Since 2005, the Identity Theft Resource Center (ITRC) has tracked publicly-notified data breaches. Over the last 15 years, the ITRC has tracked over 10,000 breaches; and now records a weekly podcast on the most interesting data compromises from the previous week. This week’s “Weekly Breach Breakdown” features an old school data breach, one that includes universities being threatened to pay a ransom and one that led to years of formjacking.
For many years, dumpster diving was the preferred method of stealing personal information. Breaking into a computer did not get fraudsters the amount of confidential information needed to commit identity theft at the scale most of the threat actors wanted. Now, in the era of massive databases filled with petabytes of information (which is roughly 745 million floppy disks), breaking into computer systems is the most common method for hackers.
However, the St. Joseph’s Health System data breach proved hackers are still willing to steal data the old-fashioned way. Patients and employees of Indiana’s St. Joseph’s Health System and seven other health care providers were recently notified that their personal information was discovered dumped at a location in South Bend. Some of the information exposed in the St. Joseph’s Health System data breach, which included legally protected health data, dated back to 1999 and was believed to be destroyed or stored by a now closed document management company. Now, the records have been properly destroyed or moved to a secure storage location. However, the St. Joseph’s Health System data breach is an example that not all data breaches involve sophisticated cybercrimes.
With that said, most of the time data breaches do involve some form of cyberattack. Right now, a popular method of attack is ransomware. Ransomware is when a cybercriminal locks a company’s computer system until a ransom is paid. Ransomware attacks came to the surface in the mid-2000s. However, in the past five years, they have grown to be one of the most common forms of attack. In fact, by 2018, the number of ransomware attacks had grown to more than 180 million per year globally.
The number of attacks and the average ransom paid – doubling in 2019 to $84,000 per attack – continue to grow. However, not everyone pays the ransom. That is why data thieves are using a new method to force companies to pay. Cybercriminals are now using a tactic where they threaten to sell personal information to the highest bidder on the dark web if their demands are not met. Columbia College of Chicago and the University of California at San Francisco recently fell victims to attacks like this, following a similar attack the week prior at Michigan State University.
The attackers posted what appear to be screenshots of student and faculty records on their blog, a popular way for cybercriminals to communicate. The records look to include personally identifiable information, which the hackers described as a sample of what they plan to make public on the dark web if they are not paid.
The hackers sent the following direct note to Columbia College: “If we don’t hear from you soon, all data like Social Security numbers and others will be sold on open markets of the dark web. Either way, we are getting paid. Now you choose how you want to handle this incident.”
The easiest way for people to prevent the impacts of a ransomware attack is to make sure to back-up their systems and data on a regular basis, as well as keep their software patched.
Finally, this past week Bombas, an apparel company known for its clothing and donations to homeless shelters, discovered malicious code in their system that could have been used to steal credit card information. One of the problems with the reducing rate of data breaches is that it can be very difficult, and lengthy, to find the root cause for many cyberattacks that result in identity information being compromised. The Bombas data breach is a case in point since the malware was present as early as 2016. For more information on this data breach, click here.
If anyone wants to learn more about how to protect themselves or their company from an identity compromise, as well as how to respond in the event of a data breach, they can find it on this website. If someone believes they are the victim of an identity crime or their identity has been compromised, they can live-chat with an ITRC expert advisor or call toll-free at 888.400.5530. Victims can also download the free ID Theft Help App. The app lets them track their case in a case log, access resources and tips to help them protect their identity and more.
Join us on our weekly data breach podcast to get the latest perspectives on the last week in breaches. Subscribe to get it delivered on your preferred podcast platform.
You might also like…