Lessons Learned from the Top Cybersecurity Breaches of 2019
2019 continued the mega data breach trends from previous years. With no end in sight, it’s important for managed services providers (MSPs) to learn from them in order to help protect your customers in the future. Read on to find out more about the top breaches from 2019 and our biggest takeaways for MSPs.
While not much is known about Verifications.io, the breach exposed a great deal of personal and financial information and impacted between 800 million and 2 billion records worldwide. Since it’s a relatively obscure company, it’s surprising how many unique email addresses were added to the Have I Been Pwned database. You can read more about the breach here.
Pro Tip: While you can’t know when the next data breach will occur, you can help your customers take precautions by implementing and enforcing best password management practices.
First American Financial
In May 2019, a tipster informed security blogger Brian Krebs of a mistake by First American Financial Corp that left an estimated 885 million mortgage transaction records exposed. He found that if you knew the URL for a valid document on the website for First American Financial, you could view other documents simply by changing a single digit in the link—no authentication required. Learn more here.
Pro tip: Breaches like this can help cybercriminals deliver highly tailored social engineering attacks. Hosting regular and consistent security awareness trainings can help keep your customers wise to these attacks.
On January 17, Troy Hunt from Have I been Pwned posted on his website about a massive collection of 773 million unique usernames and passwords sitting in a cloud storage service called MEGA. A public collection like that is a gold mine for cybercriminals to utilize credential stuffing or business email compromise (BEC) scams.
Pro tip: Make sure your employees and customers use unique passwords and frequently refresh them.
Over 540 million Facebook records including comments, account names, FB IDs, and more were housed by Cultura Colectiva on an Amazon S3 cloud storage bucket and accidently exposed to the public. While Bloomberg reported the breach on April 3, 2019, security firm Upguard alerted both Cultura Colectiva and Amazon of the breach as early as January 2019, but the database wasn’t secured until Bloomberg contacted Facebook in April.
Pro Tip: As the use of cloud services and third-party vendors becomes more prevalent, security issues will happen that aren’t necessarily your fault. Make sure to play it safe by always being transparent with customers and auditors.
On January 16, Check Point Research revealed a flaw in Fortnite, the wildly popular video game from Epic Games. In their research, they discovered a vulnerability in some of Epic Games subdomains that put over 200 million gamers at risk. If a hacker took advantage of the same vulnerabilities, they could use a cross site scripting (XSS) attack to gain control of a target’s entire Fortnite account. All they would need is for the user to click a malicious link in a phishing email. Once the user clicked the link, the hacker wouldn’t need the user’s login credentials as the hacker could instantaneously capture the username and password.
Pro Tip: Have a good email security product in place to help filter out threats.
This breach affected mobile players who installed the Android or iOS version of Words With Friends, Draw Something, or the OMGPOP platform on or before September 2, 2019. Nearly 173 million unique email addresses were exposed, as well as usernames and passwords stored as salted SHA-1 hashes. You can read more about the attack here.
Pro Tip: Always use unique passwords—and, if you choose a password manager, make sure it uses strong encryption.
Dubsmash (and others)
In 2019, The Register revealed Dubsmash and more than 10 other companies experienced a breach when it reported a hacker had 20 different databases full of personal data from the companies ready to sell. Huge databases like these are aimed at spammers and credential stuffers. While the breaches occurred in 2018 or earlier, most of the companies were unaware or didn’t report until the seller came out publicly in February of 2019. Approximately 617 million online accounts were affected.
Pro Tip: As mentioned previously, transparency with your customers is important and so is making sure they use unique passwords and change them often.
Elasticsearch cloud storage
In January, security researcher Justin Paine found an online casino group exposed customer names, home addresses, phone numbers, credit card information, and recent online betting information. In total, approximately 108 million records were affected. The group used Elasticsearch, a “portable, high-grade search engine that companies install to improve their web apps’ data indexing and search capabilities” but didn’t secure it with a password.
Pro Tip: Make sure you configure any third-party service or software correctly before going live with it.
If current trends continue, we’re only going to see more breaches in 2020. In this climate, you should have the right tools in place to help protect you and your customers. A layered approach to your security is best. As these breaches show, it’s helpful to have strong email security and robust password management as part of your layered security. SolarWinds® Mail Assure seamlessly integrates with Microsoft Office 365 and offers near 100% email filtering to help fight against malicious emails. Learn more by visiting solarwindsmsp.com/products/mail?promo=blog today. generates and encrypts strong passwords to help keep your customers safe from hacking attempts. Learn more by visiting www.passportalmsp.com?promo=blog today.
SolarWinds® adds Passportal suite to its MSP product portfolio. MSP security, simplified. SolarWinds® Passportal + Documentation Manager is a SOC 2 certified, RAPID 7 tested, award winning platform.
Grow your business faster with the world's first unified platform for true password management and secure IT documentation. More than 2,000 best-in-class MSPs around the world are leveraging our security, automation, and rapid access client knowledge to out preform the competition.