ransomware Tag

Tarte Cosmetics exposes data of 2 million customers

There’s yet another story in the endless cycle of companies who have exposed their customers to ID theft and today it’s popular makeup brand Tarte Cosmetics.

In September Tarte came under fire for exposing 1400 customers’ names, addresses, email addresses, shopping history, and partial credit card numbers in an email that linked its recipients to a visible part of the brand’s customer database.

Now the same database appears to have been facing the open internet all along. Data from about 2 million customers from 2008-2017 has been found to be visible on Tarte’s servers. Researchers from Kromtech Security Center confirmed that the customer information was exposed, but they weren’t the first to find the database. Members of the ransomware group “CRU3LTY” had left a warning file in the database, though they hadn’t deleted the information, which is standard for CRU3LTY.

It’s easy to make jokes about this breach in particular because it’s a bit silly. Tarte isn’t the sort of brand you picture when you think of security risks and the data lost isn’t especially serious. Though Tarte customers will want to replace their credit cards and be on the lookout for phishing scams in the next few years this kind of loss pales in comparison to the massive September Equifax breach. Which would be okay, if both breaches weren’t symptoms of the same problem: a lack of focus on security.

We’ve seen the targeting of large financial institutions, medical facilities, military organizations, but it’s important that all online consumers realize that they’re at risk for data breaches and thefts. It doesn’t matter if you’re just buying from a single brand or participating in the ACA healthcare exchange, your data is at risk and you need to hold companies accountable for it so that they get serious about protecting your information.

Where do we go from here?

If you own a business that stores customer data it’s time to get serious. Tarte didn’t take the risk seriously and their customers will suffer as a result. Tarte is a large company that didn’t believe it had to test its security because its customers were low-value targets. But in the current climate all targets are high value.

If your company keeps client records it’s time to take a good, long look at your practices. PMCS can help – give us a call for an assessment of your security protocols and data environment.

In the meantime practice good netiquette, make sure everyone in your office has macros disabled on their email programs, and make sure everyone has their antivirus up to date.

But more than that, take your customers’ privacy seriously. Never store your customers’ data in a way you wouldn’t want your own data stored.

Ransomware Shows the Importance of Updating Software

People are frequently frustrated by the need to update software. “I paid for Adobe already” or “I bought a Microsoft license years ago, why do I need to pay again for a new one” is a refrain we hear frequently. Ransomware is the perfect example of why using up-to-date software is vital. It perfectly illustrates the risks of relying exclusively on your antivirus for security.

Ransomware can take advantage of macros in outdated versions of programs to encrypt all the files on your computer. It can even encrypt your entire network if your computer is connected to a network. In particular Locky Ransomware is an example that attacks outdated copies of Microsoft Word. It appears as a Word Document in an email, posing as an invoice. Once the document is opened installs malware on your computer if macros are enabled. If macros aren’t enabled the ransomware asks you to enable macros. Here are the simple steps you can take to prevent yourself from being infected:

  • 1 – Don’t open email attachments from people you don’t know. Locky Ransomware poses as an invoice from a vendor. Make sure you are only opening files from companies you work with.
  • 2 – Don’t follow instructions from strangers. Locky Ransomware only works if macros are enabled. If macros aren’t enabled the ransomware asks you to change your settings. If an attachment from a stranger requires you to update or change your settings it is almost certainly going to be to your detriment.
  • 3 – Don’t use outdated software. You should never use software that is outside of the manufacturer support period (for example, Microsoft Office 1997 or Windows XP). Manufacturer support means there are patches and fixes still being written for the software while unsupported software is vulnerable to attack and will not be fixed or patched by the manufacturer.
  • 4 – Keep an up-to-date antivirus. Even though antivirus software won’t catch everything it’s much safer to have an antivirus than to have no protection at all.

If you aren’t sure if your Microsoft Office is up-to-date or if you need an antivirus license for your individual desktop or for an office-wide network please give us a call.

If you think you might have been infected with Ransomware or any other viruses or malicious software please also give us a call and we will do what we can to save your data and protect you in the future.

Reach out to us a (818)957-5647 or through our contact page.