A Contractor’s Worst Nightmare
- Home
- A Contractor’s Worst Nightmare
Cautionary Tale: A $200K Breach for a Contractor with 1 Computer and "Everything in the Cloud"
The nature of the cybersecurity incident in this contracting company highlights several crucial points. Firstly, the company maintained a relatively small amount of money in their bill pay bank account associated with QuickBooks Online (QBO) as a precaution against potential theft. However, this incident demonstrates that cybersecurity threats can extend beyond monetary theft and have far-reaching consequences.
The owner of the company fell victim to a Remote Access Trojan (RAT) attack, which allowed cybercriminals to gain unauthorized access to her laptop computer—the sole computer used by the company. The attackers installed a keylogger and were able to gather information related to multiple accounts, including the owner’s credentials for QBO. Although the owner had implemented multi-factor authentication (MFA) for her QBO account, the session tokens stolen by the hackers enabled them to bypass the login and MFA requirements.
Upon discovering the fraudulent payment and the breach, the owner took some immediate actions. She reset her laptop by reinstalling Windows, which unfortunately hindered any chance of a thorough forensic investigation to determine the full extent of the breach. She also reset all her passwords for various accounts. However, she did not execute a proper data breach response, such as notifying potential breach victims or seeking professional assistance, before wiping out the hard drives.
As time passed, the owner received threatening emails from the hacker, indicating that they had access to her breached data. Realizing the severity of the situation, she sought help from an incident response specialist. However, since there was no immediate technical response required, the specialist referred her to a data breach attorney, given the potential legal implications.
The estimated cost of the breach response and notification services through a provider like Experian was approximately $149,000, considering the number of records known to have been exposed in the QBO breach. Additionally, the minimum fee for breach counsel from the attorney was $55,000. These expenses provide a glimpse into the financial impact of the incident, excluding any penalties, fines, or potential criminal charges for attempting to cover up the data breach initially.
This incident serves as a reminder that cyber vulnerabilities go beyond the immediate financial risks associated with bank accounts and transfers. The protection of data, even when stored in the cloud, remains the responsibility of the company. Once unauthorized access to a system occurs, it must be assumed that sensitive information has been compromised, warranting appropriate measures such as data breach notifications, legal support, and potential ransom or extortion payments.
Overall, this incident highlights the importance of proactive cybersecurity measures, timely incident response, and proper data breach protocols to mitigate the impact and potential legal ramifications of a cyber attack.
By Derreck Ogden
Fill out the form below and one of our expert team members will contact to you to talk about your business’s bright future in these uncertain times!
Contact Us Today!
Your business is constantly exposed to cyber threats that could damage your reputation, compromise sensitive data, and even bring operations to a halt. Waiting to take action against these threats puts your business at a greater risk of attack. It’s time to take control of your technology infrastructure and protect your business. Don’t wait any longer to get started.
Connect with the WOM Technology Management Group today and take the necessary steps towards securing your business. Our team of experts will get back to you within one business day to begin your journey towards confidence in your technology infrastructure.
Our Confidence as a Service™ model offers a unique approach to technology optimization and cyber risk management. With our comprehensive suite of services, we can help you achieve your business goals and reduce the likelihood of cyber attacks. By working with us, you’ll have access to a team of professionals with years of experience in technology and cyber risk management.
We are excited to work with you and show you how Confidence as a Service™ can revolutionize your business technology infrastructure. Don’t hesitate any longer to make the change your business needs. Contact us now and let’s get started.