InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Medical Review Institute of America (MRIoA)
https://www.securityweek.com/mrioa-discloses-data-breach-affecting-134000-peopleExploit: Ransomware
Medical Review Institute of America (MRIoA): Medical Analytics
Risk to Business: 1.227= Severe
Utah-based medical information and analysis company Medical Review Institute of America (MRIoA) announced that it has experienced a data breach. The incident was discovered on November 9, 2021, and officials were able to confirm that data had been stolen by November 16, 2021. In a data breach filing, the company said that over 134,000 individuals were impacted by the incident which is still under investigation. The company did say that it “retrieved and subsequently confirmed the deletion of” stolen data, but no information was released about a ransom amount or if they paid the ransom.
Risk to Business: 1.801= Severe
Protected health information was snatched including patients’ names, gender, physical and email addresses, phone numbers, birth dates, Social Security numbers, full clinical information (including diagnosis, treatment, medical history, and lab test results) and financial information (such as health insurance policy and group plan number).
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses.
The Metropolitan Detention Center (MDC)
https://www.techtimes.com/articles/270004/20220103/hospital-data-breach-personal-info-1-3-million-patients-staff-data-breach.htmExploit: Ransomware
The Metropolitan Detention Center (MDC): Prison
Risk to Business: 2.223 =Severe
New Mexico prison officials had a problem on their hands as a ransomware attack impacted county computer systems resulting in a lockdown of the Metropolitan Detention Center (MDC) in Bernalillo County, New Mexico. The prison was not directly targeted. Inmates were forced to stay in their cells since the attack impacted the facility’s security camera networks, automated doors and internet service. Inmates and jailors were also unable to videoconference for trials. Reports say that a number of databases are suspected of being compromised or corrupted including an incident tracker which records inmate fights, attacks, as well as allegations of prison rape and sexual assault.
Risk to Business: 2.419=Severe
The exposed personal data for patients and former patients at Broward health may include Social Security numbers, bank or financial account information, driver’s license numbers, names, addresses, telephone numbers and hospital payment account information. Protected health information including medical information like care history, condition, treatment and diagnosis records may also have been exposed.
How It Could Affect Your Business: Ransomware can cause serious operational problems in unexpected places in today’s connected world.
Illuminate Education
https://nypost.com/2022/01/15/nyc-schools-crippled-by-illuminate-educations-data-outage/Exploit: Hacking
Illuminate Education: Education Platform
Risk to Business: 1.717= Severe
Illuminate Education, a digital education platform used by 5,200 schools and districts in the US, is still struggling to resume services after a cyberattack. The company owns popular school management platforms Skedula and PupilPath. Illuminate Education says it has continued experiencing a service interruption affecting all IO Classroom applications for nearly 10 days following an unspecified security incident. Investigation and recovery are underway, but the platform has not provided a recent update on the expected timeline.
Customers Impacted: Unknown
How It Could Affect Your Business: Cybercriminals have been all over targets in the education sector including companies that serve it. Companies should use caution.
TransCredit
https://www.websiteplanet.com/blog/transcredit-leak-report/Exploit: Misconfiguration
TransCredit: Credit Analysis & Reporting
Risk to Business: 1.719 = Severe
Over half a million credit reports and other financial documents held by Florida-based financial analysis firm TransCredit have been exposed. The Website Planet research team reported discovering a non-password-protected database that contained 822,789 records. Researchers cautioned that this dataset appears to be concentrated on clients in the transportation sector.
Risk to Business: 1.719 = Severe
The exposed data includes detailed information on trucking, transport companies and individual drivers. Also included in this data was information about credit accounts, loans, repayment and debt collections as well as financial data like banking information, tax ID numbers and Social Security Numbers.
How it Could Affect Your Business: Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.
United Kingdom – Parasol Group
https://www.theregister.com/2022/01/17/umbrella_company_parasol_group_confirms/Exploit: Hacking
Parasol Group: Business Services
Risk to Business: 1.727= Severe
UK umbrella company Parasol Group was forced to shut down some of its IT systems last week after an intrusion was detected. The outage impacted the company’s MyParasol payment portal for contractors and freelancers, leading to payroll issues that caused some folks to not get paid. The company is also having invoicing problems as a result of the incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.
Germany – Hensoldt
https://www.bleepingcomputer.com/news/security/global-it-services-provider-inetum-hit-by-ransomware-attack/Exploit: Ransomware
Hensoldt: Defense Contractor
Risk to Business: 1.677 = Severe
Multinational defense contractor Hensoldt was hit with a ransomware attack by the Lorenz ransomware group. The company’s products include radar arrays, avionics, and laser rangefinders used by the US military. The Lorenz ransomware group claims to have stolen an undisclosed number of files from Hensholdt’s network during the attack. The gang says that they have published 95% of all stolen files on their leak website. No ransom demand has been announced.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals don’t just steal personal and financial data, they also love trade secrets, research, formulas and other proprietary data.
The Philippines – Commission on Elections (Comelec)
Exploit: HackingCommission on Elections (Comelec): Government Agency
Risk to Business: 1.806 = Severe
Concerns are mounting about the possibility that sensitive voter data has been exposed after an audacious attack on the Commission on Elections (Comelec) of The Philippines. Bad actors breached the system of the Comelec on January 8 and downloaded files that included sensitive information including the usernames and PINS of vote-counting machines (VCM). The cybercriminals made off with an estimated 60 gigabytes of data. Reports say that the stolen data included network diagrams, IP addresses, list of all privileged users, domain admin credentials, list of all passwords and domain policies, access to the ballot handling dashboard and QR code captures of the bureau of canvassers with login and password. The exposure of this data may impact upcoming elections in The Philippines in May.
Customers Impacted: Unknown
How it Could Affect Your Business: Government agencies have become juicy targets for cybercriminals looking to score a boatload ofsensitive information fast.
Thailand – Siriraj Hospital
https://www.straitstimes.com/singapore/consumer/personal-data-of-og-department-store-customers-leakedExploit: Hacking
Siriraj Hospital: Medical Center
Risk to Business: 2.721 = Moderate
An estimated 39 million patient records from Siriraj Hospital in Thailand, including VIP patients, has turned up for sale on the dark web. Threat actors offered samples from the 38.9 million patient records they claimed to have. This is the second attack on a major Thai hospital in 6 months.
Risk to Business: 2.605 = Moderate
The treasure trove of data supposedly includes names, addresses, Thai IDs, phone numbers, gender details, dates of birth and other patient personal information.
How it Could Affect Your Business: Personal data is always a winner for cybercriminals who are looking to make a quick profit in the booming dark web data markets.
Why You Should Prioritize Your Technology Gaps
Technology is an unavoidable component of most businesses these days, helping them achieve their goals and vision. However, if you are not cautious, technological flaws could allow cybercriminals to access your network and cause harm to your company. Technology auditing is the solution to this problem.
A technology audit can assist you in better understanding and identifying gaps in your organization's security, compliance and backup postures. But if you don't have a background in IT, the results of a technology audit can be confusing. You may be overwhelmed by the number of items that need to be refreshed or replaced, and you may not know where to start.
Having a managed service provider (MSP) by your side can help you avoid these stumbling blocks. An MSP can provide you with a prioritized list of the most urgent to least urgent gaps, allowing you to decide how to proceed and allocate funds.
Why should you prioritize your organization’s technology gaps?
Here are some reasons why prioritizing technology gaps is critical:To fix the most critical gaps immediately
Following an audit, you may discover hundreds of vulnerabilities, prompting the question, "Should all of these be fixed at once?"
To make an improvement on a major highway, you wouldn't close every lane at the same time. Instead, you would first block and repair the most damaged one during non-peak hours. The same is true for vulnerabilities, and it is always better to bridge the most critical one first.
Bridging all the gaps at once is rarely practical, both financially and in terms of time and effort. Furthermore, if you prioritize a lower-priority vulnerability first, cybercriminals can swoop in and exploit critical flaws in the blink of an eye.
To promote better budgetary decisions
Budgets, when properly planned, can serve as a tool to assist you in meeting organizational objectives.
Randomly allocating funds to bridge gaps will neither help defend against threats nor be a wise budgetary decision. Instead, prioritize gaps and distribute financial resources based on vulnerability severity.
To improve control over transformation and upgrade
Timely upgrades and associated transformation are crucial for a business to stay competitive in constantly evolving business landscapes. Even so, it is critical to maintain control over such transitions. Otherwise, it could lead to confusion and poor decisions, ultimately harming your company's growth.
Get a better understanding of upgrades and transformation by prioritizing gaps and systematically bridging them based on their severity.
To avoid overburdening key stakeholders
Tending to all gaps at once can overwhelm your employees, in turn lowering their productivity and deteriorating customer service. Avoid this to the greatest extent possible. If your customers and employees are dissatisfied, your business can suffer serious setbacks such as employee attrition, customer churn, accidental data breaches and so on.
Collaborate for success
Not sure where to start? We can help you prioritize technology gaps in order to optimize IT platforms and help you get the most out of your technology investment, all while ensuring uptime and productivity.
Contact us to learn how we can help your organization successfully prioritize technology gaps to achieve targeted goals in a sustainable manner.
Why You Should Prioritize Your Technology Gaps
Technology is an unavoidable component of most businesses these days, helping them achieve their goals and vision. However, if you are not cautious, technological flaws could allow cybercriminals to access your network and cause harm to your company. Technology auditing is the solution to this problem.
A technology audit can assist you in better understanding and identifying gaps in your organization's security, compliance and backup postures. But if you don't have a background in IT, the results of a technology audit can be confusing. You may be overwhelmed by the number of items that need to be refreshed or replaced, and you may not know where to start.
Having a managed service provider (MSP) by your side can help you avoid these stumbling blocks. An MSP can provide you with a prioritized list of the most urgent to least urgent gaps, allowing you to decide how to proceed and allocate funds.
Why should you prioritize your organization’s technology gaps?
Here are some reasons why prioritizing technology gaps is critical:To fix the most critical gaps immediately
To make an improvement on a major highway, you wouldn't close every lane at the same time. Instead, you would first block and repair the most damaged one during non-peak hours. The same is true for vulnerabilities, and it is always better to bridge the most critical one first. Bridging all the gaps at once is rarely practical, both financially and in terms of time and effort. Furthermore, if you prioritize a lower-priority vulnerability first, cybercriminals can swoop in and exploit critical flaws in the blink of an eye.
To promote better budgetary decisions
Randomly allocating funds to bridge gaps will neither help defend against threats nor be a wise budgetary decision. Instead, prioritize gaps and distribute financial resources based on vulnerability severity.
To improve control over transformation and upgrade
Get a better understanding of upgrades and transformation by prioritizing gaps and systematically bridging them based on their severity.
To avoid overburdening key stakeholders
Collaborate for success
Not sure where to start? We can help you prioritize technology gaps in order to optimize IT platforms and help you get the most out of your technology investment, all while ensuring uptime and productivity.Contact us to learn how we can help your organization successfully prioritize technology gaps to achieve targeted goals in a sustainable manner.
All You Need to Know About Least Privilege
In IT, the principle of least privilege (PoLP) refers to the concept that any process, program or user must be provided with only the bare minimum privileges (access or permissions) needed to perform a function. For instance, if a user account has been created for accessing database records, it need not have admin rights. Also, a programmer responsible for updating lines of legacy code can do so without access to the company’s financial records.
PoLP is a cybersecurity best practice and often considered a critical step for protecting privileged access to a businesses’ high-value assets and data (including customer/employee records). Since this principle extends beyond the scope of human access, it is also applicable to systems, applications and connected devices that require certain permissions or privileges to perform a task.
What Least Privilege is Used For
Did you know that two of the most infamous data breaches on record, namely the ones at Home Depot[i] and Target[ii], occurred due to a compromise of their network credentials? In both the cases, hackers used privileged accounts to access critical business data and private records of customers. Taking cue from the breaches in the past, you need to understand that your informational security professionals and network managers must deploy security strategies for users and applications to perform critical functions within the network.
For ensuring efficient enforcement of the principle of least privilege, you need to devise a strategy to manage and secure your privileged credentials centrally and deploy flexible controls to strike a balance between your operational and end-user needs and your compliance and cybersecurity requirements.
Securing Your Business
The Vectra 2020 Attacker Behavior Industry Report[iii] highlights that privileged access is a key aspect that hackers leverage for lateral movement in cyberattacks. They use these privileges to gain access to the most critical assets that a business relies on.PoLP is an efficient cybersecurity strategy that can be used to restrict unauthorized access of data from the different levels within your IT environment including applications, end users, systems, networks, databases, processes and so on. You can grant permissions to your users to execute, read or write only those resources or files that they need to perform their job. Additionally, you can restrict access rights for devices, processes, systems and applications to privileges required to carry out authorized activities.
Managing Access Levels
In some cases, the assignment of privileges is done on role-based attributes such as the business unit, time of day, seniority and other special circumstances. Some examples of role-based privileges include:Least privileged user accounts — These are standard user accounts that operate with a limited set of privileges. Under normal circumstances, most of your users should be operating under these accounts, 90 to 100 percent of the time.
Superuser accounts — These are essentially admin accounts that are used by specialized IT users and often come with unlimited privileges. In addition to the read/write/execute privileges, these accounts have the permission to execute systemic changes in your IT network.
Guest user accounts — These accounts are created on a situational basis and often have the least number of privileges — lower than those of the standard user accounts.
Managing Third-Party Vendor Risk
An interesting thing to note about the Target data breach is that it started with the hackers gaining access to nearly 70 million customer accounts through an HVAC contractor who had access to Target’s network and the permission to upload executables.[iv] What this implies is that you must not ignore third-party vendor risk management. Apart from your internal users, you must also implement principle of least privilege for your third-party vendors as they can be a major security risk for your business. Limiting third-party vendor access to your critical data can be an efficient strategy towards minimizing the associated risk.Benefits of Principle of Least Privilege
We have rounded up a list of benefits of leveraging the principle of least privilege for your business. Read on:
Diminishes the Attack Surface
As mentioned earlier, the role of an HVAC contractor was critical to the Target data breach. Given the fact that the third-party vendor had elevated privileges, one can safely say that Target failed to implement PoLP, which consequently created a broad attack surface for the hacker to leverage.Under PoLP, restricting privileges for your applications, processes and users significantly diminishes the attack surface and limits the ingresses and pathways for exploit.
Reduces the Impact of Breaches
By implementing PoLP, you can significantly reduce the impact of a breach that might occur as a result of unauthorized or unwanted use of network privileges. For instance, if a user account that has only limited privileges is compromised, the scope of catastrophic harm is relatively low.Reduces Malware Propagation and Infection
Hackers usually target applications and systems with unrestricted privileges. As one of the most common web applications cyberattacks out there, a SQL injection attacks by inserting malicious instructions within SQL statements. The hacker can then enhance his privileges and acquire unauthorized control over your critical systems. However, by implementing PoLP, you can efficiently stunt and contain such malware attacks to where they first entered your system.Ensures Superior Data Security Capabilities
In addition to eliminating any security flaws on the periphery of your business, you also need to focus on minimizing the risk of proprietary data thefts and insider leaks. That being said, it is imperative to monitor and control the activity of your authorized users to reinforce your cybersecurity stance.Since PoLP restricts privilege elevations as well as the number of users that are given access to confidential information, it inherently enhances the security of your critical data.
PoLP Best Practices
There are certain best practices that you must follow to efficiently implement PoLP in your security policies.
Here is a list:
- For starters, you must conduct a privilege audit for all your existing programs, processes and user accounts to make sure that they have only the bare minimum permissions required to do their jobs.
- Make sure that you start all your user accounts with privileges set to the lowest possible level. Implement least privilege as the default for all your existing as well as new user accounts, applications and systems.
- You must elevate account privileges as needed and only for a specific time period that is required to do the job. An efficient strategy to provide the required access while also maintaining control is using one-time-use credentials and expiring privileges.
- Keep track of all the activity on your network including access requests, systems changes and individual logins. Having a comprehensive understanding of who is operating on your network and what they are doing is critical to maintaining control over who can access what.
- Maintain a management platform that allows flexibility to securely elevate and downgrade privileged credentials.
- Conduct regular audits to check if there are any old accounts, users or processes that have accumulated privileges over time and analyze whether or not the elevated privileges are still relevant
According to PoLP, organizations should operate under the zero-trust framework by not blindly trusting anything within or outside their network and verifying everything before granting permissions for access.
Implement PoLP across your IT environment today to strengthen your cybersecurity posture. Don’t know how? Contact us now to help you understand how you can implement and leverage the powerful capabilities of PoLP.
Article curated and used by permission.
[i] https://www.webtitan.com/blog/cost-retail-data-breach-179-million-home-depot/#:~:text=The%20Home%20Depot%20data%20breach,one%20of%20the%20retailer's%20vendors
[ii] https://arxiv.org/pdf/1701.04940.pdf#:~:text=1%20INTRODUCTION,of%20personal%20information%20were%20stolen
[iii] https://www.securitymagazine.com/articles/91830-surge-in-attacker-access-to-privileged-accounts-and-services-puts-businesses-at-risk
[iv] https://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/
All You Need to Know About Least Privilege
In IT, the principle of least privilege (PoLP) refers to the concept that any process, program or user must be provided with only the bare minimum privileges (access or permissions) needed to perform a function. For instance, if a user account has been created for accessing database records, it need not have admin rights. Also, a programmer responsible for updating lines of legacy code can do so without access to the company’s financial records.
PoLP is a cybersecurity best practice and often considered a critical step for protecting privileged access to a businesses’ high-value assets and data (including customer/employee records). Since this principle extends beyond the scope of human access, it is also applicable to systems, applications and connected devices that require certain permissions or privileges to perform a task.
What Least Privilege is Used For
Did you know that two of the most infamous data breaches on record, namely the ones at Home Depot[i] and Target[ii], occurred due to a compromise of their network credentials? In both the cases, hackers used privileged accounts to access critical business data and private records of customers. Taking cue from the breaches in the past, you need to understand that your informational security professionals and network managers must deploy security strategies for users and applications to perform critical functions within the network.
For ensuring efficient enforcement of the principle of least privilege, you need to devise a strategy to manage and secure your privileged credentials centrally and deploy flexible controls to strike a balance between your operational and end-user needs and your compliance and cybersecurity requirements.
Securing Your Business
The Vectra 2020 Attacker Behavior Industry Report[iii] highlights that privileged access is a key aspect that hackers leverage for lateral movement in cyberattacks. They use these privileges to gain access to the most critical assets that a business relies on.PoLP is an efficient cybersecurity strategy that can be used to restrict unauthorized access of data from the different levels within your IT environment including applications, end users, systems, networks, databases, processes and so on. You can grant permissions to your users to execute, read or write only those resources or files that they need to perform their job. Additionally, you can restrict access rights for devices, processes, systems and applications to privileges required to carry out authorized activities.
Managing Access Levels
In some cases, the assignment of privileges is done on role-based attributes such as the business unit, time of day, seniority and other special circumstances. Some examples of role-based privileges include:Least privileged user accounts — These are standard user accounts that operate with a limited set of privileges. Under normal circumstances, most of your users should be operating under these accounts, 90 to 100 percent of the time.
Superuser accounts — These are essentially admin accounts that are used by specialized IT users and often come with unlimited privileges. In addition to the read/write/execute privileges, these accounts have the permission to execute systemic changes in your IT network.
Guest user accounts — These accounts are created on a situational basis and often have the least number of privileges — lower than those of the standard user accounts.
Managing Third-Party Vendor Risk
An interesting thing to note about the Target data breach is that it started with the hackers gaining access to nearly 70 million customer accounts through an HVAC contractor who had access to Target’s network and the permission to upload executables.[iv] What this implies is that you must not ignore third-party vendor risk management. Apart from your internal users, you must also implement principle of least privilege for your third-party vendors as they can be a major security risk for your business. Limiting third-party vendor access to your critical data can be an efficient strategy towards minimizing the associated risk.Benefits of Principle of Least Privilege
We have rounded up a list of benefits of leveraging the principle of least privilege for your business. Read on:
Diminishes the Attack Surface
As mentioned earlier, the role of an HVAC contractor was critical to the Target data breach. Given the fact that the third-party vendor had elevated privileges, one can safely say that Target failed to implement PoLP, which consequently created a broad attack surface for the hacker to leverage.Under PoLP, restricting privileges for your applications, processes and users significantly diminishes the attack surface and limits the ingresses and pathways for exploit.
Reduces the Impact of Breaches
By implementing PoLP, you can significantly reduce the impact of a breach that might occur as a result of unauthorized or unwanted use of network privileges. For instance, if a user account that has only limited privileges is compromised, the scope of catastrophic harm is relatively low.Reduces Malware Propagation and Infection
Hackers usually target applications and systems with unrestricted privileges. As one of the most common web applications cyberattacks out there, a SQL injection attacks by inserting malicious instructions within SQL statements. The hacker can then enhance his privileges and acquire unauthorized control over your critical systems. However, by implementing PoLP, you can efficiently stunt and contain such malware attacks to where they first entered your system.Ensures Superior Data Security Capabilities
In addition to eliminating any security flaws on the periphery of your business, you also need to focus on minimizing the risk of proprietary data thefts and insider leaks. That being said, it is imperative to monitor and control the activity of your authorized users to reinforce your cybersecurity stance.Since PoLP restricts privilege elevations as well as the number of users that are given access to confidential information, it inherently enhances the security of your critical data.
