Over 1.6 million people residing in the state of Washington are prone to identity theft and fraud after sensitive information in their unemployment claims was compromised following a software vulnerability in a popular file transfer service, Bleeping Computer reports.
The leaked information includes people’s full names, social security numbers, driver’s licenses, and bank and employment details. The breach allegedly took place in December 2020, following a targeted attack against Accellion’s File Transfer Appliance (FTA), a document sharing tool used by a number of government organizations and financial institutions.
The Office of the Washington State Auditor (SAO) is investigating the breach, allegedly linked to incidents generated by the same service against the Australian Securities and Investments Commission (ASIC) and the Reserve Bank of New Zealand (RBNZ).
The Federal Trade Commission (FTC) has confirmed that identity theft cases doubled in 2020, nearing 1.4 million. The reports were mostly related to fraudsters trying to take advantage of government support programs. Unfortunately, this is not an isolated case. INTERPOL investigations report a skyrocketing increase in cyberattacks and data breaches worldwide. Ranging from COVID-19-related online scams and phishing, to ransomware, DDoS attacks, and data harvesting malware, threat actors have been multiplying at a fast pace.
The Silver Lining
The rush for digital transformation as well as reliance on cloud services and remote infrastructures may have opened the door for malicious attacks, but they have also changed how cybersecurity investments are perceived worldwide. If pre-pandemic some companies were more reluctant to invest in cybersecurity, it now looks like decision makers are not only actively thinking about securing their systems, but also designating significant budgets to fend off attacks.
Security leaders are struggling to boost security, despite pandemic-induced layoffs. Moving forward, as many as 83% of security managers will rely on managed and hosted services for security operations in 2021, found a survey by Canadian company Syntax. Regardless of industry, enterprises with a shortage of in-house resources and that do not have a security operations center (SOC) team will likely outsource security to MSPs to reduce staff and hardware costs, to address the skill shortage, and benefit from advanced services that may normally be inaccessible.
The same survey found that 90% of security managers invested in cybersecurity tools last year to address an increasing number of cyberattacks, yet an overwhelming majority is not happy with the results. By outsourcing security to managed service providers, enterprises can focus their efforts on digital transformation, revenue, and customer satisfaction. In this environment, MSS providers will have to remain competitive and update their service portfolio with the latest technology for vulnerability management and digital risk protection.
To understand how digital risk protection (DRP) can help your business, take a look at our white paper “Rethinking Digital Risk Protection and Mitigation.”