Two Industry Giants Report Breaches in September

2022
Data Breach U-Haul Samsung Data Breaches

Two Industry Giants Report Breaches in September

DESCRIPTION

U-Haul International, a leader in the moving and storage industry, reported a breach after Labor Day that involved their servers. The breach involved a customer contract search tool on the company’s website thanks to the compromise of two unique passwords. It is believed that external threat actors attained access to customer rental contracts through the tool between November 5th, 2021, and April 5th, 2022. While the company has clearly stated that no credit card information was exposed in the attack, customer names, driver’s licenses and other forms of identification were exposed. The company began notifying customers who may have been affected by mail on September 9th. U-Haul previously experienced a breach back in 2017 when the network of one of its rental affiliates was accessed by an unauthorized party.

On September 2nd, 2022, another breach was announced, this time by the consumer electronics giant, Samsung. According to the official notice, systems based in the U.S. were accessed by an unauthorized third party on August 4th, 2022. The list of compromised data includes the names and contact information of customers as well as demographic information, birth dates and product registration information. Like U-Haul, Samsung assures customers that credit card information or social security numbers were not accessed in the attack. This is the second breach experienced by Samsung in 2022. Back in March, the company reported a breach that exposed internal company data and source code for some of its products.

IDENTIFY INDICATORS OF COMPROMISE (IOC)

Both incidents were confirmed by an internal investigation conducted by the respective companies but neither has stated how they initially discovered the breach.

CONTAINMENT (If IoCs are identified)

A U-Haul spokesperson says that the company is currently augmenting their security measures and introducing additional security safeguards and controls to better secure the search tools on their website. The company confirms that all search tools are safe and that their website is fully operational. U-Haul is offering identity theft protection through Equifax to all affected customers for one year at no charge.

Samsung reports that they too are undertaking new measures to secure their affected systems and has acquired the help of a leading outside cybersecurity firm to review and modify their security tools and policies. Samsung is recommending that affected customers should be on guard against phishing emails because of the breach. They are also advised to take advantage of a free credit check.

While most companies provide some sort of credit monitoring to those affected by a data breach, these measures can prove very expensive. Credit monitoring can cost anywhere between $10 and $30 a month per individual. This can quickly run into the millions of dollars for a sizable breach.

PREVENTION

The password requirements for accounts associated with a service or application should be far more stringent than those used to secure user accounts. The U.S. National Institute of Standards and Technology (NIST) recommends creating long passphrases that incorporate up to 64 characters rather than dictionary words. Each service, application, or privileged account should be secured by a unique password. Passwords should also be stored in an encrypted format. While NIST no longer recommends that standard users change their passwords, this is not the case for passwords protecting privileged assets or accounts as these passwords should be changed according to an enforced schedule. For user credentials, organizations should supplement password protection with multifactor authentication (MFA) systems. Although texting has proven highly popular in recent years, security firms now recommend the use of an authenticator app instead as they are offer greater security and reliability. Password policies should be in place that outline the specific steps to take for employees that leave the company for one reason or another. Users should be encouraged to use password managers that will automatically generate strong, unique passwords for each online account they have, while only requiring users remember only one password to access the manager itself.

You can strengthen your Incident Response Readiness (IRR) to prepare for an attack. A security assessment will help identify areas of risk and opportunities for improvement to prevent or limit the impact of a successful malware attack.