CafePress Users Are Latest To Have Information Breached

Hardly a week goes by that we don't see another major data breach making the headlines.
The latest company to fall victim to hackers is CafePress.

They are well-known on the internet for offering a platform where users can create their own customized coffee mugs, tee shirts and the like.

The company didn't make a formal announcement about the breach, and users only became aware of it when they started getting notifications from Troy Hunt's "Have I Been Pwned" service. Once word started leaking out, Hunt joined forces with security researcher Jim Scott, who had worked with Hunt in the past tracking down other data breaches.

Working together, they discovered a de-hashed CafePress database containing nearly half a million accounts was being sold on black hat forums.  The researchers could not confirm, however, if these records were related to the most recent breach, or some previous one.

In any case, as they probed more deeply, they discovered that the company was actually hacked back in February of this year (2019), and that it was a significant breach. That breach exposed more than 23 million user records.  Based on their findings, the hack exposed email addresses, names, passwords, phone numbers and physical locations.

To date, CafePress has not made a formal announcement about the matter, nor acknowledged the breach in any way. Although if you are a CafePress user, you will be forced to reset your password the next time you log on.

While that's a good step, it's completely at odds with the company's clumsy handling of the issue.  Password resets are not breach disclosures and notifications, and shouldn't be treated as such.  File this away as an example of how not to handle a breach if your company is hacked.

As a business owner, it is your responsibility to make sure that your business and client information are safe and secure. Call SpartanTec, Inc. in Fayetteville and let our team identify compromises within your organization and help you find ways to protect your business. 

SpartanTec, Inc.
517 Owen Dr
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com

Cities Served:
Fayetteville, Spring Lake, Hope Mills, Dunn, Aberdeen, Southern Pines, Pinehurst, Sanford, Clinto

All About Privacy Policies

Privacy laws exist so that websites of all kinds have to publish a Privacy Policy on their site and mobile app if they intend to collect personal information from their website and mobile visitors. Several third party services utilized to boost website performance such as payment processing tools, advertising plugins, as well as analytics suites likewise need to have a Privacy Policy. Here are a few things you need to know.

A privacy policy is much like a legal agreement that will explain what types of personal information is gathered form website visitors, how this information is used, and how it is kept safe. A few good examples are as follows:

• -          Names
• -          Email addresses
• -          Dates of birth
• -          Shipping and billing address
• -          Bank details
• -          Social security numbers

A privacy policy covers the kinds of information that is collected by the app or website, the purpose of data collection, data storage, access, and security, data transfer details, as well as utilization of cookies.

Privacy Laws in the US

Among the strictest laws in the country is CalOPPA. It affects everyone who gathers personal information from individuals residing in California, which implies that its reach extends outside the state borders. Although CalOPPA is strict it is not too difficult to comply with. One key requirement is for your website to have a privacy policy.

CalOPPA

It’s main purpose is to give protection of the personal data that is collected from the residents of California. Although CalOPPA isn’t a federal law but a state law, it will most likely affect your website even if you are operating somewhere else since the chance that your website will attract residents of California. It requires websites as well as apps to have a privacy policy that is both visible and accessible.

CalOPPA classifies personally identifiable data as first and last names, physical addresses, telephone numbers, email addresses, social security numbers, any other contact information shared with a company either online or offline, birthdates, as well as details of the visitor’s physical appearance.

You privacy policy can comply with the CalOPPA by including certain information like the kind of personal data that are gathered through the app or the website, a list of all the affiliated firms this data might be shared with, and a good explanation as to how users could ask to amend their personal data, which may have been collected. It must also include the privacy policy’s effective date, what transpires if the visitor submits a “Do Not Track” request, as well as the details of the third parties that collect the personal data that you have gathered through your app or website.

Do No Track or DNT is a setting that could be activated by users on specific browsers to block any behavioural tracking mechanisms by third party services such as Google Adwords. Under the CalOPPA, an app or website may or may not follow a Do Not Track request. But, users must be informed by websites if their DNT requests will be addressed or not. In case you need to comply with CalOPPA, be sure that your privacy policy is easily accessible and also clearly visible. Plus, the word privacy must also be shown on the display link. By doing so, people will be able to find your privacy policy easily.

