Ravkoo Pwned In “Hilariously Easy” Hack

US online pharmacy Ravkoo has disclosed a data breach after the company’s AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health info being accessed. Ravkoo says it has found no evidence that customers’ SSNs were accessed, adding that it does not store SSN data on the affected prescription portal. What unique about this situation is that the alleged hacker is speaking out:

The data from the Cadence Health and Ravkoo sites was provided to The Intercept by an anonymous hacker who said the sites were “hilariously easy” to hack, despite promises of patient privacy. It was corroborated by comparing it to publicly available information. 

If anything is “hilariously easy” to hack, then clearly security wasn’t a top of mind concern.

I have commentary from two sources. The first is Aimei Wei, Founder and CTO of Stellar Cyber:

“Security considerations have become a mandatory part of application developments in today’s digital environment. Unfortunately, not every developer is a security expert. Using security scanning/ pen testing before the application is released is an absolute necessary for every application. However, having a continuous monitoring, threat detection and response system is your best line of defense.”

The second comment that I have is from Saryu Nayyar, CEO and Founder of Gurucul:

“Security solutions with cloud-native architectures that can monitor AWS or other cloud-hosted infrastructure for threat actor activity are critical for organizations to migrate to. In this particular case, an exposed admin interface was not exploited by malware or a sophisticated attack campaign, however user behavioral analytics and more importantly identity access monitoring would have quickly alerted Ravkoo’s security team to this cloud hack. In addition to cloud threat monitoring, organizations need a next generation SIEM that can also monitor for and identify anomalous behaviors based on the aforementioned software capabilities. “

The bottom line is this. You want to harden your environments to such a degree that nothing is “hilariously easy” to hack. Otherwise, you get this sort of bad press.

Leave a Reply

%d bloggers like this: