Exploit: Ransomware
Email.it: Email service provider
Risk to Small Business: 2.434 = Extreme
This product lets parents track their child’s location and alerts them if the child leaves their designated safe location – but a coding error allowed hackers to download users’ personal data and mimic their location on the service. This dangerous vulnerability not only disrupted that functionality, it also gave hackers access to minors’ location and personally identifiable information. To make matters worse, this is the second time that the watchmaker has experienced this flaw. The same problem was discovered and repaired in 2019, raising serious questions about the platform’s commitment to cybersecurity.
Individual Risk: 1.227 = Extreme
According to hackers, the databases contain users’ plaintext passwords, security questions, email content, and email attachments. The breach pertains to those who sign up for Email.it between 2007 and 2020. Fortunately, no financial information was compromised. Users should immediately reset their account credentials while also understanding that private details from their messages are already for sale on the Dark Web.
Customers Impacted: 600,000
How it Could Affect Your Customers’ Business: The Email.it breach is extensive, but it’s not the only way that hackers acquire account login credentials. With billions of records for sale on the Dark Web, they can often obtain this information relatively easily. In response, simple actions, like using strong, unique passwords across all accounts and enabling multi-factor authentication, can help keep accounts secure even after hackers acquire login credentials