Exploit: Ransomware
CivicSmart: Smart parking meter technology producer
Risk to Small Business: 2.130 = Severe
A ransomware attack encrypted CivicSmart’s network and exfiltrated company and customer data. The attack, which took place in March, was identified when hackers threatened to publish 159 gigabytes of sensitive data online. To prevent publication, the company paid an undisclosed ransom, and the files were brought offline. However, CivicSmart can’t rest easy. Despite promises to delete the information, it’s unlikely that cybercriminals will destroy valuable resources, which means that the stolen data could come back to haunt the company or its customers.
Individual Risk: 2.671 = Severe
Although the details are unclear, CivicSmart’s platform collects peoples’ personal and payment information as part of its smart parking meter service. What’s more, it partners with a variety of mobile apps and parking-garage vendors that could also be compromised in the breach. As a precaution, those impacted by the breach should notify their financial institutions of the incident, while carefully scrutinizing incoming messages for signs of a spear phishing scam.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Even before bad actors began exfiltrating data, ransomware attacks were uniquely costly and incredibly destructive. Today, companies can expect that a ransomware attack will double as a data breach, giving every organization millions of reasons to ensure that their networks are guarded against this especially problematic malware.
Source:
https://statescoop.com/smart-parking-meter-vendor-data-stolen-ransomware-attack/