Exploit: Dormant email account hack.
TalkTalk: Internet service provider in the UK.
Risk to Small Business: 2.222 = Severe: After keeping a former customer’s email address open for 8 years, TalkTalk is taking heat for a brute-force login attack to her account. Spammers were able to crack the account password and harvest contacts from an address book, using them in personalized phishing campaigns. Upon receiving notifications of headline coverage, a company spokesperson finally announced that they had deleted the email address. News readers may take notice and shift their business elsewhere.
Individual Risk: 2.428 = Moderate: Although most personal information was not included, data from contact lists can still be manipulated in social engineering attacks. Other former customers who had accounts with the company should also reach out to have their accounts deleted.
Customers Impacted: One known customer.
How it Could Affect Your Customers’ Business: Aside from following proper data governance policies and deleting data from former accounts, companies must establish anti-phishing protocols. Businesses must protect their customer data by enlisting the help of security providers who have access to the latest and leading solutions on the market.
ClearYolk to the Rescue: Monitoring the Dark Web for stolen credentials is critical for companies who want to provide comprehensive security to their organisation. Our Phishing service compliments that data with simulated phishing attacks and security awareness training campaigns to educate employees, making them the best defence against cybercrime.
