Exploit: Unauthorized Database Access (Malicious Insider) DataViper: Information Security
Risk to Small Business: 1.239 = Extreme A malicious insider is the culprit in a data breach at information security firm DataViper. 8,200 databases containing the personal information of millions of users were snatched from the company’s data leak monitoring service. The hacker, purportedly a former employee of Night Lion who is using that name for Dark Web activity, claims to have spent three months inside DataViper servers while exfiltrating databases indexed for the DataViper data leak monitoring service. The hacker also posted ads on the Empire Dark Web marketplace where they put up for sale 50 of the biggest databases that they found inside DataViper’s backend.
Individual Risk: 2.117 = Severe While these databases contained the information of billions of people worldwide, much of the information was from old breaches. Some new information was included, but researchers have not ascertained how much and what kind. This kind of information is often used in phishing and credential stuffing attacks.
Customers Impacted: 56,000 How it Could Affect Your Customers’ Business: While most insider incidents at organizations are caused by unintentional threats like human error, malicious insider attacks count for more than 20% of insider incidents. Some malicious insiders sell company secrets or even their own credentials on the Dark Web.
Give us the opportunity to see things from your perspective
2
Review Solution
Get a business justified solution that fits your goals
3
Switch over
Cost efficient IT that works!
Subscribe to our Bi-weekly Breach Report Newsletter
Sign up for Arnet Technologies Breach Report to receive updates on the most recent cybersecurity incidents affecting the business community. Read about the impact on the company, the risk to customer and company data, and the cybersecurity strategies that could help mitigate risk.
Ready to grow with fast and secure data access?
Talk with our team today for private, cost-effective, managed IT that WORKS