Description
On August 1, 2023, Topgolf Callaway Golf Brands, a global leader in golf equipment manufacturing and signature driving ranges, experienced a breach affecting over 1.1 million customers. The American-based company, which employs over 25,000 globally, confirmed through a notification to the Maine Attorney General’s office that unauthorized access into its customer database was gained. This breach exposed names, shipping details, contact information, order records, and login credentials. Thankfully no payment, government ID, or Social Security data was involved. The incident also disrupted e-commerce services across several of the company’s brands.
Identify Indicators of Compromise (IoC)
Callaway Golf has not offered any details about how the attack was carried out or identified other than its IT department having discovered the attack on August 16. Some operations were down indicating that it may have been a ransomware attack.
Actions Taken
Callaway Golf sent a letter to all impacted individuals on August 29 to notify them about the incident. The company is forcing all customers to reset their customer accounts by directing them to “callawaygolf.com/reset-password” since their passwords and security questions and answers may have been compromised. In addition, the company is implementing additional protective security layers around its data and improving security protocols that govern access to the system. The company is also working closely with outside experts to enhance their security strategy and security controls to prevent such incidents from occurring in the future.
Prevention
Passwords and security questions have a vulnerability: they rely on knowledge-based authentication. This kind of information is susceptible to theft by cybercriminals. Multifactor authentication (MFA) enhances security by introducing at least one more validation step. Instead of just what you know, MFA combines this with something you possess, like a mobile device for receiving verification messages, or something biologically inherent, like a fingerprint. While MFA undoubtedly fortifies defenses beyond mere passwords, it isn’t impervious. One example includes the creation of a recent phishing method that bypasses MFA. This underscores the importance of a multi-layered security approach, often termed “defense in depth.” By employing multiple security mechanisms, you fortify your defenses so that even if one layer is compromised, others stand guard against potential breaches. In today’s expansive threat environment, relying on a single security measure is insufficient. HALOCK Security Labs can guide you in developing a comprehensive security framework that safeguards your digital assets while fulfilling your duty of care and meeting compliance requirements.
