Week in Review: New York Knicks Player, Google Docs & Sabre Corp

Media Division | May 19, 2017

Another week has gone by, and another series of major security breaches.  Some of them huge, some of them merely suspected.

Here is your cyber week in review.  So sit back, pour a cup of joe, and find out what’s hacking in the tiny world of a single basketball player and the giant world of some of the largest companies.  (You may even learn a few things to help you relax as you prevent similar security compromises within your own organization).

Nicking the Knicks

To nick can mean to “trick, cheat or defraud,” which may not be where the Knickerbockers got their name, but they may have been nicked all the same.

Either they were, or NY Knicks player Kristaps Porzingis was.  The Latvian star possibly tweeted, “LA Clippers” followed by three smiley faces.  Shortly thereafter, though, the message was deleted and Porzingis tweeted, “I was hacked last night and a post was made from my account.  I have alerted twitter and they are looking into the incident.”

Twitter may be “looking into the incident.” The only problem is, not all sports fans even believe that he was hacked, but rather claimed a hack to avoid the fallout from the incident.

Sounds like “I was hacked” could be the latest equivalent of “a wardrobe malfunction.”

The Biggest Scam of the Year

While it’s too soon to say for certain, the latest Google Doc scam may go down in history as the biggest cyber security attack of the year for 2017.

It’s certainly one of the most convincing phishing scams of all time.

You get an email from someone you know.  It simply invites you to view a Google Doc.  You use Google Docs all the time, so you click on the link. Unfortunately, just clicking the link may be enough to execute the malware on your computer, and hijack your address book to spread to all of your other contacts.

Here’s what to do:

  1. Don’t click on unexpected attachments or links. Reach out to the individual (even consider a phone call!) to find out if the document is legitimate.
  2. Enable 2-step login verification on your email accounts. That way even if your account is compromised, a hacker will not be able to log in.
  3. If you think you may have been affected, revoke permission for Google Docs from your account, and then newly establish it.
  4. Always be on the lookout for even the smallest fishy-looking possible phish. In the case of this malware, the email was likely also sent (according to user reports) to a suspicious looking email address: a bunch of h’s @com.  If your dear aunt Suzy wouldn’t normally share a Google Doc, and certainly not copy an email address like that on the same emailed document, chances are it is a scam.
  5. Delete, don’t click.

Even the Big Guys Get Scammed

Speaking of data breaches, Sabre Corp, one of the biggest operators of data, mobile, and distribution solutions, may have been compromised.  Krebs on Security reported on the breach.  When we recently covered the Holiday Inn security breach, it may have been one of the first surfacings of a large-scale breach, affecting payment and customer data of thousands of hotel establishments.

Fortunately, it appears that the threat has been identified and the unauthorized access to customer information has halted.  No word yet on exactly how many consumers may have been affected by the breach.

Curious about what threats may be lurking around the corner for your industry? Request a free threat assessment and discover potential threats and effective threat mitigation techniques specific to your business operations.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.