34 Mil Records Exposed Online; Attack On Gold Bullion Broker

In addition to the news of the sale online of 34 million users’ records from 17 companies, an attack on gold seller JM Bullion has been reported via a notice from the company. Here is a perspective from cybersecurity experts on both of these incidents.

More information:

Lazada RedMart Statement: https://pages.lazada.sg/wow/i/sg/redmart/redmartdatabasesecurityincident?spm=a2o42.lazmart_channel.0.0.70e948a6uUXEgj&wh_weex=true&scm=1003.4.icms-zebra-100435441-4915234.OTHER_6026139920_6465367

JM Bullion notice Reddit: https://www.reddit.com/r/Gold/comments/jluk70/jm_bullion_security_sensitive_data_breach_just/

Subscribe
Notify of
guest

2 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Dan Piazza
Dan Piazza , Technical Product Manager
InfoSec Expert
November 3, 2020 3:33 pm

In today\’s ransomware climate it\’s still alarming to hear when companies fail to disclose recent breaches, especially considering the backlash typically received when end users find an organization has not been forthcoming. However, I\’m not necessarily sure these are cases of willful ignorance on the part of the victims. Considering the recent trend of long dwell times for ransomware, it seems more likely that most of these organizations simply didn\’t know they were breached – which is actually a scarier reality.

Organizations need to have tools in place to defend themselves from breaches, however this may be an insurmountable task for some given available IT and financial resources, the potential for user error, and determination of the attackers who want to get in. Assuming any organization can be breached at any time, it\’s important to also have software tools in place to detect ransomware that\’s already in the network, lockdown paths to admin rights, and reduce overall attack surfaces to thwart the ransomware\’s path through the network. Just because you\’ve been breached doesn\’t mean the attackers have already won. If they can\’t gain access to an account with rights to sensitive information or admin privileges, then they\’ll be stopped dead in their tracks in many cases.

Last edited 1 year ago by Dan Piazza
Saryu Nayyar
Saryu Nayyar , CEO
InfoSec Expert
November 3, 2020 3:29 pm

The sale of 34 million stolen user records shows the kinds of business model cybercrime has evolved into. Individual attackers of APT groups steal information from their victims than either sell it themselves or pass it on to a broker who sells it for them. The simple fact that data brokers like this exist shows the extent of the problem. The law enforcement community is responsible for pursuing and prosecuting the attackers, while it is up to users to practice good account hygiene with carefully chosen passwords for each site, and multifactor authentication, and for companies to do what they can to protect their assets from attack. That includes adequate policies, and an up to date security stack, including behavioral analytics, to quickly identify a breach, and reduce the risk of one happening in the first place.

Last edited 1 year ago by Saryu Nayyar
Information Security Buzz
2
0
Would love your thoughts, please comment.x
()
x