The year 2020 is 100% the year of cyber crime as it continues to be the safest, most profitable and most common way for criminals to make money. It’s not a surprise that seemingly everyday there is another major company that has fallen victim to some sort of cyber attack. Whether the hackers are using phishing emails, social engineering, ransomware, or malware, you can be sure that every company needs to start paying attention to the huge cyber security threat. Just recently, we have discovered 5 major Canadian and American companies that have fallen victim to gigantic cyber attacks.
- LifeLabs [1]
LifeLabs is Canada’s largest medical laboratory serving the majority of Canadians. In fact, nearing the end of 2019, Lifelabs experienced a data breach that affected approximately 40% of ALL Canadians – upwards of 15 million people. Former privacy commissioner of Ontario, Ann Cavoukian, detailed the breach as the “most sensitive of information.” What was compromised? Reportedly, the health card numbers, names, email addresses, login, passwords and dates of birth have all been exposed. In an attempt to ease their costumers, Lifelabs has offered all those affected free Dark Web Monitoring and Identity Theft Insurance.
- Chartered Professional Accountants of Canada (CPA) [2]
The Chartered Professional Accountants of Canada says that a recent cyber attack on its website affected upwards of 330 000 of its members and stakeholders. What was compromised? It was reported that first names, last names, employer names, emails, and addresses of their members and stakeholders was stolen. Always a threat are the passwords and credit card numbers, but due to encryption, they were safe this time from the bad actors. The CPA warns that the data stolen could and will be used for identity theft, so their users should remain vigilant for fraudulent emails.
- Grubman Shire Meiselas & Sacks (Entertainment & Media Lawyers) [3]
The Grubman law firm is a leader in its industry. They represent major entertainment stars like J-Lo, David Letterman, Robert DeNiro, Barbra Streisand, Maria Carey, Rod Steward, Bruce Springsteen, Elton John, the Kardashian sisters & family, Madonna, Tom Cruise, Dwayne Johnson and many more major artists. Grubman was hit by a ransomware attack this May that demanded 21 MILLION to decrypt the data. What was compromised? The leaked files include contracts, phone numbers, emails, agreements and more. When the full ransom demands were not met, some documents were released to the public for Lady Gaga and the hackers posted an updated demand of $42 million, 2 times the original amount. Now, the hackers are threatening to leak info related to President Trump. Although Grubman says they never worked directly with Trump, they say they have some dirty laundry on Trump that could hurt his re-election.
- Diebold Nixdorf (ATM Manufacturer & Retailer) [4]
Diebold Nixdorf is currently the largest ATM provider in the US, and they fell victim to a ransomware attack this April. The company reported that they only experienced only a “limited IT systems outage” and that ATM machines were not affected. While the company’s IT and security teams did a good job in containing the extent of the ransomware, the ransomware attack affected services for about 100 of its customers. The form of ransomware was reported to be a strain called PwndLocker, famous for demanding funds upwards of $660 000 dollars as a ransom payment. Thankfully, Diebold did not reward the cyber criminals by paying the ransom.
- The Beer Store [5]
Amid the global pandemic of COVID-19, some of Ontario’s 450 industry-owned retail beer outlets known as The Beer Store have been forced to accept only cash for sales after a cyber attack in March. Over twitter, the Beer Store released the statement “Overnight, we were subjected to a cyber attack and are following internal response protocols. Some of our locations are operating with cash only.” However, it is unclear if the cyber attack was successful, or what was attacked like the Point of Sale system of the website. Hacks like this are increasing. Hackers are commonly infiltrating web pages and e-commerce transaction providers to insert code and skim off payment card numbers.
Cyber attacks are ever prevalent, and the threat to your business is constant. How can a business be better secure against cyber attacks? Consider the 3 Pillars of Cyber Security: People, Process, & Technology.
People are, and will always be, the weakest link in the cyber security chain. Cyber Security Awareness Training remains the best tool to educate staff on today’s cyber threats and enables them to fight against cyber attacks everyday.
Company Processes should be revisited every quarter. It is always recommended to have an up to date Business Continuity and Disaster Recovery plan. In the event of a cyber attack or a natural disaster, (ie. COVID-19), you should always have a plan to keep your business afloat.
Lastly, the Technology should always be current, up to date, and strong. Enable your users and staff with proper Network Security and Dark Web Monitoring. When all three of these pillars of cyber security are at its strongest, you can be sure that you’re protected from cyber attacks.
Please reach out to us about the products we’ve mentioned: Cyber Security Awareness Training, Business Continuity, Dark Web Monitoring & Network Security.