34 Mil Records Exposed Online; Attack On Gold Bullion Broker

In addition to the news of the sale online of 34 million users’ records from 17 companies, an attack on gold seller JM Bullion has been reported via a notice from the company. Here is a perspective from cybersecurity experts on both of these incidents.

More information:

Lazada RedMart Statement: https://pages.lazada.sg/wow/i/sg/redmart/redmartdatabasesecurityincident?spm=a2o42.lazmart_channel.0.0.70e948a6uUXEgj&wh_weex=true&scm=1003.4.icms-zebra-100435441-4915234.OTHER_6026139920_6465367

JM Bullion notice Reddit: https://www.reddit.com/r/Gold/comments/jluk70/jm_bullion_security_sensitive_data_breach_just/

Experts Comments

November 03, 2020
Dan Piazza
Technical Product Manager
Stealthbits Technologies
In today's ransomware climate it's still alarming to hear when companies fail to disclose recent breaches, especially considering the backlash typically received when end users find an organization has not been forthcoming. However, I'm not necessarily sure these are cases of willful ignorance on the part of the victims. Considering the recent trend of long dwell times for ransomware, it seems more likely that most of these organizations simply didn't know they were breached - which is actually .....Read More
In today's ransomware climate it's still alarming to hear when companies fail to disclose recent breaches, especially considering the backlash typically received when end users find an organization has not been forthcoming. However, I'm not necessarily sure these are cases of willful ignorance on the part of the victims. Considering the recent trend of long dwell times for ransomware, it seems more likely that most of these organizations simply didn't know they were breached - which is actually a scarier reality. Organizations need to have tools in place to defend themselves from breaches, however this may be an insurmountable task for some given available IT and financial resources, the potential for user error, and determination of the attackers who want to get in. Assuming any organization can be breached at any time, it's important to also have software tools in place to detect ransomware that's already in the network, lockdown paths to admin rights, and reduce overall attack surfaces to thwart the ransomware's path through the network. Just because you've been breached doesn't mean the attackers have already won. If they can't gain access to an account with rights to sensitive information or admin privileges, then they'll be stopped dead in their tracks in many cases.  Read Less
November 03, 2020
Saryu Nayyar
CEO
Gurucul
The sale of 34 million stolen user records shows the kinds of business model cybercrime has evolved into. Individual attackers of APT groups steal information from their victims than either sell it themselves or pass it on to a broker who sells it for them. The simple fact that data brokers like this exist shows the extent of the problem. The law enforcement community is responsible for pursuing and prosecuting the attackers, while it is up to users to practice good account hygiene with.....Read More
The sale of 34 million stolen user records shows the kinds of business model cybercrime has evolved into. Individual attackers of APT groups steal information from their victims than either sell it themselves or pass it on to a broker who sells it for them. The simple fact that data brokers like this exist shows the extent of the problem. The law enforcement community is responsible for pursuing and prosecuting the attackers, while it is up to users to practice good account hygiene with carefully chosen passwords for each site, and multifactor authentication, and for companies to do what they can to protect their assets from attack. That includes adequate policies, and an up to date security stack, including behavioral analytics, to quickly identify a breach, and reduce the risk of one happening in the first place.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts