It Starts with a Phish: Employee PII at Risk When Pipeline Development Outsourcer Falls Victim to Ransomware Attack

iStock-936338884-1The latest example of a modern-day ransomware attack demonstrates how data encryption and ransom can no longer be the assumed extent of an attack.

Two weeks ago, outsourcing service provider ExecuPharm released a notice of data breach to their consumers. In it, ExecuPharm noted experiencing a ransomware attack in March of this year where “employees received emails from unknown individuals”. According to the notice, this attack resulted in “encrypted ExecuPharm servers” and “a ransom in exchange for decryption.”

According to the notice, the data accessed as part of the encryption included “social security numbers, taxpayer ID/EIN, driver's license numbers, passport numbers, bank account numbers, credit card numbers, national insurance numbers, national ID numbers, IBAN/SWIFT numbers, and beneficiary information (including social security numbers).”

While necessary as part of Vermont state law, the impacted data only involved employees. Additionally, even though appeared to clearly be a ransomware attack, it’s no longer advisable for organizations to assume data has not been stolen. According to Microsoft, the default is for ransomware gangs to steal your data whether or not they threaten to leak it to pressure a ransom payment.

Because of this, organizations have placed ransomware as a key risk factor in their cybersecurity and business continuity plans. Preventative measures include educating users via Security Awareness Training on the prevalence of phishing scams as the initial attack vector and how to avoid falling for social engineering tactics in these emails that result in the installation and spread of ransomware within your organization.

Ransomware Has Gone Nuclear, How Can You Avoid Becoming The Next Victim?

There is a reason more than half of today’s ransomware victims end up paying the ransom. Cybercriminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.

After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

GoneNuclear-WEBINARJoin us for this webinar where, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, dives into:

  • Why data backups (even offline backups) won’t save you
  • Evolved threats from data-theft, credential leaks, and corporate impersonation
  • Why ransomware isn’t your real problem
  • How your end users can become your best, last line of defense

Watch Now

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Anti-Phishing Guide ebook

Get the latest about social engineering

Subscribe to CyberheistNews