Exploit: Unauthorized database access
Nexus Mods: Game modification website
Risk to Small Business: 2.111 = Severe: Hackers exploited a legacy codebase on the platform to access user credentials. Although the company discovered the breach in November, they just revealed it this week, a move that will likely increase the customer blowback from the incident. While Nexus Mods moved up the development of new software and worked to mitigate the risks posed by their outdated code base, the incident reflects a lack of attention to detail and breach response plan.
Individual Risk: 2.428 = Severe: A subset of users had their account information accessed, including names, email addresses, usernames, and passwords. The platform recommends that victims carefully scrutinize digital communications, as this data is often used to create authentic-looking phishing scams that can further compromise customers’ information.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Exposed user account details can be a serious vulnerability to your customer and company data. Even if your platform isn’t breached, many customers reuse their credentials, allowing hackers to easily deploy phishing scams and gain front-door access to user accounts. However, when equipped with security features like two-factor authentication, customer accounts remain secure even when credentials fall into the wrong hands.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