PoLP Best Practices
There are certain best practices that you must follow to efficiently implement PoLP in your security policies.
Here is a list:
- For starters, you must conduct a privilege audit for all your existing programs, processes and user accounts to make sure that they have only the bare minimum permissions required to do their jobs.
- Make sure that you start all your user accounts with privileges set to the lowest possible level. Implement least privilege as the default for all your existing as well as new user accounts, applications and systems.
- You must elevate account privileges as needed and only for a specific time period that is required to do the job. An efficient strategy to provide the required access while also maintaining control is using one-time-use credentials and expiring privileges.
- Keep track of all the activity on your network including access requests, systems changes and individual logins. Having a comprehensive understanding of who is operating on your network and what they are doing is critical to maintaining control over who can access what.
- Maintain a management platform that allows flexibility to securely elevate and downgrade privileged credentials.
- Conduct regular audits to check if there are any old accounts, users or processes that have accumulated privileges over time and analyze whether or not the elevated privileges are still relevant
According to PoLP, organizations should operate under the zero-trust framework by not blindly trusting anything within or outside their network and verifying everything before granting permissions for access.
Implement PoLP across your IT environment today to strengthen your cybersecurity posture. Don’t know how? Contact us now to help you understand how you can implement and leverage the powerful capabilities of PoLP.
Article curated and used by permission.
[i] https://www.webtitan.com/blog/cost-retail-data-breach-179-million-home-depot/#:~:text=The%20Home%20Depot%20data%20breach,one%20of%20the%20retailer's%20vendors
[ii] https://arxiv.org/pdf/1701.04940.pdf#:~:text=1%20INTRODUCTION,of%20personal%20information%20were%20stolen
[iii] https://www.securitymagazine.com/articles/91830-surge-in-attacker-access-to-privileged-accounts-and-services-puts-businesses-at-risk
[iv] https://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/
FinalSite
https://thejournal.com/articles/2022/01/07/thousands-of-schools-affected-by-ransomware-attack-on-website-provider-finalsite.aspxExploit: Ransomware
FinalSite: Education Technology Provider
Risk to Business: 1.227=Extreme
School website services provider FinalSite has suffered a ransomware attack that disrupted access to websites for thousands of schools worldwide. FinalSite provides solutions for over 8,000 K – 12 schools and universities in 115 countries. school districts that hosted their websites with FinalSite found that they were no longer reachable or were displaying errors. Bleeping Computer reports that in addition to the website outages the attack prevented schools from sending closure notifications due to weather or COVID-19. FinalSite says that approximately 5,000 school websites went offline as a result of the ransomware attack and no data was stolen. An investigation is ongoing.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses.
Broward Health
https://www.techtimes.com/articles/270004/20220103/hospital-data-breach-personal-info-1-3-million-patients-staff-data-breach.htmExploit: Hacking
Broward Health: Hospital System
Risk to Business: 2.223 =Severe
Florida-based healthcare system Broward Health has disclosed a data breach affecting 1,357,879 individuals after an intruder gained unauthorized access to the hospital’s network and patient data. The organization discovered the breach four days after the initial intrusion and immediately notified the FBI and the US Department of Justice. Broward Health contracted a third-party cybersecurity expert to help with the investigations.
Risk to Business: 2.419=Severe
The exposed personal data for patients and former patients at Broward health may include Social Security numbers, bank or financial account information, driver’s license numbers, names, addresses, telephone numbers and hospital payment account information. Protected health information including medical information like care history, condition, treatment and diagnosis records may also have been exposed.
How It Could Affect Your Business: Medical data is always a win for cybercriminals and losing it is an expensive nightmare for hospitals once regulators are finished with them.
D.W. Morgan
https://www.websiteplanet.com/blog/dwmorgan-leak-report/Exploit: Hacking
D.W. Morgan: Logistics and Supply Chain Management
Risk to Business: 1.717= Severe
Researchers at Website Planet uncovered a data breach at D.W. Morgan because of a misconfigured AW3 bucket. The exposed data included more than 2.5 million files equating to over 100GB of data related to D.W. Morgan’s clients and their shipments from 2013 to late 2021. Some files also included sensitive client data and employee PII. Website Planet revealed that records pertaining to deliveries for clients including Cisco, and Life Technologies was also exposed in files.
Customers Impacted: Unknown
How It Could Affect Your Business: Service providers like this are goldmines for cybercriminals, amping up supply chain risk for everyone.
Ravkoo
https://www.bleepingcomputer.com/news/security/us-online-pharmacy-ravkoo-links-data-breach-to-aws-portal-incident/Exploit: Hacking
Ravkoo: Pharmacy
Risk to Business: 1.719 = Severe
US-based online pharmacy Ravkoo has disclosed a data breach. The company disclosed that its AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed by unauthorized parties, resulting in the potential compromise of customers’ prescription and health information.
Customers Impacted: Unknown
How it Could Affect Your Business: Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.
FlexBooker
https://www.bleepingcomputer.com/news/security/flexbooker-discloses-data-breach-over-37-million-accounts-impacted/Exploit: Hacking
FlexBooker: Scheduling Platform
Risk to Business: 1.806=Moderate
FlexBooker experienced an attack before the holidays that resulted in the theft of more than three million user records. The platform is used for scheduling and employee calendar management by small businesses like doctor’s offices, real estate companies, service sector businesses and similar companies. Bleeping Computer reports that a group calling themselves Uawrongteam, has claimed responsibility, providing links to archives and files with sensitive information, such as photos, driver’s licenses, and other IDs as proof.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.
France – Inetum Group
https://www.bleepingcomputer.com/news/security/global-it-services-provider-inetum-hit-by-ransomware-attack/Exploit: Ransomware
Inetum Group: IT Services Provider
Risk to Business: 1.991 = Severe
Over the winter holidays, French IT services company Inetum Group was hit by a ransomware attack that impacted its business and its customers. The company was quick to reassure clients that none of the main infrastructures, communication, collaboration tools or delivery operations for Inetum clients has been affected. Inetum Group has notified authorities about the attack and is collaborating with specialized cybercrime units. A third party investigation is underway. Inetum provides IT services for clients in myriad industries in 26 countries.
Customers Impacted: Unknown
How it Could Affect Your Business: IT services companies are juicy targets for crooks who may be able to parlay a successful attack on them into an intrusion on one of their clients.
Switzerland – CPH Chemie + Papier
https://www.hackread.com/german-audio-tech-sennheiser-expose-customers-data/
Exploit: MalwareCPH Chemie + Papier: Industrial Packaging. Paper and Chemicals
Risk to Business: 1.806 = Severe
Swiss company CPH Chemie + Papier has announced that it was hit with a cyberattack that has impacted its IT systems and some production facilities. Production in the paper and packaging operations in Perlen LU and Müllheim, Germany was halted briefly but the company’s chemical operations were unaffected. Malware is suspected to be the culprit. Investigation and recovery efforts are underway.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware isn’t the only malware on the block. Other types of malware also pack a nasty punch that can devastate businesses.
Singapore – OG Department Stores
https://www.straitstimes.com/singapore/consumer/personal-data-of-og-department-store-customers-leakedExploit: Hacking
OG Department Stores: Retailer
Risk to Business: 2.721 = Moderate
OG Department Stores has announced that they’ve experienced a breach that has exposed customers’ personal data. The company said that the incident affected members who are in either the basic or gold membership tiers. OG said it has reported the matter to the police and other relevant authorities, including the Personal Data Protection Commission (PDPC) and the Cyber Security Agency of Singapore (CSA).
Risk to Business: 2.775 = Moderate
Customer data that may have been compromised includes the names, mailing addresses, email addresses, mobile numbers, genders and dates of birth. Encrypted data including NRIC numbers and passwords may also have been snatched.
How it Could Affect Your Business: Personal data is always a winner for cybercriminals who are looking to make a quick profit in the booming dark web data markets.
FinalSite
https://thejournal.com/articles/2022/01/07/thousands-of-schools-affected-by-ransomware-attack-on-website-provider-finalsite.aspxExploit: Ransomware
FinalSite: Education Technology Provider
Risk to Business: 1.227=Extreme
School website services provider FinalSite has suffered a ransomware attack that disrupted access to websites for thousands of schools worldwide. FinalSite provides solutions for over 8,000 K – 12 schools and universities in 115 countries. school districts that hosted their websites with FinalSite found that they were no longer reachable or were displaying errors. Bleeping Computer reports that in addition to the website outages the attack prevented schools from sending closure notifications due to weather or COVID-19. FinalSite says that approximately 5,000 school websites went offline as a result of the ransomware attack and no data was stolen. An investigation is ongoing.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses.
Broward Health
https://www.techtimes.com/articles/270004/20220103/hospital-data-breach-personal-info-1-3-million-patients-staff-data-breach.htmExploit: Hacking
Broward Health: Hospital System
Risk to Business: 2.223 =Severe
Florida-based healthcare system Broward Health has disclosed a data breach affecting 1,357,879 individuals after an intruder gained unauthorized access to the hospital’s network and patient data. The organization discovered the breach four days after the initial intrusion and immediately notified the FBI and the US Department of Justice. Broward Health contracted a third-party cybersecurity expert to help with the investigations.
Risk to Business: 2.419=Severe
The exposed personal data for patients and former patients at Broward health may include Social Security numbers, bank or financial account information, driver’s license numbers, names, addresses, telephone numbers and hospital payment account information. Protected health information including medical information like care history, condition, treatment and diagnosis records may also have been exposed.
How It Could Affect Your Business: Medical data is always a win for cybercriminals and losing it is an expensive nightmare for hospitals once regulators are finished with them.
D.W. Morgan
https://www.websiteplanet.com/blog/dwmorgan-leak-report/Exploit: Hacking
D.W. Morgan: Logistics and Supply Chain Management
Risk to Business: 1.717= Severe
Researchers at Website Planet uncovered a data breach at D.W. Morgan because of a misconfigured AW3 bucket. The exposed data included more than 2.5 million files equating to over 100GB of data related to D.W. Morgan’s clients and their shipments from 2013 to late 2021. Some files also included sensitive client data and employee PII. Website Planet revealed that records pertaining to deliveries for clients including Cisco, and Life Technologies was also exposed in files.
Customers Impacted: Unknown
How It Could Affect Your Business: Service providers like this are goldmines for cybercriminals, amping up supply chain risk for everyone.
Ravkoo
https://www.bleepingcomputer.com/news/security/us-online-pharmacy-ravkoo-links-data-breach-to-aws-portal-incident/Exploit: Hacking
Ravkoo: Pharmacy
Risk to Business: 1.719 = Severe
US-based online pharmacy Ravkoo has disclosed a data breach. The company disclosed that its AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed by unauthorized parties, resulting in the potential compromise of customers’ prescription and health information.
Customers Impacted: Unknown
How it Could Affect Your Business: Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.
FlexBooker
https://www.bleepingcomputer.com/news/security/flexbooker-discloses-data-breach-over-37-million-accounts-impacted/Exploit: Hacking
FlexBooker: Scheduling Platform
Risk to Business: 1.806=Moderate
FlexBooker experienced an attack before the holidays that resulted in the theft of more than three million user records. The platform is used for scheduling and employee calendar management by small businesses like doctor’s offices, real estate companies, service sector businesses and similar companies. Bleeping Computer reports that a group calling themselves Uawrongteam, has claimed responsibility, providing links to archives and files with sensitive information, such as photos, driver’s licenses, and other IDs as proof.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.
France – Inetum Group
https://www.bleepingcomputer.com/news/security/global-it-services-provider-inetum-hit-by-ransomware-attack/Exploit: Ransomware
Inetum Group: IT Services Provider
Risk to Business: 1.991 = Severe
Over the winter holidays, French IT services company Inetum Group was hit by a ransomware attack that impacted its business and its customers. The company was quick to reassure clients that none of the main infrastructures, communication, collaboration tools or delivery operations for Inetum clients has been affected. Inetum Group has notified authorities about the attack and is collaborating with specialized cybercrime units. A third party investigation is underway. Inetum provides IT services for clients in myriad industries in 26 countries.
Customers Impacted: Unknown
How it Could Affect Your Business: IT services companies are juicy targets for crooks who may be able to parlay a successful attack on them into an intrusion on one of their clients.
Switzerland – CPH Chemie + Papier
https://www.hackread.com/german-audio-tech-sennheiser-expose-customers-data/
Exploit: MalwareCPH Chemie + Papier: Industrial Packaging. Paper and Chemicals
Risk to Business: 1.806 = Severe
Swiss company CPH Chemie + Papier has announced that it was hit with a cyberattack that has impacted its IT systems and some production facilities. Production in the paper and packaging operations in Perlen LU and Müllheim, Germany was halted briefly but the company’s chemical operations were unaffected. Malware is suspected to be the culprit. Investigation and recovery efforts are underway.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware isn’t the only malware on the block. Other types of malware also pack a nasty punch that can devastate businesses.
Singapore – OG Department Stores
https://www.straitstimes.com/singapore/consumer/personal-data-of-og-department-store-customers-leakedExploit: Hacking
OG Department Stores: Retailer
Risk to Business: 2.721 = Moderate
OG Department Stores has announced that they’ve experienced a breach that has exposed customers’ personal data. The company said that the incident affected members who are in either the basic or gold membership tiers. OG said it has reported the matter to the police and other relevant authorities, including the Personal Data Protection Commission (PDPC) and the Cyber Security Agency of Singapore (CSA).
Risk to Business: 2.775 = Moderate
Customer data that may have been compromised includes the names, mailing addresses, email addresses, mobile numbers, genders and dates of birth. Encrypted data including NRIC numbers and passwords may also have been snatched.
How it Could Affect Your Business: Personal data is always a winner for cybercriminals who are looking to make a quick profit in the booming dark web data markets.
Why Your Business Needs a Data Security Policy
Today, the competitive business environment is data-driven. Data provides key insights into your customers and business performance that helps you make better decisions and improve processes. However, the sudden influx of employees working remotely exposes your organization’s information to several security threats.
According to the FBI, cybersecurity complaints increased from 1,000 to 4,000 complaints daily during the COVID-19 pandemic.[i] The growing number of data breaches only validates that data security should be a top priority.
Data Security Versus Data Privacy
A well-crafted data security policy is critical to protecting your organization’s data from unauthorized access. It is important to understand the difference between data security and data privacy to develop a clearly defined data security policy. Data security is the process of securing sensitive information, such as company and customer data, from unauthorized access and exploitation. On the other hand, data privacy, also known as information privacy, is the process of managing how information is collected, used, stored and disseminated by an organization.
Risks and Consequences of Not Having a Data Security Policy
Despite the growing number of data breaches, most small and midsized businesses do not have well-established data security policies. The lack of a data security program opens the door to a wide variety of security risks, such as data theft, data tampering and unauthorized access to sensitive information. The impact of a single data breach can be much more devastating and result in huge financial loss. It can also have the following serious consequences:
Damage Brand Reputation: A security breach can tarnish your brand’s image and drive away potential customers. Your customers will lose trust and confidence in your company.
Disrupt Business Operations: The period of downtime from the moment a security incident occurs, right up to restoration, significantly affects business operations, leading to low productivity, revenue loss and unhappy customers.
Legal Implications: Organizations that fall victim to data breaches face serious consequences including fines, legal action and compensation to customers.
Loss of Intellectual Property: A data breach not only puts your company and customer information at risk, but you also run the risk of losing patents, blueprints and other certifications.
Proactive and Preventative Strategies to Protect Your Data
The truth is anyone can become a victim of data breaches. The costs of recovering your compromised data can be greater than taking proactive measures to prevent breaches from occurring in the first place.
Protecting your organization’s most valuable asset requires far more than an IT security program. Having a well-documented information security policy in place is an important step to protect sensitive data and minimize threats. Apart from setting up the policy, you should constantly communicate guidelines and best practices for data protection across your organization.
Understanding the Key Elements of a Data Security Policy
It is critical to identify both internal and external risks that could disrupt business operations in order to establish a robust data security policy. Here are some key elements your company’s data protection policy should include:
Data Privacy: As businesses gather massive amounts of customer information, it is extremely important to ensure confidential data records are safeguarded from prying eyes and opportunistic scammers. Having a data privacy policy in place will not only help you stay compliant with regulations but will also help prevent malicious misuse of your clients’ sensitive data.
Password Management: According to the 2020 Data Breach Investigations Report, over 80 percent of data breaches due to hacking are password-related. It is vital that you implement a strong password management policy for all users who have access to your company’s resources so as to mitigate the risks of security breaches. The policy should state the importance of periodically updating passwords, how to manage and secure passwords, and the implications of not adhering to the policies and procedures.
Internet Usage: Businesses today rely heavily on the internet for their day-to-day operations, which also makes them vulnerable to several security risks. Therefore, it’s important to have an internet usage policy to guide your employees on how to securely access the internet. Your employees should be made aware that browsing restricted sites and downloading unnecessary files are prohibited and failing to adhere to these rules can be detrimental.
Email Usage: In the 2019 Data Breach Investigations Report, 94 percent of malware was delivered through email. A carefully outlined email policy will protect your employees and organizations from threats related to malicious emails. Training programs on email etiquette will ensure corporate emails are responsibly used and confidential client-related information is secured and protected.
Company-Owned and Personal Employee Devices: The sudden shift to remote working has dramatically increased the level of security risks. Having a company-owned device policy will help in managing, monitoring and securing both the device and the information on it from unauthorized access and data theft.
As personal employee devices are used for both recreational and business purposes, it’s difficult to monitor and control personal devices, which can be easily exploited. By outlining a comprehensive information security policy, such as using up-to-date software, connecting to the network through secure VPN and immediately reporting if the device is lost or stolen, you can minimize the risks of data breaches.
Software User Agreements: Every software user should comply with the end-user license agreement. Breaching this agreement could result in lawsuits and fines. A software user agreement policy will ensure your employees are using only those software applications that are legal and approved by your company.
Reporting Security Breaches: A security incident can occur when you least expect it. Data breaches should be immediately reported to minimize negative impacts and prevent further attacks. A data breach policy will guide your employees on what actions need to be taken to manage data breaches. It will also ensure your employees follow appropriate procedures while reporting such incidents.
Conquer the Challenge of Data Policies
For any organization, data is a valuable asset that needs to be protected at all costs. Adding to the challenge are the constantly evolving and complex data privacy regulations that every business should comply with.
To find out how you can secure your data while staying compliant with regulations, contact us today.
Article curated and used by permission.
[i] https://thehill.com/policy/cybersecurity/493198-fbi-sees-spike-in-cyber-crime-reports-during-coronavirus-pandemic
Why Your Business Needs a Data Security Policy
Today, the competitive business environment is data-driven. Data provides key insights into your customers and business performance that helps you make better decisions and improve processes. However, the sudden influx of employees working remotely exposes your organization’s information to several security threats.
According to the FBI, cybersecurity complaints increased from 1,000 to 4,000 complaints daily during the COVID-19 pandemic.[i] The growing number of data breaches only validates that data security should be a top priority.
Data Security Versus Data Privacy
A well-crafted data security policy is critical to protecting your organization’s data from unauthorized access. It is important to understand the difference between data security and data privacy to develop a clearly defined data security policy. Data security is the process of securing sensitive information, such as company and customer data, from unauthorized access and exploitation. On the other hand, data privacy, also known as information privacy, is the process of managing how information is collected, used, stored and disseminated by an organization.
Risks and Consequences of Not Having a Data Security Policy
Despite the growing number of data breaches, most small and midsized businesses do not have well-established data security policies. The lack of a data security program opens the door to a wide variety of security risks, such as data theft, data tampering and unauthorized access to sensitive information. The impact of a single data breach can be much more devastating and result in huge financial loss. It can also have the following serious consequences:
Damage Brand Reputation: A security breach can tarnish your brand’s image and drive away potential customers. Your customers will lose trust and confidence in your company.
Disrupt Business Operations: The period of downtime from the moment a security incident occurs, right up to restoration, significantly affects business operations, leading to low productivity, revenue loss and unhappy customers.
Legal Implications: Organizations that fall victim to data breaches face serious consequences including fines, legal action and compensation to customers.
Loss of Intellectual Property: A data breach not only puts your company and customer information at risk, but you also run the risk of losing patents, blueprints and other certifications.
Proactive and Preventative Strategies to Protect Your Data
The truth is anyone can become a victim of data breaches. The costs of recovering your compromised data can be greater than taking proactive measures to prevent breaches from occurring in the first place.
Protecting your organization’s most valuable asset requires far more than an IT security program. Having a well-documented information security policy in place is an important step to protect sensitive data and minimize threats. Apart from setting up the policy, you should constantly communicate guidelines and best practices for data protection across your organization.
Understanding the Key Elements of a Data Security Policy
It is critical to identify both internal and external risks that could disrupt business operations in order to establish a robust data security policy. Here are some key elements your company’s data protection policy should include:
Data Privacy: As businesses gather massive amounts of customer information, it is extremely important to ensure confidential data records are safeguarded from prying eyes and opportunistic scammers. Having a data privacy policy in place will not only help you stay compliant with regulations but will also help prevent malicious misuse of your clients’ sensitive data.
Password Management: According to the 2020 Data Breach Investigations Report, over 80 percent of data breaches due to hacking are password-related. It is vital that you implement a strong password management policy for all users who have access to your company’s resources so as to mitigate the risks of security breaches. The policy should state the importance of periodically updating passwords, how to manage and secure passwords, and the implications of not adhering to the policies and procedures.
Internet Usage: Businesses today rely heavily on the internet for their day-to-day operations, which also makes them vulnerable to several security risks. Therefore, it’s important to have an internet usage policy to guide your employees on how to securely access the internet. Your employees should be made aware that browsing restricted sites and downloading unnecessary files are prohibited and failing to adhere to these rules can be detrimental.
Email Usage: In the 2019 Data Breach Investigations Report, 94 percent of malware was delivered through email. A carefully outlined email policy will protect your employees and organizations from threats related to malicious emails. Training programs on email etiquette will ensure corporate emails are responsibly used and confidential client-related information is secured and protected.
Company-Owned and Personal Employee Devices: The sudden shift to remote working has dramatically increased the level of security risks. Having a company-owned device policy will help in managing, monitoring and securing both the device and the information on it from unauthorized access and data theft.
As personal employee devices are used for both recreational and business purposes, it’s difficult to monitor and control personal devices, which can be easily exploited. By outlining a comprehensive information security policy, such as using up-to-date software, connecting to the network through secure VPN and immediately reporting if the device is lost or stolen, you can minimize the risks of data breaches.
Software User Agreements: Every software user should comply with the end-user license agreement. Breaching this agreement could result in lawsuits and fines. A software user agreement policy will ensure your employees are using only those software applications that are legal and approved by your company.
Reporting Security Breaches: A security incident can occur when you least expect it. Data breaches should be immediately reported to minimize negative impacts and prevent further attacks. A data breach policy will guide your employees on what actions need to be taken to manage data breaches. It will also ensure your employees follow appropriate procedures while reporting such incidents.
Conquer the Challenge of Data Policies For any organization, data is a valuable asset that needs to be protected at all costs. Adding to the challenge are the constantly evolving and complex data privacy regulations that every business should comply with.
To find out how you can secure your data while staying compliant with regulations, contact us today.
Article curated and used by permission. [i] https://thehill.com/policy/cybersecurity/493198-fbi-sees-spike-in-cyber-crime-reports-during-coronavirus-pandemic
Shutterfly
https://www.bleepingcomputer.com/news/security/shutterfly-services-disrupted-by-conti-ransomware-attack/Exploit: Ransomware
Shutterfly: Digital Image & Photography Services
Risk to Business: 1.876=Severe
Shutterfly has been hit with a Conti ransomware attack that allegedly encrypted over 4,000 devices and 120 VMware ESXi servers. On the Conti leak site, they offer samples of stolen Shutterfly data including legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and customer information, including the last four digits of credit cards. Shutterfly said in a statement that their Shutterfly.com, Snapfish, TinyPrints, or Spoonflower sites were not affected by the attack. However, their corporate network, Lifetouch, BorrowLenses, and Groovebook experienced service disruptions.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses as well as retail users.
Pro Wrestling Tees
https://www.bleepingcomputer.com/news/security/pro-wrestling-tees-discloses-data-breach-after-credit-cards-stolen/Exploit: Hacking (Payment Skimmer)
Pro Wrestling Tees: Merchandise & Fan Experience Platform
Risk to Business: 1.612=Severe
Pro Wrestling Tees has disclosed a data breach incident that has resulted in the compromise of the financial details of tens of thousands of its customers. In a data breach notification sent to affected individuals on December 15, 2021, Pro Wrestling Tees disclosed that it was informed by law enforcement that a small portion of its customers’ credit card numbers had been compromised in a malware infection.
Risk to Business: 1.919=Severe
The unnamed cybercriminals stole full names and credit card numbers of Pro Wrestling Tees customers who processed transactions through the platform including CVV codes. The company contends that they don’t store card info within their software and that only a small number of customers who used the checkout page were affected, although users on Reddit claim that many customers have seen fraudulent charges pile up.
How It Could Affect Your Business: Payment card skimmers and other similar malware are an occupational hazard for any company that processes online payments.
Maryland Department of Health
https://www.washingtonpost.com/dc-md-va/2021/12/05/maryland-health-department-cyberattack/Exploit: Hacking
Maryland Department of Health: State Government Agency
Risk to Business: 1.717= Severe
The Maryland Department of Health experienced a cyberattack in early December that disrupted reporting of COVID-19 cases, deaths, testing and vaccination data. Some outlets are pointing to ransomware as the culprit but that has not been confirmed and state officials offered no details of the incident. The attack also impacted reporting in Baltimore. Systems were restored and the state began reporting COVID-19 data again on January 4.
Customers Impacted: Unknown
How It Could Affect Your Business: State agencies have been high on cybercriminals’ target lists throughout 2021 because they’re likely to pay the ransom and that trend is expected to continue in 2022.
UK – Gloucester City Council
https://www.bbc.com/news/uk-england-gloucestershire-59831468Exploit: Hacking
Gloucester City Council: Municipal Government Body
Risk to Business: 1.809 = Severe
Gloucester City Council is in the process of restoring municipal services in the wake of a December 20 cyberattack. Impacted functions include the council’s online revenue and benefits sections as well as planning and customer services. City residents are also unable to access interactive online application forms for housing benefits, council tax support, test and trace support payments and discretionary housing payments. The council is working with the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) to fix the issue.
Customers Impacted: Unknown
How it Could Affect Your Business: Infrastructure targets and municipalities have been very attractive to cybercriminals looking for quick ransom payments to restore essential services.
Norway – Amedia
https://therecord.media/cyberattack-on-one-of-norways-largest-media-companies-shuts-down-presses/Exploit: Ransomware
Amedia: Media Company
Risk to Business: 1.412= Extreme
Amedia, the largest local news publisher in Norway, experienced a suspected ransomware attack last week that shut down several of its essential systems, leaving it unable to publish its 78 printed newspapers until Friday in some cases. Amedia also said that its online news operations were unaffected, but the company suspects that unspecified that personal data belonging to employees may have been accessed during the attack. Vice Society is the ransomware gang purportedly responsible for this attack.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.
Portugal – Impresa
https://www.itp.net/security/portuguese-media-group-impresa-crippled-by-ransomware-attackExploit: Ransomware
Impresa: Media Company
Risk to Business: 1.701 = Severe
Portuguese media company Impresa, the owners of the country’s largest newspaper Expresso and biggest TV channel SIC TV has been hit with a ransomware attack by the Lapsus$ ransomware group. The Impresa attack hit over the New Year holiday weekend. SIC TV’s internet streaming transmission was interrupted but broadcasts remained operational. The cybercriminals responsible also gained access to Expresso’s Twitter account, announcing their success with a pinned tweet: “Lapsus$ is officially the new president of Portugal”.
Customers Impacted: Unknown
How it Could Affect Your Business: Multiple media companies were hit this week, a reminder that cybercriminals sometimes set their sights on many targets in one industry at the same time.
Germany – Sennheiser
https://www.hackread.com/german-audio-tech-sennheiser-expose-customers-data/
Exploit: MisconfigurationSennheiser: Audio Equipment Manufacturer
Risk to Business: 1.688 = Severe
Leading German audio equipment manufacturer, Sennheiser is in hot water after it misconfigured an Amazon Web Services (AWS) server. The unsecured server stored around 55GB of information on over 28,000 Sennheiser customers. The database contained data on customers that was collected between 2015-2018. The exposed AWS server was secured by Sennheiser quickly upon discovery.
Customers Impacted: Unknown
How it Could Affect Your Business: Simple cybersecurity blunders and employee carelessness can create complicated and expensive security incidents.
Ghana – National Service Secretariate (NSS)
https://www.zdnet.com/article/nsw-government-casual-recruiter-suffers-ransomware-hit/Exploit: Misconfiguration
National Service Secretariate (NSS): National Government Agency
Risk to Business: 1.883 = Severe
Ghana’s National Service Secretariate (NSS) exposed 55GB worth of citizens’ data in a misconfigured AWS S3 bucket. The foul-up exposed 55GB of data on up to 700,000 citizens. NSS is a government program that manages a compulsory year of public service for Ghana-based graduates from specific educational institutions. The Computer Emergency Response Team of Ghana (CERT-GH) is investigating the incident and handling response.
Risk to Business: 2.105 = Severe
The exposed database contained program membership cards and identity documents of the participants, including the participant’s details for the Ghana National Health Insurance Scheme and professional IDs for the candidates’ placements. The agency also stored different types of passport photos that the participants submitted in this bucket.
How it Could Affect Your Business: Any entity that is storing large amounts of sensitive data needs to make sure that they have taken reasonable precautions to protect it.
Shutterfly
https://www.bleepingcomputer.com/news/security/shutterfly-services-disrupted-by-conti-ransomware-attack/Exploit: Ransomware
Shutterfly: Digital Image & Photography Services
Risk to Business: 1.876=Severe
Shutterfly has been hit with a Conti ransomware attack that allegedly encrypted over 4,000 devices and 120 VMware ESXi servers. On the Conti leak site, they offer samples of stolen Shutterfly data including legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and customer information, including the last four digits of credit cards. Shutterfly said in a statement that their Shutterfly.com, Snapfish, TinyPrints, or Spoonflower sites were not affected by the attack. However, their corporate network, Lifetouch, BorrowLenses, and Groovebook experienced service disruptions.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses as well as retail users.
Pro Wrestling Tees
https://www.bleepingcomputer.com/news/security/pro-wrestling-tees-discloses-data-breach-after-credit-cards-stolen/Exploit: Hacking (Payment Skimmer)
Pro Wrestling Tees: Merchandise & Fan Experience Platform
Risk to Business: 1.612=Severe
Pro Wrestling Tees has disclosed a data breach incident that has resulted in the compromise of the financial details of tens of thousands of its customers. In a data breach notification sent to affected individuals on December 15, 2021, Pro Wrestling Tees disclosed that it was informed by law enforcement that a small portion of its customers’ credit card numbers had been compromised in a malware infection.
Risk to Business: 1.919=Severe
The unnamed cybercriminals stole full names and credit card numbers of Pro Wrestling Tees customers who processed transactions through the platform including CVV codes. The company contends that they don’t store card info within their software and that only a small number of customers who used the checkout page were affected, although users on Reddit claim that many customers have seen fraudulent charges pile up.
How It Could Affect Your Business: Payment card skimmers and other similar malware are an occupational hazard for any company that processes online payments.
Maryland Department of Health
https://www.washingtonpost.com/dc-md-va/2021/12/05/maryland-health-department-cyberattack/Exploit: Hacking
Maryland Department of Health: State Government Agency
Risk to Business: 1.717= Severe
The Maryland Department of Health experienced a cyberattack in early December that disrupted reporting of COVID-19 cases, deaths, testing and vaccination data. Some outlets are pointing to ransomware as the culprit but that has not been confirmed and state officials offered no details of the incident. The attack also impacted reporting in Baltimore. Systems were restored and the state began reporting COVID-19 data again on January 4.
Customers Impacted: Unknown
How It Could Affect Your Business: State agencies have been high on cybercriminals’ target lists throughout 2021 because they’re likely to pay the ransom and that trend is expected to continue in 2022.
UK – Gloucester City Council
https://www.bbc.com/news/uk-england-gloucestershire-59831468Exploit: Hacking
Gloucester City Council: Municipal Government Body
Risk to Business: 1.809 = Severe
Gloucester City Council is in the process of restoring municipal services in the wake of a December 20 cyberattack. Impacted functions include the council’s online revenue and benefits sections as well as planning and customer services. City residents are also unable to access interactive online application forms for housing benefits, council tax support, test and trace support payments and discretionary housing payments. The council is working with the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) to fix the issue.
Customers Impacted: Unknown
How it Could Affect Your Business: Infrastructure targets and municipalities have been very attractive to cybercriminals looking for quick ransom payments to restore essential services.
Norway – Amedia
https://therecord.media/cyberattack-on-one-of-norways-largest-media-companies-shuts-down-presses/Exploit: Ransomware
Amedia: Media Company
Risk to Business: 1.412= Extreme
Amedia, the largest local news publisher in Norway, experienced a suspected ransomware attack last week that shut down several of its essential systems, leaving it unable to publish its 78 printed newspapers until Friday in some cases. Amedia also said that its online news operations were unaffected, but the company suspects that unspecified that personal data belonging to employees may have been accessed during the attack. Vice Society is the ransomware gang purportedly responsible for this attack.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.
Portugal – Impresa
https://www.itp.net/security/portuguese-media-group-impresa-crippled-by-ransomware-attackExploit: Ransomware
Impresa: Media Company
Risk to Business: 1.701 = Severe
Portuguese media company Impresa, the owners of the country’s largest newspaper Expresso and biggest TV channel SIC TV has been hit with a ransomware attack by the Lapsus$ ransomware group. The Impresa attack hit over the New Year holiday weekend. SIC TV’s internet streaming transmission was interrupted but broadcasts remained operational. The cybercriminals responsible also gained access to Expresso’s Twitter account, announcing their success with a pinned tweet: “Lapsus$ is officially the new president of Portugal”.
Customers Impacted: Unknown
How it Could Affect Your Business: Multiple media companies were hit this week, a reminder that cybercriminals sometimes set their sights on many targets in one industry at the same time.
Germany – Sennheiser
https://www.hackread.com/german-audio-tech-sennheiser-expose-customers-data/
Exploit: MisconfigurationSennheiser: Audio Equipment Manufacturer
Risk to Business: 1.688 = Severe
Leading German audio equipment manufacturer, Sennheiser is in hot water after it misconfigured an Amazon Web Services (AWS) server. The unsecured server stored around 55GB of information on over 28,000 Sennheiser customers. The database contained data on customers that was collected between 2015-2018. The exposed AWS server was secured by Sennheiser quickly upon discovery.
Customers Impacted: Unknown
How it Could Affect Your Business: Simple cybersecurity blunders and employee carelessness can create complicated and expensive security incidents.
Ghana – National Service Secretariate (NSS)
https://www.zdnet.com/article/nsw-government-casual-recruiter-suffers-ransomware-hit/Exploit: Misconfiguration
National Service Secretariate (NSS): National Government Agency
Risk to Business: 1.883 = Severe
Ghana’s National Service Secretariate (NSS) exposed 55GB worth of citizens’ data in a misconfigured AWS S3 bucket. The foul-up exposed 55GB of data on up to 700,000 citizens. NSS is a government program that manages a compulsory year of public service for Ghana-based graduates from specific educational institutions. The Computer Emergency Response Team of Ghana (CERT-GH) is investigating the incident and handling response.
Risk to Business: 2.105 = Severe
The exposed database contained program membership cards and identity documents of the participants, including the participant’s details for the Ghana National Health Insurance Scheme and professional IDs for the candidates’ placements. The agency also stored different types of passport photos that the participants submitted in this bucket.
How it Could Affect Your Business: Any entity that is storing large amounts of sensitive data needs to make sure that they have taken reasonable precautions to protect it.
Phishing is a social engineering attack used to obtain sensitive information, such as login credentials and payment details, from users. It happens when an attacker, posing as a trusted source, dupes a victim into clicking on a malicious link or downloading a spam file sent over email, text messages, phone calls or social media. If you fall into this trap, you could end up with malware, system slowdowns and sensitive data loss, among other things.
The term phishing is one of the most reviled in today’s digital landscape and is a significant concern for executives. It's no surprise that the word is frowned upon when the attack vector is responsible for more than 20% of data breaches.*
These attacks can be severely damaging for people and businesses. While individuals are affected by illicit purchases, financial fraud or identity theft, a company that is the victim of such an attack, in most cases, suffers severe financial losses as well as a loss of market share, reputation and stakeholder trust.
An unfortunate reality regarding phishing is that the attack vector is becoming more sophisticated and frequent with each passing day.
Why phishing attacks are becoming more frequent
Threat actors have recently targeted businesses via the website contact form, pretending to be legal authorities, saying that the company is not complying with the law and asking the organization to download a "report."
To avoid falling victim to phishing, all small and midsize businesses (SMBs) must be constantly vigilant. To keep your business safe, you must:
Trying to guard against phishing on your own takes a lot of effort and resources, especially if you're running a business. Collaborating with an expert like us relieves you of additional concern and responsibility. Contact us today to set up a consultation and we'll handle the heavy lifting for you.
The term phishing is one of the most reviled in today’s digital landscape and is a significant concern for executives. It's no surprise that the word is frowned upon when the attack vector is responsible for more than 20% of data breaches.*
These attacks can be severely damaging for people and businesses. While individuals are affected by illicit purchases, financial fraud or identity theft, a company that is the victim of such an attack, in most cases, suffers severe financial losses as well as a loss of market share, reputation and stakeholder trust.
An unfortunate reality regarding phishing is that the attack vector is becoming more sophisticated and frequent with each passing day.
Why phishing attacks are becoming more frequent
Remote/hybrid workforce
Organizational oversights
Constantly evolving cybercriminals
Threat actors have recently targeted businesses via the website contact form, pretending to be legal authorities, saying that the company is not complying with the law and asking the organization to download a "report."
Cheap phishing tools
How can businesses stay safe?
To avoid falling victim to phishing, all small and midsize businesses (SMBs) must be constantly vigilant. To keep your business safe, you must:
- Facilitate regular security awareness training to ensure that everyone is on the same page and that employees strictly adhere to relevant security requirements.
- Ensure that your IT infrastructure is up to date so that hackers cannot exploit unpatched/non-updated systems.
- Enforce strong password policies and create a system that prohibits anyone from evading them.
- Try and isolate vital infrastructure components as much as possible, so that everything doesn't collapse like a house of cards after a breach.
- Conduct mock phishing drills to get data on your employees' degree of alertness.
- Deploy an automated phishing detection solution that is powered by artificial intelligence.
Trying to guard against phishing on your own takes a lot of effort and resources, especially if you're running a business. Collaborating with an expert like us relieves you of additional concern and responsibility. Contact us today to set up a consultation and we'll handle the heavy lifting for you.
Source:
*Verizon DBIR
Phishing is a social engineering attack used to obtain sensitive information, such as login credentials and payment details, from users. It happens when an attacker, posing as a trusted source, dupes a victim into clicking on a malicious link or downloading a spam file sent over email, text messages, phone calls or social media. If you fall into this trap, you could end up with malware, system slowdowns and sensitive data loss, among other things.
The term phishing is one of the most reviled in today’s digital landscape and is a significant concern for executives. It's no surprise that the word is frowned upon when the attack vector is responsible for more than 20% of data breaches.*
These attacks can be severely damaging for people and businesses. While individuals are affected by illicit purchases, financial fraud or identity theft, a company that is the victim of such an attack, in most cases, suffers severe financial losses as well as a loss of market share, reputation and stakeholder trust.
An unfortunate reality regarding phishing is that the attack vector is becoming more sophisticated and frequent with each passing day.
Why phishing attacks are becoming more frequent
Threat actors have recently targeted businesses via the website contact form, pretending to be legal authorities, saying that the company is not complying with the law and asking the organization to download a "report."
To avoid falling victim to phishing, all small and midsize businesses (SMBs) must be constantly vigilant. To keep your business safe, you must:
Trying to guard against phishing on your own takes a lot of effort and resources, especially if you're running a business. Collaborating with an expert like us relieves you of additional concern and responsibility. Contact us today to set up a consultation and we'll handle the heavy lifting for you.
The term phishing is one of the most reviled in today’s digital landscape and is a significant concern for executives. It's no surprise that the word is frowned upon when the attack vector is responsible for more than 20% of data breaches.*
These attacks can be severely damaging for people and businesses. While individuals are affected by illicit purchases, financial fraud or identity theft, a company that is the victim of such an attack, in most cases, suffers severe financial losses as well as a loss of market share, reputation and stakeholder trust.
An unfortunate reality regarding phishing is that the attack vector is becoming more sophisticated and frequent with each passing day.
Why phishing attacks are becoming more frequent
Remote/hybrid workforce
Organizational oversights
Constantly evolving cybercriminals
Threat actors have recently targeted businesses via the website contact form, pretending to be legal authorities, saying that the company is not complying with the law and asking the organization to download a "report."
Cheap phishing tools
How can businesses stay safe?
To avoid falling victim to phishing, all small and midsize businesses (SMBs) must be constantly vigilant. To keep your business safe, you must:
- Facilitate regular security awareness training to ensure that everyone is on the same page and that employees strictly adhere to relevant security requirements.
- Ensure that your IT infrastructure is up to date so that hackers cannot exploit unpatched/non-updated systems.
- Enforce strong password policies and create a system that prohibits anyone from evading them.
- Try and isolate vital infrastructure components as much as possible, so that everything doesn't collapse like a house of cards after a breach.
- Conduct mock phishing drills to get data on your employees' degree of alertness.
- Deploy an automated phishing detection solution that is powered by artificial intelligence.
Trying to guard against phishing on your own takes a lot of effort and resources, especially if you're running a business. Collaborating with an expert like us relieves you of additional concern and responsibility. Contact us today to set up a consultation and we'll handle the heavy lifting for you.
Source:
*Verizon DBIR
Virginia Museum of Fine Arts
https://www.securityweek.com/virginia-museum-shuts-down-website-amid-it-breachExploit: Ransomware
Virginia Museum of Fine Arts: Art Museum
Risk to Business: 2.822=Moderate
A system security breach prompted the Virginia Museum of Fine Arts to shut down its website for a state investigation in late November 2021. The museum, an independent agency of the state, said the Virginia Information Technologies Agency detected an intrusion by an unauthorized third party to the museum’s environment in late November. An investigation is underway, and a temporary website has been established.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector including non-profits and cultural institutions.
McMenamins
https://www.kgw.com/article/news/local/mcmenamins-ransomware-attack/283-dc039d56-cf82-4f06-8862-c2f6223e3893Exploit: Ransomware
McMenamins: Hotel and Restaurant Chain
Risk to Business: 1.612=Severe
Family-owned hotel and restaurant chain McMenamins received an unwelcome holiday gift: ransomware. The company says that it has had to shut down credit card point-of-sale systems and corporate email but can still serve customers. The Conti ransomware group is thought to be responsible but the group has not claimed responsibility. The popular chain of restaurants, pubs, breweries and hotels is located in the Pacific Northwest: specifically, Washington and Oregon. The company has announced that it is working with the FBI and a third-party cybersecurity firm to investigate the attack.
Customers Impacted: Unknown
How It Could Affect Your Business: Companies that may be holding financial data and PII for clients will be attractive targets for ransomware groups.
The Oregon Anesthesiology Group (OAG)
https://www.zdnet.com/article/oregon-medical-group-notifies-patients-of-cybersecurity-breach-says-fbi-seized-hellokitty-accounts/Exploit: Ransomware
The Oregon Anesthesiology Group (OAG): Medical Care Provider
Risk to Business: 1.717= Severe
The Oregon Anesthesiology Group (OAG) disclosed that a ransomware attack in July led to the breach of sensitive employee and patient information. The company said it was contacted by the FBI on October 21 and informed that the Bureau had seized an account that contained OAG patient and employee files from Ukrainian ransomware group HelloKitty. The FBI also told OAG that the Bureau believes the group exploited a vulnerability in OAG’s third-party firewall to gain entry to its network.
Risk to Business: 1.802=Severe
The information of 750,000 patients and 522 current and former OAG employees was impacted in this incident. Patient information potentially involved in this incident included names, addresses, date(s) of service, diagnosis and procedure codes with descriptions, medical record numbers, insurance provider names, and insurance ID numbers. Cybercriminals also potentially accessed current and former OAG employee data, including names, addresses, Social Security numbers and other details from W-2 forms. OAG will provide victims of the incident 12 months of Experian identity protection services and credit monitoring.
How It Could Affect Your Business: Medical centers and providers can have big scores of data that are attractive to cybercriminals.
Superior Plus
https://www.darkreading.com/attacks-breaches/propane-distributor-hit-with-ransomwareExploit: Ransomware
Superior Plus: Propane Distributor
Risk to Business: 2.229 = Severe
Canadian propane distributor Superior Plus has fallen victim to a ransomware attack. The company announced that it was subject to a ransomware incident on Sunday, December 12, 2021, which impacted its computer system, resulting in the company temporarily disabling some computer systems and applications as it investigates this incident. The company is in the process of bringing these systems back online. The statement goes on to say that it has no evidence that the safety or security of any customer or other personal data has been compromised. Superior Plus supplies propane gas to more than 780,000 customers in the US and Canada, a hot commodity during the winter season.
Customers Impacted:
How it Could Affect Your Business: Infrastructure targets have been very attractive to cybercriminals looking for quick ransom payments to restore essential services.
Brazil – Ministry of Health (MoH)
https://www.zdnet.com/article/brazilian-ministry-of-health-hit-by-second-cyberattack-in-less-than-a-week/Exploit: Ransomware
Ministry of Health (MoH) – National Government Agency
Risk to Business: 1.107= Extreme
Brazil’s Ministry of Health (MoH) suffered not one but two ransomware attacks in the last week, seriously impacting its operations. The agency was still in the process of recovering from a ransomware attack on 12/10 when they were hit again on 12/13. In the initial attack, all of MoH’s websites, including ConecteSUS, which tracks the trajectory of citizens in the public healthcare system, became unavailable. This includes the COVID-19 digital vaccination certificate, which is available via the ConecteSUS app. The Lapsus$ Group has claimed responsibility for the first attack, claiming that it has stolen some 50TB worth of data. The department was quick to assure the public that it has the relevant data backed up. The second attack set recovery back, preventing Brazil’s platform that issues COVID-19 vaccine certificates, ConecteSUS , from coming back online as scheduled. Ministry officials said that the second attack had been unsuccessful and that no data had been compromised in that incident, but it had affected that timeline for recovery. The National Data Protection Authority (ANPD) is also working on the case and has contacted the Institutional Security Office and the Federal Police to collaborate with the investigations.
Customers Impacted: Unknown
How it Could Affect Your Business: Getting hit with multiple attacks in a short period of time could be a death blow to many organizations.
Ireland – Coombe Hospital
Exploit: HackingCoombe Hospital: Medical Center
Risk to Business: 2.711 = Moderate
The Coombe Hospital announced that it has been hit by a ransomware attack that has impacted its IT systems. The hospital stated that it had isolated and locked down its IT services on a precautionary basis. The maternity and infants’ hospital said that services are continuing as normal and no disruptions to patient care are expected. The HSE is assessing whether this will have a broader impact on the health service.
Customers Impacted: Unknown
How it Could Affect Your Business: Targets in the medical sector have been getting absolutely pounded by ransomware since the start of the global pandemic.
Greece – VulcanForged
https://www.vice.com/en/article/4awxep/hackers-steal-dollar140-million-from-users-of-crypto-gaming-companyExploit: Ransomware
VulcanForged: Cryptocurrency Gaming Company
Risk to Business: 1.7684 = Severe
Hackers stole around $135 million from users of the blockchain gaming company VulcanForge. Blockchain games appear chiefly designed as vehicles to buy and sell in-game items linked to NFTs using PYR. VulcanForge creates games such as VulcanVerse, which it describes as an MMORPG and an online card game called Berserk. Hackers stole the private keys to access 96 wallets, siphoning off 4.5 million PYR, VulcanForge’s token that can be used across its ecosystem, with an estimate $135 million in value.
Customers Impacted: Unknown
How it Could Affect Your Business: Any operation that handles or stores cryptocurrency is at a very high risk for trouble. This is the third cryptocurrency outfit to be hit by hackers this month
Australia – Finite Recruitment
https://www.zdnet.com/article/nsw-government-casual-recruiter-suffers-ransomware-hit/Exploit: Ransomware
Finite Recruitment: Staffing Firm
Risk to Business: 2.223 = Severe
IT recruitment firm Finite Recruitment has confirmed it experienced a cyberattack in October 2021 that resulted in some of the company’s data getting stolen and published on the dark web. The Conti ransomware group listed Finite Recruitment as a victim on its dark web leak site, claiming to have acquired 300GB of the company’s data. Finite Recruitment services several NSW government agencies as well as private clients.
Risk to Business: 2.015 = Severe
An estimated 38,000 employees and up to 80,000 government employees may have had their data exposed and that data may include financial data, contracts, customer databases with phone numbers and addresses, contracts with employees’ passport details, phone numbers, mail correspondence, and other information.
How it Could Affect Your Business: Cybercriminals are always on the hunt for big troves of personal and financial information and companes that store it are at a high risk for ransomware.
Virginia Museum of Fine Arts
https://www.securityweek.com/virginia-museum-shuts-down-website-amid-it-breachExploit: Ransomware
Virginia Museum of Fine Arts: Art Museum
Risk to Business: 2.822=Moderate
A system security breach prompted the Virginia Museum of Fine Arts to shut down its website for a state investigation in late November 2021. The museum, an independent agency of the state, said the Virginia Information Technologies Agency detected an intrusion by an unauthorized third party to the museum’s environment in late November. An investigation is underway, and a temporary website has been established.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector including non-profits and cultural institutions.
McMenamins
https://www.kgw.com/article/news/local/mcmenamins-ransomware-attack/283-dc039d56-cf82-4f06-8862-c2f6223e3893Exploit: Ransomware
McMenamins: Hotel and Restaurant Chain
Risk to Business: 1.612=Severe
Family-owned hotel and restaurant chain McMenamins received an unwelcome holiday gift: ransomware. The company says that it has had to shut down credit card point-of-sale systems and corporate email but can still serve customers. The Conti ransomware group is thought to be responsible but the group has not claimed responsibility. The popular chain of restaurants, pubs, breweries and hotels is located in the Pacific Northwest: specifically, Washington and Oregon. The company has announced that it is working with the FBI and a third-party cybersecurity firm to investigate the attack.
Customers Impacted: Unknown
How It Could Affect Your Business: Companies that may be holding financial data and PII for clients will be attractive targets for ransomware groups.
The Oregon Anesthesiology Group (OAG)
https://www.zdnet.com/article/oregon-medical-group-notifies-patients-of-cybersecurity-breach-says-fbi-seized-hellokitty-accounts/Exploit: Ransomware
The Oregon Anesthesiology Group (OAG): Medical Care Provider
Risk to Business: 1.717= Severe
The Oregon Anesthesiology Group (OAG) disclosed that a ransomware attack in July led to the breach of sensitive employee and patient information. The company said it was contacted by the FBI on October 21 and informed that the Bureau had seized an account that contained OAG patient and employee files from Ukrainian ransomware group HelloKitty. The FBI also told OAG that the Bureau believes the group exploited a vulnerability in OAG’s third-party firewall to gain entry to its network.
Risk to Business: 1.802=Severe
The information of 750,000 patients and 522 current and former OAG employees was impacted in this incident. Patient information potentially involved in this incident included names, addresses, date(s) of service, diagnosis and procedure codes with descriptions, medical record numbers, insurance provider names, and insurance ID numbers. Cybercriminals also potentially accessed current and former OAG employee data, including names, addresses, Social Security numbers and other details from W-2 forms. OAG will provide victims of the incident 12 months of Experian identity protection services and credit monitoring.
How It Could Affect Your Business: Medical centers and providers can have big scores of data that are attractive to cybercriminals.
Superior Plus
https://www.darkreading.com/attacks-breaches/propane-distributor-hit-with-ransomwareExploit: Ransomware
Superior Plus: Propane Distributor
Risk to Business: 2.229 = Severe
Canadian propane distributor Superior Plus has fallen victim to a ransomware attack. The company announced that it was subject to a ransomware incident on Sunday, December 12, 2021, which impacted its computer system, resulting in the company temporarily disabling some computer systems and applications as it investigates this incident. The company is in the process of bringing these systems back online. The statement goes on to say that it has no evidence that the safety or security of any customer or other personal data has been compromised. Superior Plus supplies propane gas to more than 780,000 customers in the US and Canada, a hot commodity during the winter season.
Customers Impacted:
How it Could Affect Your Business: Infrastructure targets have been very attractive to cybercriminals looking for quick ransom payments to restore essential services.
