Exploit: Ransomware
Allied Universal: Facility services retailer
Risk to Small Business: 2.111 = Severe: Cybercriminals encrypted the company’s IT infrastructure with Maze Ransomware, leaving behind a ransom demand that exceeded $2 million. When the company failed to pay by the instituted deadline, the hackers escalated the attack, publishing 700MB of company data online. Not only will this significantly complicate recovery efforts, the company will be responsible for sending data breach notifications to any impacted individuals. Notably, hackers have threatened to use Allied Universal’s domain name and email accounts to initiate spam campaigns.
Individual Risk: 2.428 = Severe: While ransomware often spares individual’s personal data, there is no honor among thieves, and users’ personal data could be compromised by this attack. Customers should be on the lookout for evidence of data misuse, and, given the hackers’ threat, they should be especially critical of messages purportedly originating from the company.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This is an incredibly expansive data breach for an SMB, and the repercussions are bound to be both expensive and far-reaching. Even when companies decline to submit to demands, the recovery costs can easily exceed the ransom payment. Coupled with additional data exposure, the price tag on such an incident could be immense. Ransomware is a top threat for any SMB, and the only adequate recovery is to proactively prevent malware from finding its way into your organization.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
