Charles Wright

Macy’s Data Breach Exposes Customer’s Credit Card Information

Macy’s sent a letter to customers Tuesday, informing them of a data breach that compromised credit card information. On October 15th, Macy’s discovered unauthorized code on two specific pages of their online storefront. Hackers successfully installed card skimming code on the “Checkout” and “My Wallet” pages of macys.com. Macy’s says the code was added to these pages on October 7th and discovered and removed on October 15th.

The information skimmed by hackers was First Name, Last Name, Address, City, State, Zip, Phone Number, Email Address, Payment Card Number, Payment Card Security Code, Payment Card Expiration Date. Information stolen was used to “Checkout” or added to the customer’s “My Wallet” between the 7th and the 15th from a desktop computer. Macy’s claims mobile orders were not affected. Customers affected will be contacted and offered consumer protection at no cost.

What this means for you:

If you shop on the Macy’s web site, keep an eye on the credit cards you use or have remembered on that site.

If you think your card was compromised, contact Macy’s for a consumer protection code key. Macy’s is teaming up with Experian IdentityWorks for this service.

Now that this is a known issue, be on the lookout for phishing campaigns to ride on the coattails of this event. As we always advise, don’t click on links in emails that are asking for username and password. Instead go directly to Macys.com or call to find out next steps.

For a quick refresher, click here to watch our video on phishing.

If you know you used a card between the dates listed on macys.com, call the cardholder and have them issue you a new card to head off any future issues.

Quanexus IT Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts

Deepfake Videos and Potential Consequences

There is a new trend of videos online that are getting the attention of technology companies and the US government. Deepfake is the name associated with a form of video manipulation where it appears someone is doing or saying something they never actually did or said. The technology is still new, but is evolving quickly.

Hollywood has been able to manipulate video for a long time, think about Forrest Gump shaking hands with JFK in 1994. The difference is this new technology automates the work that used to take thousands of hours for a design team to manipulate frame by frame. This new software learns the face of a person and can superimpose it onto another body while the person is talking or moving. The videos being produced right now still look like they have been manipulated, but the technology is improving quickly. As the technology advances, the software needs less and less reference imagery to learn the face of the person being superimposed.

Google created a database of 3,000 deepfake videos and released them to companies developing software to detect fake videos. There is no detection software on the market at this time. The Pentagon is also doing research to try to stay ahead of this trend. They are creating deepfake videos at the University of Colorado that they can later use to develop technology to detect fakes. There are some telltale signs of a fake video that have not yet been solved. In the fake videos it is common to see pixelating or artifacting where the video has been manipulated. The people in the fake videos do not blink, because the software has not yet been told to make people blink. The biggest red flag is the audio does not match up or sound like the person. This software only deals with the imagery of the video, so in many of them it’s obvious that the audio is not right.

It is widely believed that these issues will be worked out, and criminals will be able to use this format convincingly in the near future. The fear is a convincing video of a politician or world leader could be created to say or do something that other world leaders would react to. The upcoming 2020 US election is also on the top of everyone’s mind as this technology advances quickly.

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Small Business, Virtualization

A Happy Ending, Hacker Ordered to Pay £922,978 in Damages

Very seldom do we get to hear some good news about a hacker.  Grant West has been caught, is in jail, and now is ordered to return the money he stole.

A hacker in the UK who carried out numerous phishing and ransomware attacks has been ordered to pay damages to the companies he attacked.

Grant West, a hacker currently jailed in England, targeted many well-known companies like Uber, T-Mobile, Argos, and Groupon from March 2015 until he was arrested in September 2017. He obtained financial data of tens of thousands of users over that period, and completed more than 47,000 sales from a fake online store. The hacker also sold cannabis on the dark web as well as guides for others to carry out cyber-attacks.

West carried out the attacks on a laptop that belonged to his girlfriend, and used the computer to store personal data of more than 100,000 people. Investigators also recovered an SD card that contained 78 million usernames and passwords, and 63,000 credit and debit card details.

A single phishing email sent in 2015 appeared to be a survey for a British online food ordering service netted West £180,000, which was quickly converted to Bitcoin. When West was arrested in September of 2017, his cryptocurrency accounts were seized by authorities. In May of 2018 he was found guilty and sentenced to 10 years and 4 months of jail time.

Friday, UK courts ordered the £922,978 in cryptocurrency seized would be sold and go back to the companies who were attacked. If West refused the confiscation order, he would serve another 4 years in jail.

Companies and, recently, city governments often have no choice but to pay criminals like West for access to their data that has been encrypted.  Quanexus can help you take steps to protect your business and customer data from attacks like these.

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts

22 Texas Cities Attacked by Ransomware Simultaneously

Hackers successfully installed ransomware on computers of 22 different, local government offices in Texas.  The state is not yet releasing the names of the cities or the data that was corrupted, but two of the municipalities announced online they had been affected.  Both cities say they cannot process utility payments at this time, and one of the cities’ birth and death certificate registry is offline.

The hacker targeted the managed service provider (MSPs) used by the local government offices.  An MSP is a third-party company who provides IT services to a business or division of government.  It is common for small local governments to outsource their IT services because they often don’t have the staff size to support an internal IT role.

The hackers are demanding $2.5 million in bitcoin to unlock the files.  Studies show that in many cases, these ransom demands are paid.  If a backup of the data is not maintained, or the hacker is able to corrupt the backup, many small local governments are faced with no other choice than to pay the ransom.

This attack is unique because of the coordination of taking down 22 cities at the same time.  Ransomware attacks on small governments are on the rise, but this is the first attack on multiple cities.

Lessons You and Your Business Can Learn from This Attack:

If you are outsourcing your IT services, make sure they are a trusted vendor who is up to date with current issues.  Quanexus maintains the CompTIA Security Trustmark+ which requires a third party to audit our policies and procedures.  Often these ransomware attacks come in the form of a phishing email.  Your employees are on the front line of defending against attacks like these.  Continued education on what employees should and should not click on while on company computers, is essential to keeping your data safe.

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business