At a glance.

  • WordFly data breach impacts clients in the arts.
  • Wawa reaches settlement for 2019 cyberattack.
  • New PhaaS platform boasts 24/7 customer service. 

WordFly data breach impacts clients in the arts.

SecurityWeek reports digital marketing firm WordFly suffered a data breach that has taken all of its services offline for the past two weeks. According to WordFly’s most recent status update, a system disruption was first detected on July 10, and within hours all services hosted internally, including its backup services, were shut down. Only July 14 it was discovered the intruder exfiltrated data including user names, email, and other imported info, but WordFly claims the attacker deleted the data the following day. “We have no evidence to suggest, before the bad actor deleted the data, that the data was leaked over the dark web and/or sent to any other public facing domain/disseminated elsewhere,” WordFly said. As we previously noted, the Smithsonian’s National Zoo & Conservation Biology Institute confirmed last Friday that it was impacted in the attack on WordFly, which the institute employs for email newsletter distribution. As well, Global News reports that the data of three Toronto-based arts companies were also compromised. The Canadian Opera Company, Toronto Sympathy Orchestra, and Canadian Stage have emailed subscribers to notify them of the breach. “WordFly has confirmed that they are not aware of the data being publicly distributed and/or misused and we have been assured that the incident has been contained,” reads an email Canadian Stage.

Wawa reaches settlement for 2019 cyberattack.

US convenience store chain Wawa has agreed to pay $8 million in a settlement with six states for a 2019 malware attack in which threat actors stole the credit and debit card information linked to 34 million payment transactions. NJ Advance Media reports that the state of New Jersey will be given approximately $2.5 million while the remainder will be divided between Pennsylvania, Florida, Delaware, Maryland, Virginia, and Washington D.C. Wawa in April agreed to pay $12 million to settle a class action lawsuit tied to the attack. The malware stemmed from a malicious email opened by an employee, allowing the attackers to steal payment card data from point-of-sale terminals at Wawa stores and gas pumps. The chain, which operates over eight hundred stores, ​​has admitted no wrongdoing, but as part of the settlement has pledged to improve protections for customer data. Acting Attorney General Matt Platkin stated, “This settlement is as important for the strengthened cyber security measures it requires as for the dollars Wawa must pay. This settlement should serve as a message to the industry that we are serious about holding businesses accountable when they fail to protect consumers’ sensitive personal information.”

New PhaaS platform boasts 24/7 customer service. 

IronNet details a new phishing-as-a-service platform cleverly dubbed Robin Banks that peddles pre-made phishing kits to cybercriminals who wish to steal financial information of residents of the US, UK, Canada, and Australia. Researchers discovered in mid-June that a new Robin Banks SMS/email campaign was targeting not only financial details tied to Citibank, but also credentials linked to Microsoft accounts. This indicates that the platform could be leveraged not just for financial fraud, but also to obtain access to corporate networks. Single pages on Robin Banks, which include future updates and around-the-clock customer assistance, run for $50/month, while full access costs users $200/month. While phishing-as-a-service platforms are nothing new, Robin Banks stands out for its focus on 24/7 support, and for regular updates that include bug fixes and new features. 

Erich Kron, security awareness advocate at KnowBe4, commented on the maturation of the criminal-to-criminal market: “This is an example of how far cybercrime and email phishing has evolved. No longer are these just individuals trying to decide how to scam people, but instead dedicated, mature services are now offering templates and the ability to send mass phishing emails for a very low cost. This maturing of the cybercrime market is a key reason why organizations simply can’t ignore the threat of email phishing. Instead, user education and training, designed to help users spot and report email phishing, needs to be a key point of any modern cyber security program.”