A spear phishing attack tricked a customer service employee into providing information that ultimately allowed hackers to view and modify customer records. As a result, several GoDaddy clients, including Escrow.com, which provides escrow services for several prominent websites, were impacted. The breach will have costly implications for both GoDaddy and its customers, who will have to decide if…
Cybersecurity researchers identified an unsecured database containing thousands of customer files uploaded to the company’s secure cloud storage service. The exposed records include information dating back to 2016, which the company eventually secured. However, it’s unclear how long cybercriminals could have accessed this data or why it took Data Deposit Box nearly a week to…
1. Experienced Offshore Architects – While standard offshore models call for having architects onshore only and leaving code development and testing to offshore team, we believe otherwise. Keeping architects in close proximity to the developers and testers ensures quality of deliverables while keeping the overall cost of delivery reasonable. 2. Maintaining Overlapping Hours with Customer – Key resources, like architects, must…
Several employees fell for a phishing scam that compromised students’ personal information. The phishing scam, which took place on January 13th, happened just weeks before the school implemented 2-factor authentication on January 31st. If this effective defensive measure was in place sooner, hackers would not have been able to access employee accounts, even after they…
A phishing scam tricked an employee into providing hackers with email credentials that were used to access and download inbox content remotely. Although the breach was announced on February 5th, the phishing scam was executed in November 2019. It wasn’t discovered until December 2019. As a result, Altice USA will have a difficult time restoring…
Accidental Deletion – If you delete a user, whether you meant to or not, that deletion is replicated across the network. A backup can restore that user, either to on-premises Exchange or Office 365. Retention policy gaps and confusion – Office 365 retention policies are hard to keep up with, let alone manage. A backup provides longer, more…
HR & Payroll – When the company pays out to its employees, confidential information is shared with 3rd party companies such as ADP, Paychex and Ceridian. HR employees working on such online portals may be using credentials that are just a small variant of credentials used elsewhere. Once a password from another site is stolen and…
An October ransomware attack ultimately forced The Heritage Company to close its doors. Shortly before Christmas, the company informed the staff that their operation was no longer tenable, even noting that the CEO was paying salaries out-of-pocket in an attempt to keep business going while systems were unavailable. Unfortunately, three months after the attack, The…
Authorities are reexamining an August outage at the London Stock Exchange that was initially attributed to a software glitch. The disruption prevented traders from buying or selling shares for more than 90 minutes, and impacted prices on two stock indexes. The incident could have been caused by hackers trying to destabilise markets for their own…
