It may well be the holiday season and a time for cheer and goodwill to all but investors were not happy at all when on Tuesday 11/19/19 Macy’s reported that they experienced another data breach in October.

Not Many Details Yet

Since the breach is so fresh there aren’t many details yet. Here is what Macy’s has reported so far:

Macys.com experienced a breach between October 7 and October 15 of this year.

• Malicious code was inserted into its website
• An unknown number of customer’s information was stolen
• That customer information included:
  • Names
  • Addresses
  • Phone numbers
  • Credit card numbers
  • Credit card verification codes
  • Credit card expiration dates.

Magecart Again?

While the exact identity of the hacker is unknown at this point, some are already speculating that Magecart the hacking/skimming group behind the British Airways, TicketMaster UK, NewEgg and Forbes hacks might well be behind the Macy’s attack.

How Vulnerable is Your Network?

Whether your organization handles the data for 30 or 30 million people, Konsultek will help keep your network safe and your data secure.

If you are unclear as to whether or not your security is up to the challenges of today’s hackers, we can help you find out.

Our team of experts is happy to provide an outside, independent and unbiased analysis of your network’s security. Simply give us a call or click here: https://konsultek.com/executive-risk-assessment/.

You’ll receive a complimentary Executive Risk Assessment. This assessment will not only show you the risk and impact to your most critical digital assets but also demonstrate the likelihood of a breach occurring.

In an ironic twist that Mark Twain would have been proud of Facebook’s most recent and largest breach to date stems from a feature Facebook added to give users more control over their privacy!

“View As” Gives More Than a View

Two bugs in Facebook’s “view as” feature were exploited by hackers.  The flaws enabled them to get control of so-called Access Tokens, which allowed them to be logged in as genuine Facebook users without having to use their password. Ouch! I guess my 20 character randomly generated password wasn’t much of a deterrent when you have a backdoor like that!

All told, nearly 50 million user accounts were compromised on Facebook including those of Mark Zuckerberg himself and Sheryl Sandberg, Facebook’s COO. When you factor in that many people use their Facebook account to access other services such as Spotify, Tinder and hundreds of others, the extent of the compromised accounts grows to staggering.

Do We Have Your Attention Now?

Facebook was already arguably under more scrutiny than any other company for its past security transgressions such as those involving Cambridge Analytica and “Fake News” but this latest episode is sure to garner the attention of even more individuals, lawyers and regulators both here and abroad. Two individuals here in the US have already filed lawsuits that they hope will become class-action lawsuits.

GPDR Could Cost Billions

GPDR went into effect on May 25^th of this year and that may have serious consequences for Facebook. If Facebook is found to be in breach of GPDR for failing to adequately protect user data they could be facing the largest security related fine in history. Under GPDR, a guilty party faces a fine of 20 Million Euro or 4% of revenue, whichever is larger. In this case, 4% of revenue represents a whopping $1.63 billion!

The Final Irony

Stories spread rapidly on Facebook. Real news and fake news alike and Facebook has taken tremendous heat for allowing fake news stories to proliferate across their platform. But, what is fake and what is real? And, with 2.2 billion users, who decides?

Well in the final ironic twist to this story Facebook was the one place you couldn’t learn about the latest breach. Why? So many users posted stories about the breach that Facebook’s spam filters thought the actions looked suspicious and removed them for looking like spam “fake news” stories!

Konsultek’s Take

Social networks such as Facebook pose a tremendous threat to the privacy of individuals and corporations who choose to use them. The use of a single Facebook login to access multiple properties means that the breach of a singular system, in fact, represents the breach of potentially hundreds. Extreme caution with social media has always been advised and this latest breach drives that home. While convenient, using shared credentials for access should be avoided as a security best practice.

Reporter Trolls the Russian Dark Web and Finds…

Dylan Curran, writing for the Guardian, recently published a fascinating look at the world of Russian Dark Web hacking forums.

Knowledge is Power

You may recall that we took a look at dark web forums previously here, here and here. Well, in case you are under the false impression that the dark web has been scrubbed clean or had the bright light of justice shone upon it, you’ll be disappointed to learn that the dark web is not just alive, but thriving!

FreeHacks

Dylan’s deep dive was into just one of the larger hacking forums called FreeHacks which divides itself up into no less than 17 different hacking related sub-forums (granted, one of those sub-forums  is “Humor”) to meet the needs of its 5,000 or so members.

Unlike some of the sites we’ve chronicled in the past, FreeHacks is focused on education and sharing and in this way really highlights the difference in mindset between Russian hackers and those in Western countries.

Collaboration vs. Independence

On FreeHacks information and instruction on a very detailed and granular level are being openly shared for the greater good of the community. This is in contrast to Western hackers who are more apt to keep a lower profile, less openly sharing knowledge and less likely to collaborate with strangers in order to maintain as much anonymity (and competitive advantage?) as possible.

Konsultek Collaborates Too

At Konsultek we understand that the best security solutions come from collaborating with the top firms and brightest minds in the industry. That’s why we’re proud to partner with industry thought leaders at ForeScout, Checkpoint, SentinelOne, Gigamon, IntSIght and more. Are you looking to collaborate with a local leader with a global reach? Look no further! If you’re interested in a complimentary Risk Assessment, just pick up the phone and give us a call to schedule your first step towards greater security.

Understand where your most important digital assets are, what the impact and likelihood of an incident is, and how to protect those assets.