United States - BodyBuilding.com
Exploit: Employee phishing scam
BodyBuilding.com: Idaho-based online forum and retailer for supplements
Risk to Small Business: : 1.888 = Severe: A single phishing email targeting staff members managed to compromise an entire network, allowing hackers to access the personal information of the platform’s users. Even more alarmingly, the company was unable to confirm if data was actually stolen, signaling a lack of privacy stewardship. Along with the threat of fines or lawsuits, the company stands to lose the trust of customers who catch wind of the breach.
Individual Risk: 2.428 = Severe: While the platform contends that credit card and social security numbers were not compromised in the breach, they acknowledged that it’s possible that hackers accessed customers names, email addresses, billing/shipping addresses, phone numbers, order history, and company communications.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Phishing scams are preventable, and the right training coupled with proactive security software can stop such an attack before it compromises the entire network. This incident serves as reminder that untrained and unfamiliar staff can be a point of vulnerability that hackers tap into, creating significant security risks for any company.
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.