News and Updates on Information Technology

Australia – Big Footy

Exploit: Phishing scam
Big Footy: AFL fan website

Risk to Small Business: 2.226 = Severe

Cybersecurity researchers discovered more 132GB of accessible data originating from Big Footy’s online platform. The data includes personal and business data, as well as private conversions between users. The company has taken steps to secure its infrastructure and notify users, two tasks that will be costly to its reputation and bottom line. Big Footy hopes that bad actors haven’t accessed this information, but information that’s publicly exposed is often collected and sold on the Dark Web.

Individual Risk: 2.761 = Moderate 

The breach exposed users’ private messages, email addresses, phone numbers, passwords, and other sensitive personal details. The breach compromised many high-profile users, including police officers and government officials, giving the public unprecedented access to their private conversations. Big Footy is warning users to carefully monitor their accounts and communications for signs of misuse. Those impacted by the breach should update their Big Footy passwords and any other account credentials using a similar password combination.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Today’s organizations face threats on many fronts, making accidental, unforced errors especially problematic. In this case, the company failed to adequately assess its IT environment to ensure that all of the access points were secure. It’s a reminder that small details can have enormous consequences, and today’s organizations need to plan for a 360-degree approach to cybersecurity. 

Source:
https://www.smh.com.au/politics/federal/big-footy-data-breach-exposed-private-details-of-up-to-100-000-users-20200529-p54xnz.html