Month: December 2025 | Issue #12
Brought to you by Evanesco, Inc.
Your Monthly Dose of Cyber Awareness for a Safer Digital Future
From One Small Business Owner to Another
December is busy: year-end close, holiday rush, staff vacations… and unfortunately, peak season for cybercriminals. This month’s issue focuses on third-party risk and holiday scams that hit small businesses the hardest.
Largest Cyber Breach of the Month
700Credit: When Your Vendor’s Vendor Becomes Your Problem
A massive breach at 700Credit, a U.S. credit check and identity verification provider serving roughly 18–20K auto and specialty vehicle dealerships, exposed data on around 5.6–5.8 million people across the country.
What happened (in plain English):
– 700Credit relies on API connections to over 200 integration partners (software systems used by dealers).
– One of those partners was compromised and did not report it promptly.
– Attackers abused an exposed API from that partner to pull consumer data from 700Credit over roughly a two-week period.
– Stolen data includes names, addresses, dates of birth, and Social Security numbers.
700Credit says its core internal network wasn’t compromised, but the impact to consumers and dealerships is still severe and will play out over years.
Why this matters to small businesses:
– You probably depend on third parties for payments, marketing, CRM, background checks, payroll, etc.
– If their security fails, your customers may blame you, not the vendor.
– Regulators and attorneys increasingly argue that businesses must manage vendor risk, not just their own firewalls.
Key lessons:
- Inventory your critical vendors – Who touches customer PII, SSNs, payment info, or health/financial data?
2. Ask specifically about APIs & integrations – Are they locked down, logged, and rate-limited?
3. Require incident notification clauses in contracts – Vendors must tell you quickly when they’re breached.
4. Assume one vendor breach = multi-customer breach – Have a ready-to-go customer communication plan.
Cyber Criminal of the Month
Akira Ransomware Group: A Growing Threat to SMBs
This month’s “featured villain” is Akira, a fast-evolving ransomware operation so active that the U.S. government issued updated joint advisories in November 2025.
What Akira does:
– Steals your data and encrypts your systems (double extortion).
– Breaks in using stolen credentials, exposed VPN devices, and unpatched backup servers.
– Targets small and mid-sized businesses across manufacturing, education, healthcare, IT services, and financial services.
Why we should care:
– The FBI estimates Akira has extracted hundreds of millions of dollars in ransom payments since 2023.
– They increasingly leverage acquisitions and inherited tech debt—old VPN boxes and forgotten servers—especially at SMBs.
What this means for your business:
– If you’re buying another company or inheriting old IT: treat it as hostile until proven safe.
– If you run remote access (VPN / remote desktop): patch, restrict, and put MFA in front of it immediately.
Hot Tip of the Month
Year-End Vendor Security Checkup (You Can Do This in 1 Afternoon)
Before you close the books for 2025, block off a small window and run this 5-question vendor checkup for your top 5–10 critical providers (payments, CRM, HR, IT, credit checks, etc.):
- Do they support MFA and IP restrictions for admin access?
2. Can they describe how they log and detect suspicious access to your data?
3. Do they have a documented incident response plan—and will they notify you within 72 hours of a breach?
4. When was their last security assessment or penetration test?
5. Do they carry cyber liability insurance, and at what limit?
If a vendor gets defensive or can’t answer basic questions, that’s a red flag. You don’t need perfection—but you do need seriousness.
Holiday Spotlight
The December Scam Pack: How Criminals Target Small Businesses
Multiple threat reports point to December as one of the most dangerous months for cyberattacks, with spikes in holiday-themed phishing, fake invoices, gift card scams, and ransomware.
Watch for:
– Fake shipping & invoice emails – “Your package failed to deliver—click here to pay a small fee.”
– Gift card & bonus scams – Emails or texts impersonating the owner asking for gift card purchases.
– Last-minute “vendor change” fraud – Emails quietly swapping bank account details before year-end payments.
– After-hours ransomware – Attackers wait until weekends/holidays when nobody is watching.
Quick defenses:
– Have a one-sentence rule: “We never change bank details or pay invoices based on email alone—ever.”
– Require a call-back to a known phone number for any payment or bank change.
– Brief your staff with a 10-minute huddle about holiday scams before time-off begins.
Consider This: Cyber Liability Insurance
Even with good controls, no small business is bulletproof. A serious incident can mean:
– Forensics and recovery costs
– Legal counsel and regulatory notifications
– Customer communications and call center support
– Business interruption (lost revenue while systems are down)
That’s where Cyber Liability Insurance comes in. The right policy can help cover many of these costs and keep a bad day from becoming a business-ending event.
If you’re unsure whether your current policy really covers cyber risk, it’s time for a review.
Evanesco can connect you with insurance professionals who understand small-business cyber risk and can walk you through coverage options in plain language.
Call to Action
As a fellow small business owner, my year-end wish for you is simple: Start 2026 harder to hack than you were in 2025.
Here’s how you can move the needle this month:
1. Run the 5-question vendor security checkup on your top providers.
2. Review your holiday scam defenses with your team.
3. Schedule a Cyber Health Check with Evanesco to look at vendor and supply-chain risk, ransomware readiness, backup and recovery posture, and cyber insurance alignment.
Special Year-End Offer:
Clients signing up for new or additional services between now and December 31, 2025 receive a 10% discount on the service(s) ordered.
To get started, contact your Evanesco representative or use the contact form on the Evanesco website and mention “Cyber Safe Ledger – December 2025.”
Sources & Citations
- 700Credit Data Breach – SecurityWeek, “700Credit Data Breach Impacts 5.8 Million Individuals” (Dec. 2025); BleepingComputer, “700Credit data breach impacts 5.8 million vehicle dealership customers”; Tom’s Guide and TechRadar coverage; and 700Credit’s own breach notice page.
- Akira Ransomware – CISA #StopRansomware Advisory AA24-109A (updated Nov. 13, 2025); CISA/FBI and partner joint statements; and analysis from CyberScoop, AHA, and Picus Security on Akira’s tactics, SME targeting, and SonicWall VPN exploitation.
- Holiday & Year-End Scams – FTC Consumer Alerts on holiday delivery phishing; U.S. Postal Inspection Service guidance on smishing and package scams; and recent SMB-focused security blogs describing fake invoice, updated banking details, and shipping-notice scams.