Cybersecurity and Awareness
Marketing has changed over the years. In the last decade or so, this has transitioned from the prior print, radio, and television media to digital media. While these have the same goal, the media itself has changed. The persons involved with this, social influencers, aren’t just taking selfies, but have made this into a business for themselves. One firm embracing this is Preen.Me, based in Tel Aviv. The firm is a next-generation marketing platform. A bi-product of this involves cybersecurity and attacks, which they found out the hard way.
Attack
This is an odd situation. Yes, there was a breach and the data and information were exfiltrated. This is documented via the sample provided. Generally, when this happens, the situation demands everyone relevant to get involved to investigate it. There may also be third parties involved with this to fully review the attack, methods, and other aspects. At least through the three weeks after the organization learned of the breach, they still have not announced anything with this attack. The publication of the attack methods and post-breach remediation will probably not be announced either. It’s interesting the organization did not know they had been breached. With the third party letting them know, seemingly, the cybersecurity department would be really working intensely on this to find the root of the issue.
Discovery
As a rule of thumb, the organization should generally be aware when they have been breached. The cybersecurity area should be there to review the logs, alerts, and other red flags indicating there has been a problem. When the organization has no idea, this infers there is some form of a systemic problem. In this case Preen.Me was notified by Risk Based Security of the issue. Risk Based Security discovered the compromise on June 6, when the attacker revealed they had successfully attacked Preen.Me’s system and exfiltrated the data. To document this, 250 of these records were posted to PasteBin on June 6th.
Data
While this was not the largest breach, the number of those affected is still significant. In this case, approximately 100,000 social media influencers had their personal information accessed by an unauthorized third party. While this was detrimental, this breach also led to another 250,000 social media users have their information likewise on a dark web site. The data itself consists of the social media influencer’s links to their individual social media accounts, email addresses, names, phone numbers, and home addresses.
Effects
While merely having the data in the dark web for anyone to view is not the optimal scenario, there is another use of this for the attackers. The data, curiously, may also be used for scamming the persons involved. This does not appear, from the published accounts, to have confidential data stolen that the attackers could sell rapidly (e.g. social security numbers). The hope is the company does provide an announcement and do something for the affected persons.
Resources
Coker, J. (2020, June 25). 350,000 social media influencers and users at risk following data breach. Retrieved from https://www.infosecurity-magazine.com/news/data-breach-social-media/
Dissent. (2020, June 25). Personal data of 350,000+ social media influencers and users compromised following preen.me hack. Retrieved from https://www.databreaches.net/personal-data-of-350000-social-media-influencers-and-users-compromised-following-preen-me-hack/
Duran. (2020, June 29). The personal data of 350,000 social media influencers and users is at risk after a preen.me data breach. Retrieved from https://www.cyclonis.com/personal-data-of-350000-social-media-influencers-users-at-risk-after-preen-me-data-breach/
RBS. (2020, June 24). Personal data of 350,000+ social media influencers and users compromised following preen.me hack. Retrieved from https://www.riskbasedsecurity.com/2020/06/24/personal-data-of-350000-social-media-influencers-and-users-compromised-following-preen-me-hack/
Security Experts. (2020, June 26). Experts on 350,000 social media influencers and users at risk following data breach. Retrieved from https://www.informationsecuritybuzz.com/expert-comments/experts-on-350000-social-media-influencers-and-users-at-risk-following-data-breach/
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.