Call SpartanTec, Inc. if you want to know how you can secure your company’s information as well as protect the details of your website visitors and app users.

SpartanTec, Inc.
517 Owen Dr
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com

Cities Served:
Fayetteville, Spring Lake, Hope Mills, Dunn, Aberdeen, Southern Pines, Pinehurst, Sanford, Clinto

New Ransomware Targets Network Attached Storage Devices

Yet another new ransomware family has been found in the wild, discovered independently by researchers at two separate security firms, Anomail and Intezer.  The new strain has been dubbed "QNPCrypt" by Intezer and eCh0raix" by Anomail and is written in the Go programming language.  When it encrypts files, it chances the file extension to ".encrypt" via AES encryption.

The fact that the strain was written using Go is interesting. What makes it truly unique, though, is that it primarily targets Linux-based NAS (Network Attached Storage) devices made by a specific company.  It only seems to impact devices made by Taiwan-based QNAP Systems.

Worst of all though, is that the devices targeted by this new malware strain seldom have anti-virus programs on them. Even if they did, there are only a handful of products currently capable of even detecting the strain.  By the time you know it's there, it's already too late to matter.

The good news though, is that the security researchers found a flaw in the code. Like most ransomware, after it encrypts your files, it demands payment in Bitcoin in exchange for un-encrypting them.  The authors of the malware designed the software to connect to a command and control server prior to the encryption step in order to receive a unique Bitcoin wallet address.  It relays this address information to the victim after their files are encrypted in order to facilitate payment, but there's a catch.

The server only had a finite number of wallet addresses available, and if there are no wallet addresses, then the encryption step never occurs.  The researchers created many "fake victims" and simply ran the command and control server out of unique Bitcoin wallet addresses.  It's a temporary fix, to be sure, but it buys time.

Researchers from both companies offered the same advice in terms of minimizing your risks:

• Never unnecessarily connect your NAS devices directly to the internet
• Always enable automatic updates to keep firmware up to date
• Use strong, unique passwords to secure your devices
• Make frequent backups just in case.

Those are all good pieces of advice generally.  If you make a habit of all four, you'll be miles ahead of the game.

Call SpartanTec, Inc. for more information on how you can keep your company safe against ransomware and other common online threats. 

SpartanTec, Inc.
517 Owen Dr
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com

Cities Served:
Fayetteville, Spring Lake, Hope Mills, Dunn, Aberdeen, Southern Pines, Pinehurst, Sanford, Clinto

New Phishing Scam Targets Your Amazon Account

McAfee researchers have discovered a new version of the 16Shop phishing kit in use by hackers around the world. According to the latest research, there are now more than 200 URLs currently being used by hackers to collect login information from Amazon customers. The methodology the hackers are using is simple. The hackers craft an email that appears to come from Amazon that indicates a problem with the user's account.

Ironically, most of the emails claim that an unauthorized login was attempted on the user's account and the email recommends that the user log in immediately to check and make sure nothing has been tampered with.

The email "helpfully" includes a link that appears to point to an Amazon login page, but of course, it's actually one of the aforementioned hacker-controlled URLs.  If a user enters their login credentials, they're simply handing those details to the hackers. They can then log into the user's account at their leisure, make any changes they like, and order products or steal data at will.

16Shop is a sophisticated product that has been used in a variety of ways.  A previous variant was discovered in late 2018, which targeted Apple users via emails that contained a PDF attachment.  The PDF was poisoned, of course. If the links it contained were clicked on, they would direct the recipient of the email to a URL controlled by the hackers. That URL would ask for the recipient's Apple account information, including payment card details.

These kinds of attacks are notoriously difficult to stop.  Vigilance and mindfulness are the keys to keep from being taken in.  A good policy to adopt is simply this:  Any time you get an email that appears to come from a company, don't click the link.  Open a browser tab yourself and manually type the address in.

Call SpartanTec, Inc. if you wish to make sure that your business and client information are secured various kinds of scams and other online threats today.

SpartanTec, Inc.
517 Owen Dr
Fayetteville, NC 28304
(910) 745-7776
http://manageditservicesfayetteville.com

Cities Served:
Fayetteville, Spring Lake, Hope Mills, Dunn, Aberdeen, Southern Pines, Pinehurst, Sanford, Clinto