breaches is a lack of context for the severity of risk created by the data breach. Unfortunately, coverage of data breaches frequently falls into one of two camps: Either the breach is covered as a devastating blow to consumers’ identity security and privacy, or the incident is portrayed as a trivial mishap that is unlikely to have serious consequences. In reality, of course, most breaches fall somewhere in the middle; they create meaningful risks to victims’ identities which can be mitigated by specific actions by those affected. Within BreachIQ, we tend to think about the risks created by breaches within the context of the severity of the identity crimes enabled by the data exposed in the breach:

Low Risk (BreachIQ score 1-3): Data breaches in this tier are the least likely to result in cases of identity theft, scams and fraud that would harm affected consumers. Typically, this means that the breach exposes victims to direct risk from fairly low impact fraud types (e.g. low sophistication spam or phishing messages) and that fraudsters would need to supplement the data exposed in this breach with other types of PII to commit most fraud types.

Moderate Risk (BreachIQ score 4-6): Data breaches in this range create a meaningful risk of identity theft, scams or fraud that could result in some degree of harm to affected consumers. Most breaches in this category contain all the data needed to commit at least one type of fraud (e.g. a breach that exposes card numbers, security codes, expiration dates, etc.), but often expose victims to a narrower range of threats than the highest-risk breaches.

High risk (BreachIQ score 7-10): Data breaches in this tier are likely to lead to identity theft, scams or fraud that significantly harm affected consumers. The highest-risk breaches expose rich identity data types that are used in a wide variety of fraud schemes. For instance, a breach that exposes a victim’s name, social security number, date of birth and other biographical details like income or employment history can be used to open fraudulent new accounts, take over existing financial accounts or file a tax return in the victim’s name.

New breaches added: 60

Integrated Services of Kalamazoo

BreachIQ score: 8

A cyberattack against Integrated Services of Kalamazoo enabled the perpetrator to gain access to nine ISK employee email accounts. While it appears that the primary objective of this attack was to use the compromised accounts to send other malicious messages, it also allowed the perpetrator to access sensitive personal information contained in messages and attachments that passed through the affected accounts. Exposed data types include Social Security numbers, driver’s license numbers, medical insurance information as well as some medical information.

What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.

More Information

Traffic Solutions Corporation, doing business as Statewide Safety Systems

BreachIQ score: 8

A ransomware attack against Statewide Safety Systems, also known as Traffic Solutions Corporation, compromised files containing sensitive personal information from employees, business contacts, and other individuals. In ransomware attacks, the goal of the attack is typically to extort the infected organization into paying to regain access to their files. Many ransomware strains also take the encrypted files and send them to the group managing the malware. Exposed data types include Social Security numbers, driver’s license numbers, financial account information, contact information and more.

What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.

More Information

National CARES Mentoring Movement

BreachIQ score: 7

Unauthorized access to several employee email accounts at National CARES Mentoring Movement allowed the perpetrator to access sensitive personal information contained in emails and attachments that passed through the accounts. While the compromise occurred between January 16 and February 3, 2021, Maxim did not publicly report the breach until November 12, 2021. Exposed data types vary by individual, but include Social Security numbers, driver’s license numbers, financial account information, electronic signatures and more.

What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.

More Information

Renue Aesthetic Surgery

BreachIQ score: 5

A ransomware attack against Renue Aesthetic Surgery compromised files containing sensitive personal information. In ransomware attacks, the goal of the attack is typically to extort the infected organization into paying to regain access to their files. Many ransomware strains also take the encrypted files and send them to the group managing the malware. Exposed data types include Social Security numbers, driver’s license numbers, passport numbers and more.

What should you do? Since the information stolen in this breach creates a high risk of fraudulently opened credit (loan accounts), safeguards like locking or freezing your credit are the best place to start. If you expect to need to have your credit account unlocked, enrolling in credit monitoring through the provider offered by the breached organization or through a free service can help keep you informed of potentially suspicious changes to your credit report.

More Information

Recent Articles By Author

Let's keep in mind that camDown is your security solution to protect you and your business from peeping toms and I am sure your neighbors would agree!