Exploit: Credential Stuffing
Robert Half: Staffing Company
Risk to Business: 2.601 = Moderate
Robert Half has determined that more than 1000 job seekers and employees placed by the firm had their accounts accessed by an unauthorized source between April 26 and May 16, 2022, exposing potentially sensitive information that may have been stolen. The company says that there is no evidence that the information was actually accessed or downloaded, and current users are required to update their passwords.
Individual Risk: 2.612 = Moderate
The release disclosed that the targeted accounts stored information such as name, address, and social security number, as well as wage and tax information. The company noted that bank account numbers for direct deposits are stored in these accounts, but only the last four digits are visible.
How It Could Affect Your Customers’ Business: Teaching employees to make good, strong passwords and handle them safely with security awareness training prevents problems like this.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
