Ravkoo Pwned In “Hilariously Easy” Hack

US online pharmacy Ravkoo has disclosed a data breach after the company’s AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health info being accessed. Ravkoo says it has found no evidence that customers’ SSNs were accessed, adding that it does not store SSN data on the affected prescription portal. What unique about this situation is that the alleged hacker is speaking out:

The data from the Cadence Health and Ravkoo sites was provided to The Intercept by an anonymous hacker who said the sites were “hilariously easy” to hack, despite promises of patient privacy. It was corroborated by comparing it to publicly available information. 

If anything is “hilariously easy” to hack, then clearly security wasn’t a top of mind concern.

I have commentary from two sources. The first is Aimei Wei, Founder and CTO of Stellar Cyber:

“Security considerations have become a mandatory part of application developments in today’s digital environment. Unfortunately, not every developer is a security expert. Using security scanning/ pen testing before the application is released is an absolute necessary for every application. However, having a continuous monitoring, threat detection and response system is your best line of defense.”

The second comment that I have is from Saryu Nayyar, CEO and Founder of Gurucul:

“Security solutions with cloud-native architectures that can monitor AWS or other cloud-hosted infrastructure for threat actor activity are critical for organizations to migrate to. In this particular case, an exposed admin interface was not exploited by malware or a sophisticated attack campaign, however user behavioral analytics and more importantly identity access monitoring would have quickly alerted Ravkoo’s security team to this cloud hack. In addition to cloud threat monitoring, organizations need a next generation SIEM that can also monitor for and identify anomalous behaviors based on the aforementioned software capabilities. “

The bottom line is this. You want to harden your environments to such a degree that nothing is “hilariously easy” to hack. Otherwise, you get this sort of bad press.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: