InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Meyer Manufacturing Co. Ltd.
https://www.securityweek.com/cookware-distribution-giant-meyer-discloses-data-breachExploit: Ransomware
Meyer Manufacturing Co. Ltd.: Cookware Manufacturing & Distribution
Risk to Business: 2.177= Severe
Meyer Manufacturing Co. Ltd recently filed a data breach notification disclosing a ransomware attack that impacted employees of its distribution arm. Bleeping Computer reports that this attack is the work of the Conti ransomware group. In its disclosure, Meyer said the initial incident occurred in October 2021 but was not discovered until December 2021. The attack affected Meyer and its subsidiaries, including Hestan Commercial Corp., Hestan Smart Cooking, Hestan Vineyards and Blue Mountain Enterprises LLC.
Risk to Business: 1.919= Severe
Employee personal information was snatched in this incident including their first and last name, address, date of birth, gender, race or ethnicity, Social Security number, health insurance information, medical information, driver’s license, passport or government-issued identification number, and Permanent Resident Card and information regarding immigration status.
How It Could Affect Your Business: Data that can be used to falsify identities is a valuable commodity on the dark web and cybercriminals never stop looking for soft targets that enable them to steal it.
The City of Baltimore
https://www.infosecurity-magazine.com/news/baltimore-conned-out-of-375k/Exploit: Business Email Compromise
The City of Baltimore: Municipality
Risk to Business: 1.251=Extreme
Buckle up because this is a saga. A report just released by the Office of the Inspector General (OIG) details a business email compromise disaster that ended up costing the city of Baltimore more than $375,000. In this incident, bad actors managed to change the bank details kept on file for a vendor who had an agreement with Baltimore’s Mayor’s Office of Children and Family Success (MOCFS). The cybercriminals contacted both MOCFS and Baltimore’s Bureau of Accounting and Payroll Services (BAPS) asking to have the vendor’s banking information updated to send payments to a different bank account at another financial institution. BAPS ultimately complied with the fraudster’s change request, then began sending electronic payments to the new address. You know how this one ends up. Ultimately, cybercriminals made off with $376,213.10. The vendor was not named, but the report noted that cybercriminals had gained access to the vendor’s email accounts through a phishing attack.
How It Could Affect Your Business: Business email compromise is the most dangerous cybercrime according to FBI IC3, 64x worse than ransomware. This is why.
The Internet Society (ISOC)
https://thecyberwire.com/newsletters/privacy-briefing/4/33Exploit: Misconfiguration
The Internet Society (ISOC): Non-Profit
Risk to Business: 2.776 = Moderate
Cybersecurity researchers recently announced the discovery of a trove of information belonging to ISOC in an unsecured Microsoft Azure blob. The blob was reported to contain contained millions of files with personal and login details belonging to ISOC members. ISOC has secured the blob but there’s no telling how long that data was exposed for or who may have seen it.
Risk to Business: 1.282= Moderate
The member data exposed includes members’ full names, preferred language, the account ID, donation history, login credentials, social media tokens, email and street addresses, genders and similar personal information.
How It Could Affect Your Business: Human error aka employee negligence is the biggest cause of a data breach because it’s what makes things like this happen.
Expeditors International
https://www.bleepingcomputer.com/news/security/expeditors-shuts-down-global-operations-after-likely-ransomware-attack/Exploit: Ransomware
Expeditors International: Logistics & Freight Forwarding
Risk to Business: 1.364 = Extreme
Expeditors International was hit by a ransomware attack over the President’s Day holiday weekend that has resulted in the company being forced to shut down most of its operations worldwide. First announced by the company on Sunday night, Expeditors International warned that services and systems may be offline until they can restore them from backups. The incident could snarl supply chains globally. Expeditors International handles warehousing and distribution, transportation, customs and compliance at 350 locations worldwide.
How it Could Affect Your Business: Supply chain disruption has been the name of the game for cybercriminals and freight forwarders on land and on the sea have been constantly targeted lately
OpenSea
https://www.cnbc.com/2022/02/20/nft-marketplace-opensea-is-investigating-a-phishing-hack.htmlExploit: Phishing
OpenSea: NFT Trading Marketplace
Risk to Business: 1.282=Extreme
Online NFT marketplace OpenSea has been embroiled in controversy after a cyberattack cost investors their NFT. There’s been a lot of back-and-forth on this one. A phishing attack perpetrated on the platform’s users is purportedly to blame for the incident that has so far left more than 30 of its users unable to access their NFTs, although some claims have been made on Twitter pointing to a flaw in the platform’s code. Reports say that the attacker has made somewhere between $1.7 – 2 million in Ethereum from selling some of the stolen NFTs. An estimated 254 tokens were stolen over three hours.
Customers Impacted: Unknown
How it Could Affect Your Business: Phishing is a danger to any business in any industry, and it can do massive damage as well as cost a fortune.
United Kingdom – National Health Service (NHS)
https://www.dailymail.co.uk/news/article-10531637/Tens-thousands-NHS-patients-private-medical-information-leaked-shocking-data-breach.htmlExploit: Third-Party Data Breach
National Health Service (NHS): National Healthcare Agency
Risk to Business: 2.919 = Moderate
A shocking report from the Daily Mail details the exposure of all sorts of sensitive data for thousands of patients served by the NHS. The information was exposed by an NHS service provider, PSL Print Management. Reports say that the exposed confidential files include hospital appointment letters for women’s health emergencies, test results of cervical screening and letters to parents of children needing urgent surgery. The information dates back as far as 2015, a huge no-no under data protection rules. The incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Third-party risk is a problem that will only continue growing worse for organizations as they increasingly farm out work to smaller specialty service providers.
Switzerland – The University of Neuchâtel
https://www.swissinfo.ch/eng/university-of-neuch%C3%A2tel-hit-by-cyberattack/47360432
Exploit: RansomwareThe University of Neuchâtel: Institution of Higher Learning
Risk to Business: 2.775 = Moderate
Swiss college The University of Neuchâtel is back online after a cyberattack that is likely ransomware knocked its systems out last week. The attack encrypted some systems making it impossible for students or employees to access materials and systems related to classwork. The university is unable to confirm if any data was stolen. Operations have since been restored.
How it Could Affect Your Business: Schools at every level have been battered by cybercrime since the start of the global pandemic.
Japan – Mizuno
https://www.bleepingcomputer.com/news/security/sports-brand-mizuno-hit-with-ransomware-attack-delaying-orders/Exploit: Ransomware
Mizuno: Sports Equipment and Sportswear Manufacturer
Risk to Business: 2.227 = Severe
Japanese brand Mizuno has experienced some business disruption after a ransomware attack on its US-based operations corporate network. The incident left the company facing phone outages and order delays as systems are restored. Customers have been left unable to place new orders or track orders in progress as well. No word on an expected timeline for restoration.
Customers Impacted: Unknown
How it Could Affect Your Business: Retailers have been experiencing a serious increase in ransomware attacks in the last 12 months.
6 Questions to Ask Before Implementing a Technology Change
It can be exciting to introduce new technology into your business. Finding a solution that will help your team members do their jobs more efficiently and effectively by filling a gap in your technology infrastructure is certainly an achievement. However, before you get carried away with quickly implementing your new solution to reap the benefits, there are a few things you should know.
When introducing new technology into your IT infrastructure, keep in mind that change can be difficult for individuals. It can be hard to predict whether end users will readily accept or resist the change. Before implementing new technology, you need a well-planned change management strategy to help you achieve success and get the most out of your investment.
Change management is an approach that deals with changes or transformations in organizational processes, objectives and technology. The goal of change management is to devise strategies to implement and govern transformation while helping people adjust to it.
There are a few factors to consider before beginning your change management journey.
Ask these questions before making a technology change:
What is being changed?
Assume you are starting a transition from backup solution “X” to backup solution “Y.” Before implementation, spend some time assessing what the backup solution “X” lacks, why it needs an update and how important it is.
What will this change mean for people, processes and technology?
Examine technology mapping and dependencies to ensure you understand the implications of pulling systems offline for updates. Also, determine the processes that need to be modified and the individuals who oversee them.
Who will manage the change?
When is the best time to implement this change?
If you're about to embark on a new transition, but your employees are still dealing with the effects of previous changes, it may be a good idea to postpone the planned transformation if possible. On the flip side, if your employees have adjusted well to a recent change, then introducing a new transition could work out just as well.
How long will the change take?
Who will reach out to support if something goes wrong?
Collaboration with a managed service provider (MSP) who can support you in emergency and non-emergency situations can be a good idea.
Find the right partner
Change is a challenging experience. You risk damaging key processes and losing valuable team members to burnout if you don't have a good change management strategy in place. An expert with years of experience and subject knowledge, like us, may be exactly what your company needs.
Feel free to contact us for a consultation on change management.
6 Questions to Ask Before Implementing a Technology Change
It can be exciting to introduce new technology into your business. Finding a solution that will help your team members do their jobs more efficiently and effectively by filling a gap in your technology infrastructure is certainly an achievement. However, before you get carried away with quickly implementing your new solution to reap the benefits, there are a few things you should know.
When introducing new technology into your IT infrastructure, keep in mind that change can be difficult for individuals. It can be hard to predict whether end users will readily accept or resist the change. Before implementing new technology, you need a well-planned change management strategy to help you achieve success and get the most out of your investment.
Change management is an approach that deals with changes or transformations in organizational processes, objectives and technology. The goal of change management is to devise strategies to implement and govern transformation while helping people adjust to it.
There are a few factors to consider before beginning your change management journey.
Ask these questions before making a technology change:
What is being changed?
Assume you are starting a transition from backup solution “X” to backup solution “Y.” Before implementation, spend some time assessing what the backup solution “X” lacks, why it needs an update and how important it is.
What will this change mean for people, processes and technology?
Examine technology mapping and dependencies to ensure you understand the implications of pulling systems offline for updates. Also, determine the processes that need to be modified and the individuals who oversee them.
Who will manage the change?
When is the best time to implement this change?
If you're about to embark on a new transition, but your employees are still dealing with the effects of previous changes, it may be a good idea to postpone the planned transformation if possible. On the flip side, if your employees have adjusted well to a recent change, then introducing a new transition could work out just as well.
How long will the change take?
Who will reach out to support if something goes wrong?
Collaboration with a managed service provider (MSP) who can support you in emergency and non-emergency situations can be a good idea.
Find the right partner
Change is a challenging experience. You risk damaging key processes and losing valuable team members to burnout if you don't have a good change management strategy in place. An expert with years of experience and subject knowledge, like us, may be exactly what your company needs.
Feel free to contact us for a consultation on change management.
San Francisco 49ers
https://abcnews.go.com/Sports/wireStory/ransomware-gang-hacked-49ers-football-team-82865844Exploit: Ransomware
San Francisco 49ers: National Football League (NFL) Team
Risk to Business: 1.727= Severe
While everyone was focused on the big game last week, cybercriminals were focused on the San Francisco 49ers. The team was hit by a ransomware attack, purportedly by BlackByte. The cybercriminals claim they stole some of the football team’s financial data, invoices and other internal documents. The team stressed the fact that this event appeared to be limited to their corporate network and did not endanger any fan or stadium databases.
Customers Impacted: Unknown
How It Could Affect Your Business: Organizations in industries that have had historically poor security are attractive low-hanging fruit for cybercriminals.
EasyVote Solutions
https://www.govtech.com/security/georgia-voter-info-posted-online-after-software-company-breachExploit: Misconfiguration
EasyVote Solutions: Voting Software Company
Risk to Business: 1.561 =Severe
EasyVote Solutions has exposed some voter and poll worker data. The data was left unguarded and easily accessible on the internet. The software company says that exposed information does not include full voting records or registrations. The breach was discovered by South Carolina Law Enforcement Division (SLED) internet researchers. SLED and the FBI are investigating.
Individual Risk: 1.772 =Severe
Exposed data for voters can include names, addresses, races and dates of birth. Exposed data for poll workers may include those details plus identity documents, Social Security numbers and financial data.
How It Could Affect Your Business: Misconfiguration and sloppy security aren’t uncommon mistakes, but they’re always a problem and could be an expensive regulatory disaster in some industries.
Meter
https://www.zdnet.com/article/4-4-million-stolen-in-attack-on-blockchain-infrastructure-meter/Exploit: Hacking
Meter: De Fi Platform
Risk to Business: 1.279= Extreme
Another day, another DeFi hack. This time the victim was blockchain infrastructure company Meter. $4.4 million was stolen during a cyberattack on the Meter Passport platform in the form of 1391 ETH and 2.74 BTC. The incident also impacted Meter’s Moonriver Network. The company acknowledged the hack on Saturday, urging users not to trade unbacked meterBNB circulating on Moonriver. The company says that it plans to repay some investors and the incident is under investigation.
Customers Impacted: Unknown
How It Could Affect Your Business: De Fi continues to be a hotbed of hacking activity as cybercriminals seek quick scores of cryptocurrency, and there’s still no end to the danger in sight.
Memorial Hermann Health System
https://www.khou.com/article/news/local/memorial-hermann-cyberattack-security-breach/285-1cc8295d-48a4-452e-a6f2-1b4fd059f201Exploit: Third-Party Breach
Memorial Hermann Health System: Healthcare Provider
Risk to Business: 1.861 = Severe
Memorial Hermann Health System is notifying patients that their data has been exposed after a data security incident at one of their service providers, Advent Health Partners. That company has been investigating unauthorized activity on company email accounts related to Memorial Hermann data. The incident was first spotted in September 2021.
Individual Risk: 1.712 = Severe
An unauthorized third party accessed multiple files containing Memorial Hermann patients’ protected health information (PHI) that may include first names, last names, dates of birth, social security numbers, driver’s license numbers, financial information, health insurance information and treatment information.
How it Could Affect Your Business: Cybercriminals are poised to attack any company that handles or stores large amounts of valuable personal or health-related data.
Switzerland – Swissport International
https://securityaffairs.co/wordpress/127655/cyber-crime/swissport-international-ransomware-attack.htmlExploit: Ransomware
Swissport International: Aviation Services
Risk to Business: 2.171= Severe
Aviation services company Swissport International was struck with a ransomware attack that had a major impact on its operations, leading to flight delays for 22 flights out of Zurich Airport. The aviation company provides cargo handling, security, maintenance, cleaning and lounge hospitality at airports in 50 countries. The company’s website was back up and running quickly, and the incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against transportation and transportation infrastructure targets have been increasing as cybercriminals look for quick paydays.
Portugal – Vodafone
https://therecord.media/cyberattack-brings-down-vodafone-portugal-mobile-voice-and-tv-services/Exploit: Hacking
Vodafone: Communications Carrier
Risk to Business: 2.919 = Moderate
Wireless carrier Vodafone Portugal said that a substantial amount of its customer data services went offline for one overnight period following a cyberattack. The company’s 4G and 5G mobile networks, along with fixed voice, television, SMS and voice/digital answering services went down. The company says that customer data doesn’t appear to have been accessed or compromised. Some services still remain offline a week after the attack.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks against communications companies have been a major component of the recent wave of infrastructure and related hacking.
Croatia – A1 Hrvatska
Exploit: Unauthorized AccessA1 Hrvatska: Communications Carrier
Risk to Business: 1.904 = Severe
Croatian telecom A1 Hrvatska has disclosed a data security incident that led to the exposure of personal data for an estimated 200,000 customers. The company says that the exposure was due to unauthorized access to one of their user databases that contained sensitive personal information. The company was quick to specify that no consumer financial data was exposed. The incident has not affected A1 Hrvatska’s services or operations.
Individual Risk: 2.711 = Moderate
The customer information exposed includes users’ full names, personal identification numbers, physical addresses and telephone numbers.
How it Could Affect Your Business: Utilities/Infrastructure are at the top of the cybercriminal hit list these days, and companies in those sectors should take note.
Slovenia – Pop TV
https://therecord.media/cyber-attack-disrupts-slovenias-top-tv-station/Exploit: Ransomware
Pop TV: Television Network
Risk to Business: 1.2011 = Severe
Ransomware practitioners stole the show at Pop TV, Slovenia’s most popular TV channel. As a result news programs including the station’s news broadcast 24UR were unable to show any computer graphics. Particularly irksome for customers was the fact that the attack prevented new content from being added to the platform, impacting streaming any of its channels and live sporting events, such as the Winter Olympics. Slovenia’s Computer Emergency Response Team, SI-CERT is investigating.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals looking for fast money are likely to target businesses that are in time-sensitive industries.
New South Wales Department of Customer Service
https://www.smh.com.au/politics/federal/sensitive-business-addresses-among-500-000-published-in-covid-data-breach-20220214-p59wal.htmlExploit: Misconfiguration
New South Wales Department of Customer Service: Regional Government Agency
Risk to Business: 1.211 = Extreme
A real data exposure mess has brewed in New South Wales, Australia thanks to a government-run QR code-based COVID-19 check-in program. The COVID Safe Businesses and Organizations dataset was discovered loose on the internet and it included data for sensitive sites and organizations alongside data about run-of-the-mill companies. Some of the sensitive data posted gave details about the physical facilities and locations of prisons, critical infrastructure networks including power stations and tunnel entry sites as well as dozens of shelters and crisis accommodation centers. Even national security-related locations were exposed. In this program, businesses and organizations registered as COVID-safe to access a QR code for staff and customers to check-in at their physical locations. The program has been discontinued.
Customers Impacted: Unknown
How it Could Affect Your Business: Information is gold on the dark web. The locations of sensitive infrastructure targets will be circulating quickly and could easily fall into the wrong hands.
San Francisco 49ers
https://abcnews.go.com/Sports/wireStory/ransomware-gang-hacked-49ers-football-team-82865844Exploit: Ransomware
San Francisco 49ers: National Football League (NFL) Team
Risk to Business: 1.727= Severe
While everyone was focused on the big game last week, cybercriminals were focused on the San Francisco 49ers. The team was hit by a ransomware attack, purportedly by BlackByte. The cybercriminals claim they stole some of the football team’s financial data, invoices and other internal documents. The team stressed the fact that this event appeared to be limited to their corporate network and did not endanger any fan or stadium databases.
Customers Impacted: Unknown
How It Could Affect Your Business: Organizations in industries that have had historically poor security are attractive low-hanging fruit for cybercriminals.
EasyVote Solutions
https://www.govtech.com/security/georgia-voter-info-posted-online-after-software-company-breachExploit: Misconfiguration
EasyVote Solutions: Voting Software Company
Risk to Business: 1.561 =Severe
EasyVote Solutions has exposed some voter and poll worker data. The data was left unguarded and easily accessible on the internet. The software company says that exposed information does not include full voting records or registrations. The breach was discovered by South Carolina Law Enforcement Division (SLED) internet researchers. SLED and the FBI are investigating.
Individual Risk: 1.772 =Severe
Exposed data for voters can include names, addresses, races and dates of birth. Exposed data for poll workers may include those details plus identity documents, Social Security numbers and financial data.
How It Could Affect Your Business: Misconfiguration and sloppy security aren’t uncommon mistakes, but they’re always a problem and could be an expensive regulatory disaster in some industries.
Meter
https://www.zdnet.com/article/4-4-million-stolen-in-attack-on-blockchain-infrastructure-meter/Exploit: Hacking
Meter: De Fi Platform
Risk to Business: 1.279= Extreme
Another day, another DeFi hack. This time the victim was blockchain infrastructure company Meter. $4.4 million was stolen during a cyberattack on the Meter Passport platform in the form of 1391 ETH and 2.74 BTC. The incident also impacted Meter’s Moonriver Network. The company acknowledged the hack on Saturday, urging users not to trade unbacked meterBNB circulating on Moonriver. The company says that it plans to repay some investors and the incident is under investigation.
Customers Impacted: Unknown
How It Could Affect Your Business: De Fi continues to be a hotbed of hacking activity as cybercriminals seek quick scores of cryptocurrency, and there’s still no end to the danger in sight.
Memorial Hermann Health System
https://www.khou.com/article/news/local/memorial-hermann-cyberattack-security-breach/285-1cc8295d-48a4-452e-a6f2-1b4fd059f201Exploit: Third-Party Breach
Memorial Hermann Health System: Healthcare Provider
Risk to Business: 1.861 = Severe
Memorial Hermann Health System is notifying patients that their data has been exposed after a data security incident at one of their service providers, Advent Health Partners. That company has been investigating unauthorized activity on company email accounts related to Memorial Hermann data. The incident was first spotted in September 2021.
Individual Risk: 1.712 = Severe
An unauthorized third party accessed multiple files containing Memorial Hermann patients’ protected health information (PHI) that may include first names, last names, dates of birth, social security numbers, driver’s license numbers, financial information, health insurance information and treatment information.
How it Could Affect Your Business: Cybercriminals are poised to attack any company that handles or stores large amounts of valuable personal or health-related data.
Switzerland – Swissport International
https://securityaffairs.co/wordpress/127655/cyber-crime/swissport-international-ransomware-attack.htmlExploit: Ransomware
Swissport International: Aviation Services
Risk to Business: 2.171= Severe
Aviation services company Swissport International was struck with a ransomware attack that had a major impact on its operations, leading to flight delays for 22 flights out of Zurich Airport. The aviation company provides cargo handling, security, maintenance, cleaning and lounge hospitality at airports in 50 countries. The company’s website was back up and running quickly, and the incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against transportation and transportation infrastructure targets have been increasing as cybercriminals look for quick paydays.
Portugal – Vodafone
https://therecord.media/cyberattack-brings-down-vodafone-portugal-mobile-voice-and-tv-services/Exploit: Hacking
Vodafone: Communications Carrier
Risk to Business: 2.919 = Moderate
Wireless carrier Vodafone Portugal said that a substantial amount of its customer data services went offline for one overnight period following a cyberattack. The company’s 4G and 5G mobile networks, along with fixed voice, television, SMS and voice/digital answering services went down. The company says that customer data doesn’t appear to have been accessed or compromised. Some services still remain offline a week after the attack.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks against communications companies have been a major component of the recent wave of infrastructure and related hacking.
Croatia – A1 Hrvatska
Exploit: Unauthorized AccessA1 Hrvatska: Communications Carrier
Risk to Business: 1.904 = Severe
Croatian telecom A1 Hrvatska has disclosed a data security incident that led to the exposure of personal data for an estimated 200,000 customers. The company says that the exposure was due to unauthorized access to one of their user databases that contained sensitive personal information. The company was quick to specify that no consumer financial data was exposed. The incident has not affected A1 Hrvatska’s services or operations.
Individual Risk: 2.711 = Moderate
The customer information exposed includes users’ full names, personal identification numbers, physical addresses and telephone numbers.
How it Could Affect Your Business: Utilities/Infrastructure are at the top of the cybercriminal hit list these days, and companies in those sectors should take note.
Slovenia – Pop TV
https://therecord.media/cyber-attack-disrupts-slovenias-top-tv-station/Exploit: Ransomware
Pop TV: Television Network
Risk to Business: 1.2011 = Severe
Ransomware practitioners stole the show at Pop TV, Slovenia’s most popular TV channel. As a result news programs including the station’s news broadcast 24UR were unable to show any computer graphics. Particularly irksome for customers was the fact that the attack prevented new content from being added to the platform, impacting streaming any of its channels and live sporting events, such as the Winter Olympics. Slovenia’s Computer Emergency Response Team, SI-CERT is investigating.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals looking for fast money are likely to target businesses that are in time-sensitive industries.
New South Wales Department of Customer Service
https://www.smh.com.au/politics/federal/sensitive-business-addresses-among-500-000-published-in-covid-data-breach-20220214-p59wal.htmlExploit: Misconfiguration
New South Wales Department of Customer Service: Regional Government Agency
Risk to Business: 1.211 = Extreme
A real data exposure mess has brewed in New South Wales, Australia thanks to a government-run QR code-based COVID-19 check-in program. The COVID Safe Businesses and Organizations dataset was discovered loose on the internet and it included data for sensitive sites and organizations alongside data about run-of-the-mill companies. Some of the sensitive data posted gave details about the physical facilities and locations of prisons, critical infrastructure networks including power stations and tunnel entry sites as well as dozens of shelters and crisis accommodation centers. Even national security-related locations were exposed. In this program, businesses and organizations registered as COVID-safe to access a QR code for staff and customers to check-in at their physical locations. The program has been discontinued.
Customers Impacted: Unknown
How it Could Affect Your Business: Information is gold on the dark web. The locations of sensitive infrastructure targets will be circulating quickly and could easily fall into the wrong hands.
4 Common Setbacks With Ineffective Technology Change Management
Technology is advancing at an unprecedented pace, empowering businesses to accomplish more in less time. The transformations that technology has brought about in the business world are mind-boggling and with transformative change comes stress.
Without a defined change management strategy in place, avoidable inconsistencies are more likely to occur and you risk disrupting essential operations and losing valuable team members due to burnout. Keeping that in mind, before you begin implementing new technology in your infrastructure, you must understand the significance of effective change management.
Change management is an approach that deals with changes or transformations in organizational processes, objectives and technologies. The goal of change management is devising strategies to implement and govern transformation while helping your team adjust to it.
Making the case for change management:
Change management is crucial because:
It addresses the effects of change on individuals, processes and more
It enables organizations to prosper in an ever-changing business environment
It empowers people
It increases the success rate of a transformation
What could go wrong with ineffective change management?
Gaps in Communication
Communication breakdowns or gaps cause demotivation, employee frustration, a lack of collaboration, attrition and ultimately, business failure.
Employee resistance and frustration
Plus, if an employee is frustrated for an extended period, it may create a dull workplace atmosphere that will eventually affect other employees.
Workflow glitches and stoppages
It's worth noting that in today's complex business environments, unexpected workflow glitches and stoppages will almost certainly have a cascading effect and destabilize other related/dependent business components.
Lost productivity
An effective change management strategy is critical for businesses to tackle all the problems listed above. Are you fully equipped with the experience and expertise to handle it on your own? If you feel your company lacks certain resources, it’s best to work with an MSP capable of easing your transition to a higher-performing technology ecosystem.
With our wealth of experience and knowledge surrounding successful technology change management, we may be the ideal partner for your company. Feel free to contact us to set up a consultation.
4 Common Setbacks With Ineffective Technology Change Management
Technology is advancing at an unprecedented pace, empowering businesses to accomplish more in less time. The transformations that technology has brought about in the business world are mind-boggling and with transformative change comes stress.
Without a defined change management strategy in place, avoidable inconsistencies are more likely to occur and you risk disrupting essential operations and losing valuable team members due to burnout. Keeping that in mind, before you begin implementing new technology in your infrastructure, you must understand the significance of effective change management.
Change management is an approach that deals with changes or transformations in organizational processes, objectives and technologies. The goal of change management is devising strategies to implement and govern transformation while helping your team adjust to it.
Making the case for change management:
Change management is crucial because:
It addresses the effects of change on individuals, processes and more
It enables organizations to prosper in an ever-changing business environment
It empowers people
It increases the success rate of a transformation
What could go wrong with ineffective change management?
Gaps in Communication
Communication breakdowns or gaps cause demotivation, employee frustration, a lack of collaboration, attrition and ultimately, business failure.
Employee resistance and frustration
Plus, if an employee is frustrated for an extended period, it may create a dull workplace atmosphere that will eventually affect other employees.
Workflow glitches and stoppages
It's worth noting that in today's complex business environments, unexpected workflow glitches and stoppages will almost certainly have a cascading effect and destabilize other related/dependent business components.
Lost productivity
An effective change management strategy is critical for businesses to tackle all the problems listed above. Are you fully equipped with the experience and expertise to handle it on your own? If you feel your company lacks certain resources, it’s best to work with an MSP capable of easing your transition to a higher-performing technology ecosystem.
With our wealth of experience and knowledge surrounding successful technology change management, we may be the ideal partner for your company. Feel free to contact us to set up a consultation.
Morley Companies Inc.
https://www.safetydetectives.com/news/business-services-provider-morley-discloses-ransomware-attack/Exploit: Ransomware
Morley Companies Inc.: Business Services
Risk to Business: 1.507= Severe
Morley Companies, a business service provider to several Fortune 500 companies, announced that it had been hit with a ransomware attack that may have exposed sensitive information for more than 500,000 people. In a statement, the company said that “a ransomware-type malware had prevented access to some data files on our system beginning August 1, 2021, and there was an unauthorized access to some files that contained personal information.”, chalking up the delay in notifying possible victims of this exposure to the complexities of the incident investigation.
Individual Risk: 1.663= Severe
Morley Companies said the attack affected the information of “current employees, former employees and various clients.” The potentially compromised information leaked includes names, addresses, Social Security numbers, dates of birth, client identification numbers, medical diagnostic and treatment information and health insurance information. The company is offering credit monitoring and identity theft protection for victims.
How It Could Affect Your Business: Companies that store large quantities of personal or medical information are prime targets for the bad guys.
Civicom, Inc.
https://abcnews.go.com/International/wireStory/official-puerto-ricos-senate-targeted-cyberattack-82495236Exploit: Misconfiguration
Civicom Inc.: Business Services
Risk to Business: 2.017 =Severe
Civicom is in hot water after leaving 8 TB of data exposed in an unsecured AWS S3 bucket. The New York-based company specializes in virtual conferencing facilitation, transcription and research services. With offices in the United States, the Philippines and the United Kingdom. Ultimately, Civicom exposed records containing more than 100,000 files including thousands of hours of audio and video recordings containing private conversations as well as written transcripts of meetings and calls by the company’s clients.
Customers Impacted: Unknown
How It Could Affect Your Business: This is not an uncommon mistake, but it’s always a problem and could be an expensive regulatory disaster in some industries
Wormhole
https://indianexpress.com/article/technology/crypto/hackers-steal-nearly-320-million-worth-of-crypto-assets-from-wormhole-7758034/Exploit: Hacking
Wormhole: De Fi Platform
Risk to Business: 1.227= Extreme
Hackers swooped in and snatched up more than $320 million from De Fi platform wormhole this week. The DeFi platform, a bridge between cryptocurrency Solana (SOL) and other blockchains, was exploited for approximately 120,000 wrapped Ethereum in what is thought to be the second-largest cryptocurrency hack to date. Wormhole’s parent company Jump Crypto pledged to replace the 120,000 ether Wormhole lost. The company was quick to note that the crypto was stolen through exploiting a vulnerability in the platform, not taken from an Ethereum address and it was taken in 3 separate transactions.
Customers Impacted: Unknown
How It Could Affect Your Business: De Fi has been a hotbed of having activity as cybercriminals seek quick scores of cryptocurrency, and there’s no end to the danger in sight.
News Corp.
https://www.reuters.com/business/media-telecom/news-corp-says-one-its-network-systems-targeted-by-cyberattack-2022-02-04/Exploit: Nation-State Cybercrime
News Corp.: Media & Publishing Company
Risk to Business: 2.071 = Severe
Major media company News Corp. has disclosed that it was the target of a cyberattack by suspected Chinese nation-state hackers. The attack came to light in late January and affected News Corp. business units, including The Wall Street Journal and its parent company Dow Jones, the New York Post, News U.K. and News Corp. Headquarters. The hack affected emails and documents of what it described as a limited number of employees, including journalists. The incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Organizations should keep in mind the fact that the preferred weapon of nation-state cybercriminals is ransomware.
United Kingdom – KP Snacks
https://www.reuters.com/technology/hackers-hold-hula-hoops-hostage-cyber-raid-britains-kp-snacks-2022-02-03/Exploit: Ransomware
KP Snacks: Food Manufacturer
Risk to Business: 1.321= Extreme
Food company KP snacks, manufacturer of beloved British snacks like Hula Hoops, KP Nuts, Butterkist popcorn and Nik Naks, was hit with a ransomware attack in late January that may impact its production. Conti ransomware operators have claimed responsibility. The company informed retailers in early February that the attack had impacted its manufacturing and distribution, and that product shortages may continue into March.
Individual Risk: 1.304= Extreme
Researchers discovered samples of some of the data it had infiltrated on its dark web leak page, including confidential employee data such as home addresses and phone numbers, employment contracts, credit card statements and even birth certificates.
How it Could Affect Your Business: Ransomware attacks against manufacturing targets have become increasingly prominent as cybercriminals look for a quick payday from businesses that they shut down.
United Kingdom – British Council
https://portswigger.net/daily-swig/british-council-data-breach-leaks-10-000-student-recordsExploit: Misconfiguration
British Council: Cultural Promotion & Language Testing
Risk to Business: 2.919 = Moderate
British Council, the global organization for promoting British culture and administrators of the International English Language Testing System (IELTS) exam, leaked over 144,000 files containing student records due to an unsecured Microsoft Azure blob. Researchers determined that the blob contained the personal information of hundreds of thousands of British Council English course learners and students from around the world. The group points to a contractor as the culprit for the leak.
Risk to Business: 2.906 = Moderate
Exposed data includes a student’s full name, email address, student ID, student status, enrollment dates, duration of study and other information.
How it Could Affect Your Business: Cybercriminals have been having a field day going after education-related targets, a problem that is only growing worse.
Germany – Oiltanking
Exploit: RansomwareOiltanking: Fuel Storage
Risk to Business: 1.313 = Extreme
A ransomware attack has impacted German fuel tanking company Oiltanking. The company was ensnared in a massive ransomware attack that has disrupted operations at 17 European oil terminals including the busy Amsterdam-Rotterdam-Antwerp refining hub starting on January 29th. Other European companies are also involved including German oil trade company Mabanaft, SEA-Invest in Belgium and Evos in the Netherlands. The attack appears to have had the most impact on the processing, loading and unloading of cargoes. BlackCat ransomware is thought to be behind the incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Infrastructure and utility attacks have become much more common – Utilities/Infrastructure was one of the top 3 industries for ransomware attacks in 2021.
Sweden – Securitas
https://www.zdnet.com/article/unsecured-aws-server-exposed-airport-employee-records-3tb-in-data/Exploit: Misconfiguration
Securitas: Security Company
Risk to Business: 1.2011 = Severe
Researchers have discovered an unsecured AW S3 bucket belonging to security company Securitas that left data exposed for airport employees in Colombia and Peru at four airports: El Dorado International Airport (COL), Alfonso Bonilla Aragón International Airport (COL), José María Córdova International Airport (COL), and Aeropuerto Internacional Jorge Chávez (PE). In addition to the exposed employee data, researchers also uncovered photographs of airline employees, planes, fuel lines, and luggage handling were in the bucket.
Individual Risk: 1.992 = Severe
The exposed records include ID card photos, names, photos, occupations, and national ID numbers for Securitas and airport employees.
How it Could Affect Your Business: Information is a currency on the dark web and cybercriminals are always hungry for more, especially personal and financial data.
Morley Companies Inc.
https://www.safetydetectives.com/news/business-services-provider-morley-discloses-ransomware-attack/Exploit: Ransomware
Morley Companies Inc.: Business Services
Risk to Business: 1.507= Severe
Morley Companies, a business service provider to several Fortune 500 companies, announced that it had been hit with a ransomware attack that may have exposed sensitive information for more than 500,000 people. In a statement, the company said that “a ransomware-type malware had prevented access to some data files on our system beginning August 1, 2021, and there was an unauthorized access to some files that contained personal information.”, chalking up the delay in notifying possible victims of this exposure to the complexities of the incident investigation.
Individual Risk: 1.663= Severe
Morley Companies said the attack affected the information of “current employees, former employees and various clients.” The potentially compromised information leaked includes names, addresses, Social Security numbers, dates of birth, client identification numbers, medical diagnostic and treatment information and health insurance information. The company is offering credit monitoring and identity theft protection for victims.
How It Could Affect Your Business: Companies that store large quantities of personal or medical information are prime targets for the bad guys.
Civicom, Inc.
https://abcnews.go.com/International/wireStory/official-puerto-ricos-senate-targeted-cyberattack-82495236Exploit: Misconfiguration
Civicom Inc.: Business Services
Risk to Business: 2.017 =Severe
Civicom is in hot water after leaving 8 TB of data exposed in an unsecured AWS S3 bucket. The New York-based company specializes in virtual conferencing facilitation, transcription and research services. With offices in the United States, the Philippines and the United Kingdom. Ultimately, Civicom exposed records containing more than 100,000 files including thousands of hours of audio and video recordings containing private conversations as well as written transcripts of meetings and calls by the company’s clients.
Customers Impacted: Unknown
How It Could Affect Your Business: This is not an uncommon mistake, but it’s always a problem and could be an expensive regulatory disaster in some industries
Wormhole
https://indianexpress.com/article/technology/crypto/hackers-steal-nearly-320-million-worth-of-crypto-assets-from-wormhole-7758034/Exploit: Hacking
Wormhole: De Fi Platform
Risk to Business: 1.227= Extreme
Hackers swooped in and snatched up more than $320 million from De Fi platform wormhole this week. The DeFi platform, a bridge between cryptocurrency Solana (SOL) and other blockchains, was exploited for approximately 120,000 wrapped Ethereum in what is thought to be the second-largest cryptocurrency hack to date. Wormhole’s parent company Jump Crypto pledged to replace the 120,000 ether Wormhole lost. The company was quick to note that the crypto was stolen through exploiting a vulnerability in the platform, not taken from an Ethereum address and it was taken in 3 separate transactions.
Customers Impacted: Unknown
How It Could Affect Your Business: De Fi has been a hotbed of having activity as cybercriminals seek quick scores of cryptocurrency, and there’s no end to the danger in sight.
News Corp.
https://www.reuters.com/business/media-telecom/news-corp-says-one-its-network-systems-targeted-by-cyberattack-2022-02-04/Exploit: Nation-State Cybercrime
News Corp.: Media & Publishing Company
Risk to Business: 2.071 = Severe
Major media company News Corp. has disclosed that it was the target of a cyberattack by suspected Chinese nation-state hackers. The attack came to light in late January and affected News Corp. business units, including The Wall Street Journal and its parent company Dow Jones, the New York Post, News U.K. and News Corp. Headquarters. The hack affected emails and documents of what it described as a limited number of employees, including journalists. The incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Organizations should keep in mind the fact that the preferred weapon of nation-state cybercriminals is ransomware.
United Kingdom – KP Snacks
https://www.reuters.com/technology/hackers-hold-hula-hoops-hostage-cyber-raid-britains-kp-snacks-2022-02-03/Exploit: Ransomware
KP Snacks: Food Manufacturer
Risk to Business: 1.321= Extreme
Food company KP snacks, manufacturer of beloved British snacks like Hula Hoops, KP Nuts, Butterkist popcorn and Nik Naks, was hit with a ransomware attack in late January that may impact its production. Conti ransomware operators have claimed responsibility. The company informed retailers in early February that the attack had impacted its manufacturing and distribution, and that product shortages may continue into March.
Individual Risk: 1.304= Extreme
Researchers discovered samples of some of the data it had infiltrated on its dark web leak page, including confidential employee data such as home addresses and phone numbers, employment contracts, credit card statements and even birth certificates.
How it Could Affect Your Business: Ransomware attacks against manufacturing targets have become increasingly prominent as cybercriminals look for a quick payday from businesses that they shut down.
United Kingdom – British Council
https://portswigger.net/daily-swig/british-council-data-breach-leaks-10-000-student-recordsExploit: Misconfiguration
British Council: Cultural Promotion & Language Testing
Risk to Business: 2.919 = Moderate
British Council, the global organization for promoting British culture and administrators of the International English Language Testing System (IELTS) exam, leaked over 144,000 files containing student records due to an unsecured Microsoft Azure blob. Researchers determined that the blob contained the personal information of hundreds of thousands of British Council English course learners and students from around the world. The group points to a contractor as the culprit for the leak.
Risk to Business: 2.906 = Moderate
Exposed data includes a student’s full name, email address, student ID, student status, enrollment dates, duration of study and other information.
How it Could Affect Your Business: Cybercriminals have been having a field day going after education-related targets, a problem that is only growing worse.
Germany – Oiltanking
Exploit: RansomwareOiltanking: Fuel Storage
Risk to Business: 1.313 = Extreme
A ransomware attack has impacted German fuel tanking company Oiltanking. The company was ensnared in a massive ransomware attack that has disrupted operations at 17 European oil terminals including the busy Amsterdam-Rotterdam-Antwerp refining hub starting on January 29th. Other European companies are also involved including German oil trade company Mabanaft, SEA-Invest in Belgium and Evos in the Netherlands. The attack appears to have had the most impact on the processing, loading and unloading of cargoes. BlackCat ransomware is thought to be behind the incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Infrastructure and utility attacks have become much more common – Utilities/Infrastructure was one of the top 3 industries for ransomware attacks in 2021.
Sweden – Securitas
https://www.zdnet.com/article/unsecured-aws-server-exposed-airport-employee-records-3tb-in-data/Exploit: Misconfiguration
Securitas: Security Company
Risk to Business: 1.2011 = Severe
Researchers have discovered an unsecured AW S3 bucket belonging to security company Securitas that left data exposed for airport employees in Colombia and Peru at four airports: El Dorado International Airport (COL), Alfonso Bonilla Aragón International Airport (COL), José María Córdova International Airport (COL), and Aeropuerto Internacional Jorge Chávez (PE). In addition to the exposed employee data, researchers also uncovered photographs of airline employees, planes, fuel lines, and luggage handling were in the bucket.
Individual Risk: 1.992 = Severe
The exposed records include ID card photos, names, photos, occupations, and national ID numbers for Securitas and airport employees.
How it Could Affect Your Business: Information is a currency on the dark web and cybercriminals are always hungry for more, especially personal and financial data.
Change Management Basics for Technology Refreshes
Once you've completed a technology audit and prioritized the order in which you'll close gaps in your infrastructure, it's critical to remember that there are actions you must take prior to implementation for change to be successful and well-received by your team.
Change produces stress in technology environments and among those who implement or are affected by the change. This is why change management is so critical for successful implementation.
Change management is an approach that deals with the change or transformation of organizational processes, objectives and technologies. The goal of change management is to find strategies to implement and govern transformation while also assisting people in getting accustomed to it.
Applying change management best practices can enable your organization, regardless of size or industry, to scale and adapt to changing market conditions without losing key team players.
Five elements of effective change management for technology refreshes
Identify
Most change management strategies recognize that identifying what to improve creates a solid foundation for clarity, ease of execution and success.
Since most changes are made to improve a process, a technology or a result, identifying the objective and clarifying goals is crucial. This also involves selecting the resources and individuals capable of facilitating and leading the initiative.
Start by asking the following questions to gain a better understanding of your core mission:
- What are you changing?
- Why is this change occurring?
- Which systems and processes might be affected?
- How would this affect employees, customers and others?
Evaluate
Change evaluation attempts to analyze crucial transformations before letting those changes integrate into usual operations.
Here are a few suggestions for the evaluation stage:
- Examine technology mapping and dependencies to ensure you understand the implications of pulling specific systems offline for updates.
- If the failover* operation isn't an option, assess peak usage for all affected users to ensure that system downtime isn't scheduled during peak usage times.
- Determine the processes that need to be modified as well as the individuals who oversee them.
- Define how various internal and external user groups will be affected.
* The capability to switch to a reliable backup system instantly and seamlessly is known as failover.
Manage
These are the areas that require your attention:
- Seek an executive sponsor to propel your project forward and hold you accountable for deviation from your objectives.
- Before detailing your change management strategy, meet with appropriate team leaders to discuss your plan and solicit their views.
- List and connect with relevant process owners and provide them with implementation deadlines.
- Know which platforms and technologies will be affected by upcoming changes. Remember to gather emergency contacts to tackle unforeseen mishaps.
Create
After completing the previous steps, create a change management strategy and draft an expected implementation timeframe.
The change management strategy you create must be comprehensive to act as a roadmap defining the concrete steps your organization will have to take to implement the change management process. This is crucial to avoid disrupting workflows and assist your team in navigating this change.
Implement
Once all key stakeholders have approved the change management strategy, it’s time to put the changes into effect. This frequently requires cross-team collaboration and, on occasion, the support of third parties such as technology suppliers, consultants or a managed service provider (MSP).
Collaborate for success
There’s no way around it — dealing with change is hard. Without a defined strategy in place, avoidable inconsistencies are more likely to occur and you risk disrupting essential operations and losing valuable team members due to exhaustion. Working with a specialist MSP can help you reduce organizational stress while updating your technology ecosystem.
An expert like us can take a significant burden off your shoulders, allowing you to focus on other critical business matters. Contact us to develop a change management strategy for your upcoming technology infrastructure refresh.
Change Management Basics for Technology Refreshes
Once you've completed a technology audit and prioritized the order in which you'll close gaps in your infrastructure, it's critical to remember that there are actions you must take prior to implementation for change to be successful and well-received by your team.
Change produces stress in technology environments and among those who implement or are affected by the change. This is why change management is so critical for successful implementation.
Change management is an approach that deals with the change or transformation of organizational processes, objectives and technologies. The goal of change management is to find strategies to implement and govern transformation while also assisting people in getting accustomed to it.
Applying change management best practices can enable your organization, regardless of size or industry, to scale and adapt to changing market conditions without losing key team players.
Five elements of effective change management for technology refreshes
Identify
Most change management strategies recognize that identifying what to improve creates a solid foundation for clarity, ease of execution and success.
Since most changes are made to improve a process, a technology or a result, identifying the objective and clarifying goals is crucial. This also involves selecting the resources and individuals capable of facilitating and leading the initiative.
Start by asking the following questions to gain a better understanding of your core mission:
- What are you changing?
- Why is this change occurring?
- Which systems and processes might be affected?
- How would this affect employees, customers and others?
Evaluate
Change evaluation attempts to analyze crucial transformations before letting those changes integrate into usual operations.
Here are a few suggestions for the evaluation stage:
- Examine technology mapping and dependencies to ensure you understand the implications of pulling specific systems offline for updates.
- If the failover* operation isn't an option, assess peak usage for all affected users to ensure that system downtime isn't scheduled during peak usage times.
- Determine the processes that need to be modified as well as the individuals who oversee them.
- Define how various internal and external user groups will be affected.
* The capability to switch to a reliable backup system instantly and seamlessly is known as failover.
Manage
These are the areas that require your attention:
- Seek an executive sponsor to propel your project forward and hold you accountable for deviation from your objectives.
- Before detailing your change management strategy, meet with appropriate team leaders to discuss your plan and solicit their views.
- List and connect with relevant process owners and provide them with implementation deadlines.
- Know which platforms and technologies will be affected by upcoming changes. Remember to gather emergency contacts to tackle unforeseen mishaps.
Create
After completing the previous steps, create a change management strategy and draft an expected implementation timeframe.
The change management strategy you create must be comprehensive to act as a roadmap defining the concrete steps your organization will have to take to implement the change management process. This is crucial to avoid disrupting workflows and assist your team in navigating this change.
Implement
Once all key stakeholders have approved the change management strategy, it’s time to put the changes into effect. This frequently requires cross-team collaboration and, on occasion, the support of third parties such as technology suppliers, consultants or a managed service provider (MSP).
Collaborate for success
There’s no way around it — dealing with change is hard. Without a defined strategy in place, avoidable inconsistencies are more likely to occur and you risk disrupting essential operations and losing valuable team members due to exhaustion. Working with a specialist MSP can help you reduce organizational stress while updating your technology ecosystem.
An expert like us can take a significant burden off your shoulders, allowing you to focus on other critical business matters. Contact us to develop a change management strategy for your upcoming technology infrastructure refresh.
Advocates
https://www.scmagazine.com/analysis/breach/68k-affected-by-data-theft-sophisticated-network-hack-of-nonprofit-advocatesExploit: Hacking
Advocates: Health & Social Services Non-Profit
Risk to Business: 1.727= Severe
Advocates announced that it had been the victim of a cyberattack. A hacker gained access to the organization’s network in mid-September 2021. The attacker gained access to data tied to 68,000 clients served by Advocates and likely copied the data. The Massachusetts-based non-profit provides a range of services for individuals with autism, brain injuries, mental health, addiction, and other health conditions. Advocates is cooperating with the ongoing FBI investigation.
Individual Risk: 1.603= Severe
Current and former clients of Advocates are at risk of having their data exposed in this incident. The stolen data included names, contacts, Social Security numbers, dates of birth, client identification numbers, health insurance information, diagnoses and treatments. All impacted individuals will receive free credit monitoring and identity theft protection services.
How It Could Affect Your Business: Companies that store large quantities of personal or medical information are prime targets for the bad guys.
Senate of Puerto Rico
https://abcnews.go.com/International/wireStory/official-puerto-ricos-senate-targeted-cyberattack-82495236Exploit: Hacking
Senate of Puerto Rico: State Legislative Body
Risk to Business: 2.223 =Severe
Puerto Rico’s Senate announced Wednesday that it was the target of a cyberattack that disabled its internet provider, phone system and official online page Senate President José Luis Dalmau said in a statement that there is no evidence that hackers were able to access sensitive information belonging to employees, contractors or consultants, although the incident is still under investigation.
Customers Impacted: Unknown
How It Could Affect Your Business: Cyberattacks o government agencies have been ramping up in recent months without the impetus of added tension in Eastern Europe.
Kings County Public Health Department
https://portswigger.net/daily-swig/california-public-office-admits-covid-19-healthcare-data-breachExploit: Misconfiguration
Kings County California Public Health Department: Local Government Agency
Risk to Business: 2.711= Moderate
Kings County, California announced that the security flaw in its public webserver made limited information on COVID-19 cases available on the internet. The misconfiguration has been chalked up to a negligent third-party contractor. Discovered in mid-November 2021, officials say that the flaw was in place starting on February 15, 2021, and was corrected on December 6, 2021.
Individual Risk: 2.701= Moderate
In a statement, the county said that names, dates of birth, addresses and COVID-related health information for county COVID-19 cases was among the data that was available to view. They’ve set up a dedicated call center to answer questions from the public.
How It Could Affect Your Business: Misconfiguration incidents due to employee or contractor negligence are just as expensive and damaging as cybercrime when regulators get finished with companies that have them.
Canada – Global Affairs Canada
https://www.bleepingcomputer.com/news/security/canadas-foreign-affairs-ministry-hacked-some-services-down/Exploit: Hacking
Global Affairs Canada: National Government Agency
Risk to Business: 1.719 = Severe
Global Affairs Canada (GAK) Canada’s foreign affairs ministry has announced that it was the victim of an unnamed cyberattack on January 19, 2022. The Treasury Board of Canada Secretariat (TBS), Shared Services Canada, and Communications Security Establishment confirmed the incident in a joint statement. GAC says that critical services remain accessible, but some online services are unavailable as the recovery efforts continue. No information has been released about the identity of the attackers or the specific attack type, a subject of interest at a time of heightened risk for nation-state cyber activity.
Customers Impacted: Unknown
How it Could Affect Your Business: Organizations should keep in mind the fact that the preferred weapon of nation-state cybercriminals is ransomware.
United Kingdom – Qubit Finance
https://therecord.media/qubit-finance-platform-hacked-for-80-million-worth-of-cryptocurrency/Exploit: Hacking
Qubit Finance: De Fi Platform
Risk to Business: 1.204= Extreme
A threat actor has stolen approximately $80 million from Qubit Finance after exploiting a flaw in the De Fi platform. Qubit said the attacker was able to steal 206,809 Binance coins (BNB) from its wallet on January 27, 2022. The hacker used a vulnerability in one of its Ethereum blockchain contracts to do the deed. The company has issued a public plea for the threat actor to return the stolen funds, asking them to get in contact with its team to “disclose the bug and receive a bounty reward”. This is sometimes used as a means of circumventing legal trouble for paying a ransom.
Customers Impacted: Unknown
How it Could Affect Your Business: DeFi has been buried under an avalanche of cybercrime lately and there doesn’t appear to be an end in sight.
France – Ministry of Justice (Chancellerie)
https://www.securityweek.com/french-ministry-justice-targeted-ransomware-attackExploit: Ransomware
Ministry of Justice: National Government Agency
Risk to Business: 2.876 = Moderate
An outfit that identifies themselves as LockBit 2.0 posted a message on their dark web leak site claiming to have hit the French Ministry of Justice’s systems, making off with data. The hackers did not specify what data was stolen or how much, but they are threatening to expose it in early February if they’re not paid an unspecified ransom. The ministry’s press office has told reporters that it is aware of the claim and that an investigation has been launched.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals have been having a field day going after government agencies, a problem that is only growing worse.
Belarus – Belarusian Railways
https://therecord.media/cyber-partisans-hacktivists-claim-credit-for-cyberattack-on-belarusian-railways/Exploit: Hacking
Belarusian Railways: Rail Transportation Authority
Risk to Business: 1.806 = Severe
As tensions mount in Eastern Europe, the hacktivist group “ Cyber Partisans” announced on Twitter that they had disrupted networks and databases related to the national rail system in Belarus on January 31, 2022. The group demanded the release of political prisoners and a guarantee preventing the use of railway transportation infrastructure to support Russian troop movements. The railroad’s website appears to confirm that online resources and systems related to issuing electronic tickets are not operational. No further details of the incident were available at press time.
Customers Impacted:
How it Could Affect Your Business: International tensions are rising, creating more opportunities for activism and nation-state cybercrime.
South Africa – Curo Fund Services
Exploit: RansomwareCuro Fund Services: Financial Services
Risk to Business: 1.621 = Severe
Curo Fund Services, South Africa’s biggest provider of investment administration services, was the victim of a ransomware attack that left the company unable to access its systems for five days. The company assured clients that no money was at risk and their sensitive data was not in jeopardy. The attack prevented Curo’s clients from processing investment-related instructions or offering other services through the company’s platform. The incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: The financial sector has been a huge target for ransomware groups, from De Fi platforms to investment banking houses, and companies should be very cautious.
Singapore – Delta Electronics
https://thestack.technology/delta-electronics-ransomware-attack/?amp=1Exploit: Ransomware
Delta Electronics: Computer Hardware Manufacturing
Risk to Business: 1.771 = Severe
Delta Electronics has disclosed that it was the victim of a ransomware attack. The company, a supplier of power management products for Dell and HP, says that they are experiencing technical difficulties that have been limited to non-critical networks. Reports say that customer support and service sites for the US and EMEA clients were unavailable for about 10 days after the attack. An unnamed threat actor has claimed responsibility.
Customers Impacted: Unknown
How it Could Affect Your Business: Epic supply chain problems have manufacturers under stress, and cybercriminals love to take advantage of a bad situation.
Advocates
https://www.scmagazine.com/analysis/breach/68k-affected-by-data-theft-sophisticated-network-hack-of-nonprofit-advocatesExploit: Hacking
Advocates: Health & Social Services Non-Profit
Risk to Business: 1.727= Severe
Advocates announced that it had been the victim of a cyberattack. A hacker gained access to the organization’s network in mid-September 2021. The attacker gained access to data tied to 68,000 clients served by Advocates and likely copied the data. The Massachusetts-based non-profit provides a range of services for individuals with autism, brain injuries, mental health, addiction, and other health conditions. Advocates is cooperating with the ongoing FBI investigation.
Individual Risk: 1.603= Severe
Current and former clients of Advocates are at risk of having their data exposed in this incident. The stolen data included names, contacts, Social Security numbers, dates of birth, client identification numbers, health insurance information, diagnoses and treatments. All impacted individuals will receive free credit monitoring and identity theft protection services.
How It Could Affect Your Business: Companies that store large quantities of personal or medical information are prime targets for the bad guys.
Senate of Puerto Rico
https://abcnews.go.com/International/wireStory/official-puerto-ricos-senate-targeted-cyberattack-82495236Exploit: Hacking
Senate of Puerto Rico: State Legislative Body
Risk to Business: 2.223 =Severe
Puerto Rico’s Senate announced Wednesday that it was the target of a cyberattack that disabled its internet provider, phone system and official online page Senate President José Luis Dalmau said in a statement that there is no evidence that hackers were able to access sensitive information belonging to employees, contractors or consultants, although the incident is still under investigation.
Customers Impacted: Unknown
How It Could Affect Your Business: Cyberattacks o government agencies have been ramping up in recent months without the impetus of added tension in Eastern Europe.
Kings County Public Health Department
https://portswigger.net/daily-swig/california-public-office-admits-covid-19-healthcare-data-breachExploit: Misconfiguration
Kings County California Public Health Department: Local Government Agency
Risk to Business: 2.711= Moderate
Kings County, California announced that the security flaw in its public webserver made limited information on COVID-19 cases available on the internet. The misconfiguration has been chalked up to a negligent third-party contractor. Discovered in mid-November 2021, officials say that the flaw was in place starting on February 15, 2021, and was corrected on December 6, 2021.
Individual Risk: 2.701= Moderate
In a statement, the county said that names, dates of birth, addresses and COVID-related health information for county COVID-19 cases was among the data that was available to view. They’ve set up a dedicated call center to answer questions from the public.
How It Could Affect Your Business: Misconfiguration incidents due to employee or contractor negligence are just as expensive and damaging as cybercrime when regulators get finished with companies that have them.
Canada – Global Affairs Canada
https://www.bleepingcomputer.com/news/security/canadas-foreign-affairs-ministry-hacked-some-services-down/Exploit: Hacking
Global Affairs Canada: National Government Agency
Risk to Business: 1.719 = Severe
Global Affairs Canada (GAK) Canada’s foreign affairs ministry has announced that it was the victim of an unnamed cyberattack on January 19, 2022. The Treasury Board of Canada Secretariat (TBS), Shared Services Canada, and Communications Security Establishment confirmed the incident in a joint statement. GAC says that critical services remain accessible, but some online services are unavailable as the recovery efforts continue. No information has been released about the identity of the attackers or the specific attack type, a subject of interest at a time of heightened risk for nation-state cyber activity.
Customers Impacted: Unknown
How it Could Affect Your Business: Organizations should keep in mind the fact that the preferred weapon of nation-state cybercriminals is ransomware.
United Kingdom – Qubit Finance
https://therecord.media/qubit-finance-platform-hacked-for-80-million-worth-of-cryptocurrency/Exploit: Hacking
Qubit Finance: De Fi Platform
Risk to Business: 1.204= Extreme
A threat actor has stolen approximately $80 million from Qubit Finance after exploiting a flaw in the De Fi platform. Qubit said the attacker was able to steal 206,809 Binance coins (BNB) from its wallet on January 27, 2022. The hacker used a vulnerability in one of its Ethereum blockchain contracts to do the deed. The company has issued a public plea for the threat actor to return the stolen funds, asking them to get in contact with its team to “disclose the bug and receive a bounty reward”. This is sometimes used as a means of circumventing legal trouble for paying a ransom.
Customers Impacted: Unknown
How it Could Affect Your Business: DeFi has been buried under an avalanche of cybercrime lately and there doesn’t appear to be an end in sight.
France – Ministry of Justice (Chancellerie)
https://www.securityweek.com/french-ministry-justice-targeted-ransomware-attackExploit: Ransomware
Ministry of Justice: National Government Agency
Risk to Business: 2.876 = Moderate
An outfit that identifies themselves as LockBit 2.0 posted a message on their dark web leak site claiming to have hit the French Ministry of Justice’s systems, making off with data. The hackers did not specify what data was stolen or how much, but they are threatening to expose it in early February if they’re not paid an unspecified ransom. The ministry’s press office has told reporters that it is aware of the claim and that an investigation has been launched.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals have been having a field day going after government agencies, a problem that is only growing worse.
Belarus – Belarusian Railways
https://therecord.media/cyber-partisans-hacktivists-claim-credit-for-cyberattack-on-belarusian-railways/Exploit: Hacking
Belarusian Railways: Rail Transportation Authority
Risk to Business: 1.806 = Severe
As tensions mount in Eastern Europe, the hacktivist group “ Cyber Partisans” announced on Twitter that they had disrupted networks and databases related to the national rail system in Belarus on January 31, 2022. The group demanded the release of political prisoners and a guarantee preventing the use of railway transportation infrastructure to support Russian troop movements. The railroad’s website appears to confirm that online resources and systems related to issuing electronic tickets are not operational. No further details of the incident were available at press time.
Customers Impacted:
How it Could Affect Your Business: International tensions are rising, creating more opportunities for activism and nation-state cybercrime.
South Africa – Curo Fund Services
Exploit: RansomwareCuro Fund Services: Financial Services
Risk to Business: 1.621 = Severe
Curo Fund Services, South Africa’s biggest provider of investment administration services, was the victim of a ransomware attack that left the company unable to access its systems for five days. The company assured clients that no money was at risk and their sensitive data was not in jeopardy. The attack prevented Curo’s clients from processing investment-related instructions or offering other services through the company’s platform. The incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: The financial sector has been a huge target for ransomware groups, from De Fi platforms to investment banking houses, and companies should be very cautious.
Singapore – Delta Electronics
https://thestack.technology/delta-electronics-ransomware-attack/?amp=1Exploit: Ransomware
Delta Electronics: Computer Hardware Manufacturing
Risk to Business: 1.771 = Severe
Delta Electronics has disclosed that it was the victim of a ransomware attack. The company, a supplier of power management products for Dell and HP, says that they are experiencing technical difficulties that have been limited to non-critical networks. Reports say that customer support and service sites for the US and EMEA clients were unavailable for about 10 days after the attack. An unnamed threat actor has claimed responsibility.
Customers Impacted: Unknown
How it Could Affect Your Business: Epic supply chain problems have manufacturers under stress, and cybercriminals love to take advantage of a bad situation.
RR Donnelly
https://www.bleepingcomputer.com/news/security/marketing-giant-rrd-confirms-data-theft-in-conti-ransomware-attack/Exploit: Ransomware
RR Donnelly: Marketing & Communications Firm
Risk to Business: 1.227= Severe
Major marketing company RR Donnelly has disclosed that they had data stolen in a December cyberattack attributed to ransomware. The Conti ransomware group is suspected to be to blame. In the attack on December 27, 2021, the company experienced a systems intrusion that led it to shut down its network to prevent the attack’s spread. That led to disruptions for customers, with some unable to receive printed documents required for vendor payments, disbursement checks and motor vehicle documentation. The Conti ransomware gang claimed responsibility on January 15 and began leaking 2.5GB of the stolen data that has since been removed.
Customers Impacted: Unknown
How It Could Affect Your Business: A recent rash of ransomware attacks against media and communications organizations should have everyone in that sector on notice.
Strategic Benefits Advisors, Inc
https://www.jdsupra.com/legalnews/data-breach-alert-strategic-benefits-8267696/
Exploit: HackingStrategic Benefits Advisors: Human Resources Consulting Firm
Risk to Business: 2.223 =Severe
In a recent legal filing, Strategic Benefits Advisors disclosed that an unauthorized third party had gained access to its data and may have removed several files containing consumer information. The Georgia-based company provides full-service employee benefits consulting for companies in many industries.
Individual Risk: 2.419=Severe
Strategic Benefits Advisors sent breach notification letters to more than 58,000 people to inform them of the exposure which the company says was limited to full names and Social Security numbers.
How It Could Affect Your Business: Hackers have been especially interested in breaching companies that maintain large stores of data for other companies lately.
City of Tenino, Washington
https://www.govtech.com/security/washington-city-loses-280-309-to-successful-phishing-scamExploit: Phishing/BEC
City of Tenino, Washington: Municipality
Risk to Business: 1.717= Severe
The City of Tenino, Washington is down $280,309 in public funds according to the Washington State Auditor’s Office after a city employee fell for a phishing message that launched a business email compromise scam. Reports say that former Clerk Treasurer John Millard fell victim to a phishing message and paid cybercriminals a boatload of money, some without city council approval. The official reportedly initiated 20 automated clearing house payments from the city’s bank account to multiple out-of-state bank accounts. News outlets are also reporting that a warning was sent out to clerks about the phishing scam immediately but that didn’t stop this disaster from happening.
Customers Impacted: Unknown
How It Could Affect Your Business: BEC is the most expensive cybercrime according to the FBI, 64X more expensive than ransomware – and it usually starts with phishing.
Switzerland – The International Red Cross
https://www.npr.org/2022/01/20/1074405423/red-cross-cyberattackExploit: Third Party/Supply Chain
The International Red Cross: Humanitarian Aid Organization
Risk to Business: 1.719 = Severe
The International Committee of the Red Cross has revealed that hackers have stolen data from a Swiss contractor that stores it for them. The stolen data includes information about over 515,000 highly vulnerable people that it has served, recipients of aid and services from at least 60 affiliates of the organization worldwide. The Red Cross says it typically reunites 12 missing people with their families every day through that program. As a result of this cyberattack, The International Red Cross has been forced to temporarily halt a program that reunites families torn apart by violence, migration or other tragedies. A spokesperson for the ICRC told news outlets that there have been no demands from the hackers in exchange for stolen data and that they were working with specialized firms to recover.
Customers Impacted: Unknown
How it Could Affect Your Business: Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.
Italy – Montcler
https://www.bleepingcomputer.com/news/security/fashion-giant-moncler-confirms-data-breach-after-ransomware-attack/Exploit: Ransomware
Montcler: Luxury Fashion & Outerwear
Risk to Business: 1.727= Severe
Luxury retailer Montcler has disclosed that it suffered a data breach in December 2021 after data began appearing on a cybercriminal leak site. The company confirmed that some data related to its employees, former employees, suppliers, consultants, business partners, and customers was stolen and subsequently leaked after they refused to pay the demanded $3 million ransom. The AlphaV (BlackCat) ransomware operation has claimed responsibility. The stolen data is said to include earning statements, spreadsheets with what appears to be customer information, invoices and other documents, but no specifics were provided.
Customers Impacted: Unknown
How it Could Affect Your Business: retailers have been steadily climbing the cybercriminal’s target hit list, especially luxury brands and specialty retailers.
New Zealand- Kings Plant Barn
https://www.nzherald.co.nz/business/kings-plant-barn-the-latest-retailer-hit-by-click-and-collect-data-breach/HJ45OFWAJ7NGGICU4THWBEZYOI/Exploit: Third Party/Supply Chain
Kings Plant Barn: Garden Retailer
Risk to Business: 1.677 = Severe
Kings Plant Barn is notifying customers that it has experienced a data breach after a data security incident at FlexBooker. The garden chain says that client names, email addresses and collection times were exposed but not passwords or other sensitive data. FlexBooker experienced an attack before the holidays that resulted in the theft of more than three million user records. The platform is used for scheduling and employee calendar management by small businesses like doctor’s offices, real estate companies, service sector businesses and similar companies.
Customers Impacted: Unknown
How it Could Affect Your Business: In an increasingly interconnected world, SMBs need to be prepared for the security risks that they may face from a service provider’s security incident.
Singapore – Crypto.com
https://www.vice.com/en/article/epxb8m/crypto-protocol-publicly-announces-flaw-users-relentlessly-owned-by-hackersExploit: Hacking
Crypto.com: Cryptocurrency Trading Platform
Risk to Business: 1.806 = Severe
Crypto.com, a platform that allows users to swap tokens between blockchains, publicly announced an incident in which a flaw in the platform’s security allowed cybercriminals to snatch an estimated $31 million in cryptocurrency. The company disclosed that 483 users were impacted by unauthorized cryptocurrency withdrawals on their accounts amounting to 4,836.26 ETH, 443.93 BTC, and approximately US$66,200 in other cryptocurrencies. In response to this incident, the company is adjusting its protocols to include safeguards like requiring all customers to re-login and set up their 2FA token to ensure only authorized activity would occur and a new policy where the first withdrawal to a whitelisted address must wait 24 hours among other measures.
Customers Impacted: 483
How it Could Affect Your Business: The financial industry has been besieged by cybercriminals and nothing si taking more of a beating than cryptocurrency and DeFi.
Indonesia – Bank Indonesia
https://www.bleepingcomputer.com/news/security/indonesias-central-bank-confirms-ransomware-attack-conti-leaks-data/Exploit: Ransomware
Bank Indonesia: Financial Institution
Risk to Business: 2.721 = Moderate
Bank Indonesia (BI), the central bank of the Republic of Indonesia, confirmed that a ransomware attack hit its networks last month. In a statement, BI said that their operational activities were not disrupted. CNN reported that the hackers made off with non-critical data belonging to Bank Indonesia employees before deploying ransomware payloads on over a dozen systems on the bank’s network. Conti has claimed responsibility. It claims to have 13.88 GB worth of documents and leaked a sample of files allegedly stolen from Bank Indonesia’s network as proof.
Customers Impacted: Unknown
How it Could Affect Your Business: Personal data is always a winner for cybercriminals who are looking to make a quick profit in the booming dark web data markets.
RR Donnelly
https://www.bleepingcomputer.com/news/security/marketing-giant-rrd-confirms-data-theft-in-conti-ransomware-attack/Exploit: Ransomware
RR Donnelly: Marketing & Communications Firm
Risk to Business: 1.227= Severe
Major marketing company RR Donnelly has disclosed that they had data stolen in a December cyberattack attributed to ransomware. The Conti ransomware group is suspected to be to blame. In the attack on December 27, 2021, the company experienced a systems intrusion that led it to shut down its network to prevent the attack’s spread. That led to disruptions for customers, with some unable to receive printed documents required for vendor payments, disbursement checks and motor vehicle documentation. The Conti ransomware gang claimed responsibility on January 15 and began leaking 2.5GB of the stolen data that has since been removed.
Customers Impacted: Unknown
How It Could Affect Your Business: A recent rash of ransomware attacks against media and communications organizations should have everyone in that sector on notice.
Strategic Benefits Advisors, Inc
https://www.jdsupra.com/legalnews/data-breach-alert-strategic-benefits-8267696/
Exploit: HackingStrategic Benefits Advisors: Human Resources Consulting Firm
Risk to Business: 2.223 =Severe
In a recent legal filing, Strategic Benefits Advisors disclosed that an unauthorized third party had gained access to its data and may have removed several files containing consumer information. The Georgia-based company provides full-service employee benefits consulting for companies in many industries.
Individual Risk: 2.419=Severe
Strategic Benefits Advisors sent breach notification letters to more than 58,000 people to inform them of the exposure which the company says was limited to full names and Social Security numbers.
How It Could Affect Your Business: Hackers have been especially interested in breaching companies that maintain large stores of data for other companies lately.
City of Tenino, Washington
https://www.govtech.com/security/washington-city-loses-280-309-to-successful-phishing-scamExploit: Phishing/BEC
City of Tenino, Washington: Municipality
Risk to Business: 1.717= Severe
The City of Tenino, Washington is down $280,309 in public funds according to the Washington State Auditor’s Office after a city employee fell for a phishing message that launched a business email compromise scam. Reports say that former Clerk Treasurer John Millard fell victim to a phishing message and paid cybercriminals a boatload of money, some without city council approval. The official reportedly initiated 20 automated clearing house payments from the city’s bank account to multiple out-of-state bank accounts. News outlets are also reporting that a warning was sent out to clerks about the phishing scam immediately but that didn’t stop this disaster from happening.
Customers Impacted: Unknown
How It Could Affect Your Business: BEC is the most expensive cybercrime according to the FBI, 64X more expensive than ransomware – and it usually starts with phishing.
Switzerland – The International Red Cross
https://www.npr.org/2022/01/20/1074405423/red-cross-cyberattackExploit: Third Party/Supply Chain
The International Red Cross: Humanitarian Aid Organization
Risk to Business: 1.719 = Severe
The International Committee of the Red Cross has revealed that hackers have stolen data from a Swiss contractor that stores it for them. The stolen data includes information about over 515,000 highly vulnerable people that it has served, recipients of aid and services from at least 60 affiliates of the organization worldwide. The Red Cross says it typically reunites 12 missing people with their families every day through that program. As a result of this cyberattack, The International Red Cross has been forced to temporarily halt a program that reunites families torn apart by violence, migration or other tragedies. A spokesperson for the ICRC told news outlets that there have been no demands from the hackers in exchange for stolen data and that they were working with specialized firms to recover.
Customers Impacted: Unknown
How it Could Affect Your Business: Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.
Italy – Montcler
https://www.bleepingcomputer.com/news/security/fashion-giant-moncler-confirms-data-breach-after-ransomware-attack/Exploit: Ransomware
Montcler: Luxury Fashion & Outerwear
Risk to Business: 1.727= Severe
Luxury retailer Montcler has disclosed that it suffered a data breach in December 2021 after data began appearing on a cybercriminal leak site. The company confirmed that some data related to its employees, former employees, suppliers, consultants, business partners, and customers was stolen and subsequently leaked after they refused to pay the demanded $3 million ransom. The AlphaV (BlackCat) ransomware operation has claimed responsibility. The stolen data is said to include earning statements, spreadsheets with what appears to be customer information, invoices and other documents, but no specifics were provided.
Customers Impacted: Unknown
How it Could Affect Your Business: retailers have been steadily climbing the cybercriminal’s target hit list, especially luxury brands and specialty retailers.
New Zealand- Kings Plant Barn
https://www.nzherald.co.nz/business/kings-plant-barn-the-latest-retailer-hit-by-click-and-collect-data-breach/HJ45OFWAJ7NGGICU4THWBEZYOI/Exploit: Third Party/Supply Chain
Kings Plant Barn: Garden Retailer
Risk to Business: 1.677 = Severe
Kings Plant Barn is notifying customers that it has experienced a data breach after a data security incident at FlexBooker. The garden chain says that client names, email addresses and collection times were exposed but not passwords or other sensitive data. FlexBooker experienced an attack before the holidays that resulted in the theft of more than three million user records. The platform is used for scheduling and employee calendar management by small businesses like doctor’s offices, real estate companies, service sector businesses and similar companies.
Customers Impacted: Unknown
How it Could Affect Your Business: In an increasingly interconnected world, SMBs need to be prepared for the security risks that they may face from a service provider’s security incident.
Singapore – Crypto.com
https://www.vice.com/en/article/epxb8m/crypto-protocol-publicly-announces-flaw-users-relentlessly-owned-by-hackersExploit: Hacking
Crypto.com: Cryptocurrency Trading Platform
Risk to Business: 1.806 = Severe
Crypto.com, a platform that allows users to swap tokens between blockchains, publicly announced an incident in which a flaw in the platform’s security allowed cybercriminals to snatch an estimated $31 million in cryptocurrency. The company disclosed that 483 users were impacted by unauthorized cryptocurrency withdrawals on their accounts amounting to 4,836.26 ETH, 443.93 BTC, and approximately US$66,200 in other cryptocurrencies. In response to this incident, the company is adjusting its protocols to include safeguards like requiring all customers to re-login and set up their 2FA token to ensure only authorized activity would occur and a new policy where the first withdrawal to a whitelisted address must wait 24 hours among other measures.
Customers Impacted: 483
How it Could Affect Your Business: The financial industry has been besieged by cybercriminals and nothing si taking more of a beating than cryptocurrency and DeFi.
Indonesia – Bank Indonesia
https://www.bleepingcomputer.com/news/security/indonesias-central-bank-confirms-ransomware-attack-conti-leaks-data/Exploit: Ransomware
Bank Indonesia: Financial Institution
Risk to Business: 2.721 = Moderate
Bank Indonesia (BI), the central bank of the Republic of Indonesia, confirmed that a ransomware attack hit its networks last month. In a statement, BI said that their operational activities were not disrupted. CNN reported that the hackers made off with non-critical data belonging to Bank Indonesia employees before deploying ransomware payloads on over a dozen systems on the bank’s network. Conti has claimed responsibility. It claims to have 13.88 GB worth of documents and leaked a sample of files allegedly stolen from Bank Indonesia’s network as proof.
Customers Impacted: Unknown
How it Could Affect Your Business: Personal data is always a winner for cybercriminals who are looking to make a quick profit in the booming dark web data markets.
How to Prioritize Your Technology Gaps
Today's technology-based businesses must deal with multiple issues, including cyberthreats, head-to-head competition and regulatory compliance. Hence, keeping your technology infrastructure up to date is critical, and a technology audit is the best place to start.
A technology audit can assist you in better understanding and identifying gaps in your organization's security, compliance and backup. A thorough technology audit can assist you in answering the following key questions:
- Is your current IT infrastructure vulnerable or lacking in any areas?
- Are there any unnecessary tools or processes that do not align with your goals and vision?
- Are you in compliance with applicable regulations, prepared to defend against security threats and capable of restoring business capabilities in the event of a system outage or data breach?
- What steps can you take to address the discovered vulnerabilities?
If you don't have an IT background, the results of a technology audit can be perplexing. You might be overwhelmed by the number of items that need to be refreshed or replaced, and you might be unsure where to begin. Prioritization and the stoplight approach are particularly useful in this situation. Having a managed service provider (MSP) on your side will allow you to seamlessly audit and remediate IT issues.
The stoplight approach
The stoplight method is a simple way of categorizing gaps or vulnerabilities into red, yellow and green groupings based on their severity.
RED: Address the highest risks and vulnerabilities first
Always have a clear idea of what to prioritize in order to prevent and deal with mishaps. Since most organizations cannot address all problems at once, it is critical to focus the most attention and resources on the most pressing issues first.
Any technological refresh should prioritize addressing the most severe infrastructure vulnerabilities. For example, if your company is dealing with a ransomware attack, updating or upgrading Microsoft 365 is a lower priority.
High-priority vulnerabilities that must be classified as RED include:
- Backups that do not work
- Unauthorized network users, including ex-employees and third parties
- Login attempts and successful logins by users identified as former employees or third parties
- Unsecured remote connectivity
- A lack of documented operating procedures
Yellow: Then focus on gaps that are not urgent
There will be gaps that must be kept under watch but can wait until the most crucial issues get resolved. Although these medium-priority gaps may be acceptable in the short term, consider them when planning and budgeting for future technology updates.
The following vulnerabilities fall into the YELLOW category and are of medium severity:
- Insufficient multifactor authentication
- Automated patching system failure
- Outdated antivirus software
- Failure to enable account lockout for some computers
Green: If your budget allows, address these non-critical suggestions
These are the lowest-priority vulnerabilities. Implement measures to close them gradually after fixing the high- and medium-priority issues first.
The following are some of the gaps that fall into the GREEN category:
- Accounts with passwords set to "never expire"
- Computers with operating systems that are nearing the end of their extended support period
- Persistent issues with on-premises syncing
- More administrative access than is required to perform essential duties
Importance of prioritizing gaps
You won't have to deal with a situation where money is spent unnecessarily on a less critical issue if you prioritize gaps and close them systematically based on severity. Simply put, prioritization is advantageous for budgets.
Furthermore, you can maintain uptime by prioritizing gaps before refreshing your IT infrastructure because not all components will be down at the same time. This also prevents productivity and customer service from being jeopardized.
Not sure where to begin? A managed service provider (MSP) like us can help you prioritize technology gaps so you can get the most out of your technology investment while also ensuring uptime and productivity. Contact us for a free consultation.
How to Prioritize Your Technology Gaps
Today's technology-based businesses must deal with multiple issues, including cyberthreats, head-to-head competition and regulatory compliance. Hence, keeping your technology infrastructure up to date is critical, and a technology audit is the best place to start.
A technology audit can assist you in better understanding and identifying gaps in your organization's security, compliance and backup. A thorough technology audit can assist you in answering the following key questions:
- Is your current IT infrastructure vulnerable or lacking in any areas?
- Are there any unnecessary tools or processes that do not align with your goals and vision?
- Are you in compliance with applicable regulations, prepared to defend against security threats and capable of restoring business capabilities in the event of a system outage or data breach?
- What steps can you take to address the discovered vulnerabilities?
The stoplight approach
The stoplight method is a simple way of categorizing gaps or vulnerabilities into red, yellow and green groupings based on their severity.
RED: Address the highest risks and vulnerabilities first
Always have a clear idea of what to prioritize in order to prevent and deal with mishaps. Since most organizations cannot address all problems at once, it is critical to focus the most attention and resources on the most pressing issues first.
Any technological refresh should prioritize addressing the most severe infrastructure vulnerabilities. For example, if your company is dealing with a ransomware attack, updating or upgrading Microsoft 365 is a lower priority.
High-priority vulnerabilities that must be classified as RED include:
- Backups that do not work
- Unauthorized network users, including ex-employees and third parties
- Login attempts and successful logins by users identified as former employees or third parties
- Unsecured remote connectivity
- A lack of documented operating procedures
Yellow: Then focus on gaps that are not urgent
There will be gaps that must be kept under watch but can wait until the most crucial issues get resolved. Although these medium-priority gaps may be acceptable in the short term, consider them when planning and budgeting for future technology updates.
The following vulnerabilities fall into the YELLOW category and are of medium severity:
- Insufficient multifactor authentication
- Automated patching system failure
- Outdated antivirus software
- Failure to enable account lockout for some computers
Green: If your budget allows, address these non-critical suggestions
These are the lowest-priority vulnerabilities. Implement measures to close them gradually after fixing the high- and medium-priority issues first.
The following are some of the gaps that fall into the GREEN category:
- Accounts with passwords set to "never expire"
- Computers with operating systems that are nearing the end of their extended support period
- Persistent issues with on-premises syncing
- More administrative access than is required to perform essential duties
Importance of prioritizing gaps
You won't have to deal with a situation where money is spent unnecessarily on a less critical issue if you prioritize gaps and close them systematically based on severity. Simply put, prioritization is advantageous for budgets.
Furthermore, you can maintain uptime by prioritizing gaps before refreshing your IT infrastructure because not all components will be down at the same time. This also prevents productivity and customer service from being jeopardized.
Not sure where to begin? A managed service provider (MSP) like us can help you prioritize technology gaps so you can get the most out of your technology investment while also ensuring uptime and productivity. Contact us for a free consultation.
Top 4 Tech Trend Predictions for 2022
Over the last few decades, technology has been a driving force in business transformation and doesn't show any signs of slowing down. The fact that direct digital transformation investments are projected to total $7 trillion between 2020 and 2023 demonstrates this.1 If you want your firm to succeed, you must have the appropriate technologies to help you keep up with the changing business world.
In the present scenario, your technology must enable you to overcome three recent pandemic-induced issues:
- Supply chain disruptions
- The great resignation
- A rise in ransomware attacks
Businesses must keep up with the demands of the evolving technology landscape if they wish to achieve their goals and remain competitive despite the changes brought about by the pandemic.
Track the latest technological trends to know if you are moving in the right direction. Having a managed service provider (MSP) on your side allows your business to stay up to date without you having to do much heavy lifting.
Top 4 tech trend predictions for 20225
- Third-party risks will increase
Proactive businesses will include risk assessment, supply chain mapping, real-time risk intelligence and business continuity management in their IT stack (rather than a single application like Excel).
- One-third of companies will fail at implementing “work from anywhere”
- A precisely designed digital workplace that allows for seamless working from anywhere
- A leadership team capable of leading a virtual team
- An organization with high levels of digital literacy across all departments
- A thorough mastery of work-from-anywhere concepts
However, a third of the companies still lag in these areas.
- Cloud-native takes center stage in enterprise cloud
Also, cloud-native adoption is predicted to reach 50% of enterprise organizations by 2022, spanning all major technology domains such as big data, artificial intelligence and the Internet of Things.
- Tech execs leap from digital to human-centered technology transformations
Collaborate for success
If you want to get your technology infrastructure ready for a successful year, you'll need the help of a dependable managed service provider (MSP).
Feel free to send us an email or give us a call to set up a free consultation. Our expertise and skillsets may be precisely what your company needs to help remote workers thrive.
Sources:
- Statista (worldwide-digital-transformation-market-size)
- Statista (cost-supply-chain-disruption-country)
- Job Openings and Labor Turnover Survey, 2021
- Statista (businesses-ransomware-attack-rate)
- Predictions 2022, Forrester
Top 4 Tech Trend Predictions for 2022
Over the last few decades, technology has been a driving force in business transformation and doesn't show any signs of slowing down. The fact that direct digital transformation investments are projected to total $7 trillion between 2020 and 2023 demonstrates this.1 If you want your firm to succeed, you must have the appropriate technologies to help you keep up with the changing business world.
In the present scenario, your technology must enable you to overcome three recent pandemic-induced issues:
- Supply chain disruptions
- The great resignation
- A rise in ransomware attacks
Track the latest technological trends to know if you are moving in the right direction. Having a managed service provider (MSP) on your side allows your business to stay up to date without you having to do much heavy lifting.
Top 4 tech trend predictions for 20225
- Third-party risks will increase
Proactive businesses will include risk assessment, supply chain mapping, real-time risk intelligence and business continuity management in their IT stack (rather than a single application like Excel).
- One-third of companies will fail at implementing “work from anywhere”
- A precisely designed digital workplace that allows for seamless working from anywhere
- A leadership team capable of leading a virtual team
- An organization with high levels of digital literacy across all departments
- A thorough mastery of work-from-anywhere concepts
- Cloud-native takes center stage in enterprise cloud
Also, cloud-native adoption is predicted to reach 50% of enterprise organizations by 2022, spanning all major technology domains such as big data, artificial intelligence and the Internet of Things.
- Tech execs leap from digital to human-centered technology transformations
Collaborate for success
If you want to get your technology infrastructure ready for a successful year, you'll need the help of a dependable managed service provider (MSP).
Feel free to send us an email or give us a call to set up a free consultation. Our expertise and skillsets may be precisely what your company needs to help remote workers thrive.
Sources:
- Statista (worldwide-digital-transformation-market-size)
- Statista (cost-supply-chain-disruption-country)
- Job Openings and Labor Turnover Survey, 2021
- Statista (businesses-ransomware-attack-rate)
- Predictions 2022, Forrester
Medical Review Institute of America (MRIoA)
https://www.securityweek.com/mrioa-discloses-data-breach-affecting-134000-peopleExploit: Ransomware
Medical Review Institute of America (MRIoA): Medical Analytics
Risk to Business: 1.227= Severe
Utah-based medical information and analysis company Medical Review Institute of America (MRIoA) announced that it has experienced a data breach. The incident was discovered on November 9, 2021, and officials were able to confirm that data had been stolen by November 16, 2021. In a data breach filing, the company said that over 134,000 individuals were impacted by the incident which is still under investigation. The company did say that it “retrieved and subsequently confirmed the deletion of” stolen data, but no information was released about a ransom amount or if they paid the ransom.
Risk to Business: 1.801= Severe
Protected health information was snatched including patients’ names, gender, physical and email addresses, phone numbers, birth dates, Social Security numbers, full clinical information (including diagnosis, treatment, medical history, and lab test results) and financial information (such as health insurance policy and group plan number).
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses.
The Metropolitan Detention Center (MDC)
https://www.techtimes.com/articles/270004/20220103/hospital-data-breach-personal-info-1-3-million-patients-staff-data-breach.htmExploit: Ransomware
The Metropolitan Detention Center (MDC): Prison
Risk to Business: 2.223 =Severe
New Mexico prison officials had a problem on their hands as a ransomware attack impacted county computer systems resulting in a lockdown of the Metropolitan Detention Center (MDC) in Bernalillo County, New Mexico. The prison was not directly targeted. Inmates were forced to stay in their cells since the attack impacted the facility’s security camera networks, automated doors and internet service. Inmates and jailors were also unable to videoconference for trials. Reports say that a number of databases are suspected of being compromised or corrupted including an incident tracker which records inmate fights, attacks, as well as allegations of prison rape and sexual assault.
Risk to Business: 2.419=Severe
The exposed personal data for patients and former patients at Broward health may include Social Security numbers, bank or financial account information, driver’s license numbers, names, addresses, telephone numbers and hospital payment account information. Protected health information including medical information like care history, condition, treatment and diagnosis records may also have been exposed.
How It Could Affect Your Business: Ransomware can cause serious operational problems in unexpected places in today’s connected world.
Illuminate Education
https://nypost.com/2022/01/15/nyc-schools-crippled-by-illuminate-educations-data-outage/Exploit: Hacking
Illuminate Education: Education Platform
Risk to Business: 1.717= Severe
Illuminate Education, a digital education platform used by 5,200 schools and districts in the US, is still struggling to resume services after a cyberattack. The company owns popular school management platforms Skedula and PupilPath. Illuminate Education says it has continued experiencing a service interruption affecting all IO Classroom applications for nearly 10 days following an unspecified security incident. Investigation and recovery are underway, but the platform has not provided a recent update on the expected timeline.
Customers Impacted: Unknown
How It Could Affect Your Business: Cybercriminals have been all over targets in the education sector including companies that serve it. Companies should use caution.
TransCredit
https://www.websiteplanet.com/blog/transcredit-leak-report/Exploit: Misconfiguration
TransCredit: Credit Analysis & Reporting
Risk to Business: 1.719 = Severe
Over half a million credit reports and other financial documents held by Florida-based financial analysis firm TransCredit have been exposed. The Website Planet research team reported discovering a non-password-protected database that contained 822,789 records. Researchers cautioned that this dataset appears to be concentrated on clients in the transportation sector.
Risk to Business: 1.719 = Severe
The exposed data includes detailed information on trucking, transport companies and individual drivers. Also included in this data was information about credit accounts, loans, repayment and debt collections as well as financial data like banking information, tax ID numbers and Social Security Numbers.
How it Could Affect Your Business: Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.
United Kingdom – Parasol Group
https://www.theregister.com/2022/01/17/umbrella_company_parasol_group_confirms/Exploit: Hacking
Parasol Group: Business Services
Risk to Business: 1.727= Severe
UK umbrella company Parasol Group was forced to shut down some of its IT systems last week after an intrusion was detected. The outage impacted the company’s MyParasol payment portal for contractors and freelancers, leading to payroll issues that caused some folks to not get paid. The company is also having invoicing problems as a result of the incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.
Germany – Hensoldt
https://www.bleepingcomputer.com/news/security/global-it-services-provider-inetum-hit-by-ransomware-attack/Exploit: Ransomware
Hensoldt: Defense Contractor
Risk to Business: 1.677 = Severe
Multinational defense contractor Hensoldt was hit with a ransomware attack by the Lorenz ransomware group. The company’s products include radar arrays, avionics, and laser rangefinders used by the US military. The Lorenz ransomware group claims to have stolen an undisclosed number of files from Hensholdt’s network during the attack. The gang says that they have published 95% of all stolen files on their leak website. No ransom demand has been announced.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals don’t just steal personal and financial data, they also love trade secrets, research, formulas and other proprietary data.
The Philippines – Commission on Elections (Comelec)
Exploit: HackingCommission on Elections (Comelec): Government Agency
Risk to Business: 1.806 = Severe
Concerns are mounting about the possibility that sensitive voter data has been exposed after an audacious attack on the Commission on Elections (Comelec) of The Philippines. Bad actors breached the system of the Comelec on January 8 and downloaded files that included sensitive information including the usernames and PINS of vote-counting machines (VCM). The cybercriminals made off with an estimated 60 gigabytes of data. Reports say that the stolen data included network diagrams, IP addresses, list of all privileged users, domain admin credentials, list of all passwords and domain policies, access to the ballot handling dashboard and QR code captures of the bureau of canvassers with login and password. The exposure of this data may impact upcoming elections in The Philippines in May.
Customers Impacted: Unknown
How it Could Affect Your Business: Government agencies have become juicy targets for cybercriminals looking to score a boatload ofsensitive information fast.
Thailand – Siriraj Hospital
https://www.straitstimes.com/singapore/consumer/personal-data-of-og-department-store-customers-leakedExploit: Hacking
Siriraj Hospital: Medical Center
Risk to Business: 2.721 = Moderate
An estimated 39 million patient records from Siriraj Hospital in Thailand, including VIP patients, has turned up for sale on the dark web. Threat actors offered samples from the 38.9 million patient records they claimed to have. This is the second attack on a major Thai hospital in 6 months.
Risk to Business: 2.605 = Moderate
The treasure trove of data supposedly includes names, addresses, Thai IDs, phone numbers, gender details, dates of birth and other patient personal information.
How it Could Affect Your Business: Personal data is always a winner for cybercriminals who are looking to make a quick profit in the booming dark web data markets.