Security News Survey- August 23, 2019

This week, we look at MoviePass’ exposure of thousands of customer data, a ransomware attack affecting Texas, and a report on the 4K data breaches exposing 4B records in 2019.


The security headlines have been rife with data breaches and cyber attacks this week, adding to the growing importance of proactive cybersecurity. Putting in place a holistic approach when dealing with a company’s cybersecurity seems to be more urgent than ever based on some of these stories. Let’s take a look.

MoviePass exposes thousands of customer card numbers

On Wednesday, movie ticketing service MoviePass exposed tens of thousands of customer card numbers and personal credit cards due to an unsecured database. Security researcher Mossab Hussein found the exposed database, which housed a whopping 161 million records at the time of discovery and was growing in real-time. The records that were left publicly accessible for months included MoviePass customer card numbers, personal credit card numbers, expiration dates, names, addresses, emails and passwords. At least 60,000 MoviePass customers have been affected. 

The unsecured database was reportedly discovered previously by a different security researcher, suggesting that the records may have been exposed since May of this year. MoviePass was allegedly notified of the issue at the time, but the database was not immediately secured. The company has now acknowledged the security incident after being contacted by TechCrunch and has secured the system in the hopes to prevent further exposure. Once again, we see the harsh impact of having an unsecured system and the need for companies to ensure that securing their customer’s data is a top priority.

Coordinated ransomware attack hits 23 Texas local governments

Over the past few months, we’ve seen cities all over the US paralyzed by ransomware attacks, including Albany, Lake City, Revera Beach, Baltimore, and Atlanta. Last Friday, more than 20 local Texas governments were hit by a coordinated ransomware attack that took down the agencies’ computer systems. State agencies worked Saturday to restore the affected systems and noted that the attack seemed to have come from a single threat actor. Although investigations are underway, the Texas Department of Information Resources stated that “recovery [is] the priority at this time.” The size of the ransom demanded and the names of the affected agencies have yet to be released by authorities, but they have ensured the public that the state government of Texas was not affected in the attack. Fortunately, the local Texas governments were able to get their systems back-up fairly quickly, but many other cities that were hit in the past 6 months were not as fortunate.   

Report shows 4.1 billion records exposed in the first six months of 2019

New industry research has confirmed the upward trend of data breaches amongst companies in 2019, which we noted in our review of the 2019 Data Breach Investigation Report. The 2019 MidYear QuickView Data Breach Report dives into the first six months of 2019 on the cybersecurity front, and the results shed light on the unfortunate lack of security protocols and regulations maintained in the business world today. According to the report, approximately 4,000 publicly disclosed breaches happened in the first six months of 2019, exposing a massive 4.1 billion records. What’s even more extraordinary is that 3.2 billion of those records are attributed to only 8 breaches. 

Most of the data breaches this year had a moderate to low severity score, mostly tied to cybercriminals lazily catching any and all exposed data through automated scripts, meaning that securing all databases first is key for any company, small or large. The business sector accounted for 67% of the reported breaches, showing that organizations really need to work on ensuring a holistic and proactive approach to cybersecurity in order to protect their critical data. As we chug along for the rest of 2019, we hope to see more companies focusing on cybersecurity and taking more proactive actions to protect their customer data. 

 

If you’re interested in learning more about how you can run effective security operations (SecOps) with UEBA and MITRE ATT&CK, register today for our webinar on September 25, 2019 at 2pm ET / 11am PT.