Weekly Round-Up: How To Protect Your Business From Data Breaches

Weekly Round-Up: How To Protect Your Business From Data Breaches

This week, Framework Computer revealed a data breach that exposed the personal information of undisclosed customers. The breach transpired after Keating Consulting Group, their accounting service provider, fell victim to a phishing attack.


The California-based manufacturer revealed that an accountant at Keating Consulting Group was tricked by a threat actor impersonating Framework's CEO into sharing a spreadsheet containing customers' personally identifiable information (PII) associated with outstanding balances for Framework purchases.


The attack took place on January 11th, when the threat actor sent an email to the accountant impersonating Framework's CEO, requesting Accounts Receivable information. Subsequently, on the same day, the accountant responded to the attacker, providing a spreadsheet containing the following information: Full Name, Email Address, and Balance Owed. Notably, this list primarily comprised a subset of open pre-orders, but also included some completed past orders with pending accounting syncs.


Following an investigation, Framework identified all customers whose information was exposed and promptly notified them via email.

Securing Your Small Business In 3 Essential Steps


1. Employee Training - Conduct regular mandatory phishing and social engineering attack training for all employees with access to sensitive customer information. A well-informed team can serve as the first line of defense against such breaches.


2. Auditing Procedures - Implement strict reviews of standard operating procedures around information requests. Audit the trainings and standard operating procedures of all other accounting and finance consultants who have had or currently have access to customer information.


3. Customer Communication - Regularly communicate with customers about potential risks and educate them on identifying and reporting suspicious activities. Encourage customers to reach out directly to the support team regarding any unusual emails or requests for sensitive information.


To further support businesses, Triad Cyber Solutions offers a Free External Scan to help identify potential vulnerabilities.


For personalized assistance in reinforcing your business's security measures, you can book a Discovery Call with us.


    • Related Articles

    • Weekly Round-Up: Why Every Business Owner Needs to Ramp Up Cybersecurity Now

      In a recent cyber attack, the notorious Qilin ransomware group targeted Yanfeng Automotive Interiors, a major player in the automotive parts industry. Yanfeng, a Chinese company supplying interior components to automotive giants like General Motors, ...

    • Weekly Round-Up: HealthEC Breach And Best Practices For Businesses

      In a digital world where data breaches seem to be on the rise, the healthcare sector has witnessed a sizable cyberattack this week. HealthEC LLC, a significant player in health management solutions, has reported a severe data breach that has impacted ...

    • Weekly Round-Up: How Moneris Dodged a $6M Bullet

      This week, the cybersecurity landscape witnessed a significant event that serves as a reminder of the ever-present threat of data breaches. The attempted ransomware attack on Moneris, a leading Canadian banking technology giant, highlights the ...

    • Guarding Your Business Against Cyber Threats

      Protecting personal and business information has become more important than ever in today's data-driven world. Recent events have made it clear that cybersecurity is not something to be taken lightly. The Great Real Estate Data Breach of 2023 A ...

    • Hackers Strike Again: Could Your Business Be The Next Victim?

      This week, the German-speaking district of March in central Switzerland faced a significant cyber threat, as its district court became the latest target of a malicious attack. The court, serving a population of approximately 45,000, reported the ...