Brazil – Ministry of Health (MoH)
https://www.zdnet.com/article/brazilian-ministry-of-health-hit-by-second-cyberattack-in-less-than-a-week/Exploit: Ransomware
Ministry of Health (MoH) – National Government Agency
Risk to Business: 1.107= Extreme
Brazil’s Ministry of Health (MoH) suffered not one but two ransomware attacks in the last week, seriously impacting its operations. The agency was still in the process of recovering from a ransomware attack on 12/10 when they were hit again on 12/13. In the initial attack, all of MoH’s websites, including ConecteSUS, which tracks the trajectory of citizens in the public healthcare system, became unavailable. This includes the COVID-19 digital vaccination certificate, which is available via the ConecteSUS app. The Lapsus$ Group has claimed responsibility for the first attack, claiming that it has stolen some 50TB worth of data. The department was quick to assure the public that it has the relevant data backed up. The second attack set recovery back, preventing Brazil’s platform that issues COVID-19 vaccine certificates, ConecteSUS , from coming back online as scheduled. Ministry officials said that the second attack had been unsuccessful and that no data had been compromised in that incident, but it had affected that timeline for recovery. The National Data Protection Authority (ANPD) is also working on the case and has contacted the Institutional Security Office and the Federal Police to collaborate with the investigations.
Customers Impacted: Unknown
How it Could Affect Your Business: Getting hit with multiple attacks in a short period of time could be a death blow to many organizations.
Ireland – Coombe Hospital
Exploit: HackingCoombe Hospital: Medical Center
Risk to Business: 2.711 = Moderate
The Coombe Hospital announced that it has been hit by a ransomware attack that has impacted its IT systems. The hospital stated that it had isolated and locked down its IT services on a precautionary basis. The maternity and infants’ hospital said that services are continuing as normal and no disruptions to patient care are expected. The HSE is assessing whether this will have a broader impact on the health service.
Customers Impacted: Unknown
How it Could Affect Your Business: Targets in the medical sector have been getting absolutely pounded by ransomware since the start of the global pandemic.
Greece – VulcanForged
https://www.vice.com/en/article/4awxep/hackers-steal-dollar140-million-from-users-of-crypto-gaming-companyExploit: Ransomware
VulcanForged: Cryptocurrency Gaming Company
Risk to Business: 1.7684 = Severe
Hackers stole around $135 million from users of the blockchain gaming company VulcanForge. Blockchain games appear chiefly designed as vehicles to buy and sell in-game items linked to NFTs using PYR. VulcanForge creates games such as VulcanVerse, which it describes as an MMORPG and an online card game called Berserk. Hackers stole the private keys to access 96 wallets, siphoning off 4.5 million PYR, VulcanForge’s token that can be used across its ecosystem, with an estimate $135 million in value.
Customers Impacted: Unknown
How it Could Affect Your Business: Any operation that handles or stores cryptocurrency is at a very high risk for trouble. This is the third cryptocurrency outfit to be hit by hackers this month
Australia – Finite Recruitment
https://www.zdnet.com/article/nsw-government-casual-recruiter-suffers-ransomware-hit/Exploit: Ransomware
Finite Recruitment: Staffing Firm
Risk to Business: 2.223 = Severe
IT recruitment firm Finite Recruitment has confirmed it experienced a cyberattack in October 2021 that resulted in some of the company’s data getting stolen and published on the dark web. The Conti ransomware group listed Finite Recruitment as a victim on its dark web leak site, claiming to have acquired 300GB of the company’s data. Finite Recruitment services several NSW government agencies as well as private clients.
Risk to Business: 2.015 = Severe
An estimated 38,000 employees and up to 80,000 government employees may have had their data exposed and that data may include financial data, contracts, customer databases with phone numbers and addresses, contracts with employees’ passport details, phone numbers, mail correspondence, and other information.
How it Could Affect Your Business: Cybercriminals are always on the hunt for big troves of personal and financial information and companes that store it are at a high risk for ransomware.
Atalanta
https://portswigger.net/daily-swig/us-food-importer-atalanta-admits-ransomware-attackExploit: Ransomware
Atalanta: Food Importer
Risk to Business: 1.616= Severe
Imported foods outfit Atalanta has admitted that it suffered a data breach involving employees’ personal information as the result of a ransomware attack in July 2021. An investigation concluded that information related to Atalanta’s current and former employees and some visitors was accessed and acquired by an unauthorized party. Atalanta is North America’s largest privately-held specialty food importer. No details were offered by the company about how many records were exposed and what personal information they contained.
Customers Impacted: Unknown
How It Could Affect Your Business: Data breach risk has become especially nasty as cybercriminals look to distributors and service providers who may maintain large stores of data for a quick score.
Cox Communications
https://www.bleepingcomputer.com/news/security/cox-discloses-data-breach-after-hacker-impersonates-support-agent/Exploit: Phishing (Vishing)
Cox Communications: Digital Cable Provider
Risk to Business: 1.773=Severe
Cox Communications has disclosed a data breach after a hacker impersonated a support agent to gain access to customers’ personal information. The story goes that on October 11th, 2021, a bad actor impersonated a Cox support agent by phone to gain access to customer information. Cox is the third-largest cable television provider in the US with around 3 million customers.
Individual Risk: 1.813=Severe
Customers may have had information material to their Cox account exposed including name, address, telephone number, Cox account number, Cox.net email address, username, PIN code, account security question and answer, and/or the types of services that they receive from Cox.
How It Could Affect Your Business: Vishing has been gaining popularity as employees handle fewer phone calls, making them more likely to take the ones they do get seriously. This is the same method of attack that was used in the 2020 Twitter hack.
The Virginia Division of Legislative Automated Systems (DLAS)
https://apnews.com/article/technology-legislature-executive-branch-virginia-ralph-northam-8adc7aa73b93c91b0687b741b6acd202Exploit: Ransomware
The Virginia Division of Legislative Automated Systems (DLAS): Government Technology Services
Risk to Business: 1.318=Extreme
A ransomware attack has hit the division of Virginia’s state government that handles IT for agencies and commissions within the Virginia legislature. Hackers accessed the agency’s system late Friday, then deployed ransomware. A ransom demand was received on Monday. A Virginia state official told CNN that DLAS was shutting down many of its computer servers in an attempt to stop the spread of ransomware. No information was available at press time about the amount of the ransom demand or what if any data was stolen. AP reports that this attack is the first recorded on a state legislature.
Customers Impacted: Unknown
How It Could Affect Your Business: In an ultra-competitive sector like crypto, customers will be watching every move a company makes, especially if it could potentially cost them money.
Kronos Ultimate Group
https://www.bostonglobe.com/2021/12/14/business/businesses-face-payroll-scheduling-woes-after-ransomware-attack-kronos/Exploit: Ransomware
Kronos Ultimate Group: Payroll Services
Risk to Business: 1.619= Severe
HR management company Ultimate Kronos Group has been hit by a ransomware attack that could have devastating ongoing repercussions. The company’s Kronos Workforce Central was paralyzed in the attack. That prevents its clients, including heavyweights like Tesla and Puma, from processing payroll, handling timesheets and managing their workforce. Kronos first became aware of unusual activity on Kronos Private Cloud on Saturday evening. The company’s blog says that it is likely the issue may require several weeks to resolve.
Customers Impacted:
How it Could Affect Your Business: Once again, cybercriminals choose a target that offers them a huge stash of data, especially valuable personal and financial information.
United Kingdom – SPAR Convenience Stores
https://www.infosecurity-magazine.com/news/cyberattack-closes-uk-convenience/Exploit: Ransomware
SPAR Convenience Stores: Convenience Store Chain
Risk to Business: 1.412= Extreme
UK convenience store chain SPAR fell victim to a cyberattack that impacted operations at a store level. SPAR has around 2600 stores located across the UK. The suspected ransomware attack impacted 330 SPAR locations primarily located in the north of England. Those stores were left unable to process payments made using credit or debit cards for a time. The attack also prevented the stores from using their accounting or stock control systems. Some of the affected shops remain closed in the wake of the attack, but some have reopened accepting only cash payments. An investigation is ongoing.
Customers Impacted: Unknown
Sweden – Volvo Cars
https://www.securityweek.com/hackers-steal-research-data-swedens-volvo-cars
Exploit: HackingVolvo Cars: Automotive Manufacturer
Risk to Business: 2.112 = Severe
Swedish automotive company Volvo announced that hackers had violated its network and made off with valuable research and development data in a cyberattack. The company went on to say that its investigation confirmed that a limited amount of the company’s R&D property was stolen during the intrusion, but no other data was accessed. The company was quick to assure Volvo owners that there would be no impact on the safety or security of their cars or their personal data.
Customers Impacted: Unknown
How it Could Affect Your Business: Research and development data is a niche market on the dark web that can be very profitable for the bad guys.
Germany – Hellmann Worldwide Logistics
https://www.zdnet.com/article/german-logistics-giant-hellmann-reports-cyberattack/Exploit: Ransomware
Hellmann Worldwide Logistics: Transportation Logistics Firm
Risk to Business: 1.7684 = Severe
Hellmann Worldwide Logistics reported a cyberattack this week that packed a punch. The company said that a cyberattack, suspected to be ransomware, caused them to have to temporarily remove all connections to their central data center. Hellmann said its Global Crisis Taskforce discovered the attack but outside cybersecurity experts were brought in to help with the response. The company serves clients in 173 countries, running logistics for a range of air, sea, rail and road freight services.
Customers Impacted: Unknown
How it Could Affect Your Business: Transportation companies have been squarely in cybercriminals’ sights since the start of the global pandemic, upping risk for businesses in that sector.
France – Régie Autonome des Transports Parisiens (RATP)
https://www.infosecurity-magazine.com/news/french-transport-giant-exposes/Exploit: Misconfiguration
Régie Autonome des Transports Parisiens (RATP): Transportation Authority
Risk to Business: 1.723 = Severe
A state-owned French transportation giant is in hot water after exposing personal information for nearly 60,000 employees via an unsecured HTTP server. Researchers discovered the server on October 13 left open and accessible to anyone. It contained an SQL database backup dating back to 2018 with over three million records. This featured the details of 57,000 RATP employees — including senior executives and the cybersecurity team. Source code related to RATP’s employee benefits web portal was also exposed with API keys that enabled access to the sensitive info about the website’s backend and RATP’s GitHub account.
Individual Risk: 1.723 = Severe
The exposed employee data includes full names, email addresses, logins for their RATP employee accounts and MD5-hashed passwords.
How it Could Affect Your Business: This error could have been prevented and the resulting incident will not be cheap to fix after GDPR regulators get finished slapping down penalties.
Singapore – AscendEX
https://www.coindesk.com/business/2021/12/13/crypto-exchange-ascendex-hacked-losses-estimated-at-77m/Exploit: Hacking
AscendEX: Cryptocurrency Trading Platform
Risk to Business: 1.223 = Extreme
Cryptocurrency exchange AscendEX suffered a hack for an estimated $77 million following a breach of one its hot wallets. The company announced the hack on Twitter, saying that it had identified a number of unauthorized transactions from one of its hot wallets on Saturday. Blockchain analytics firm PeckShield estimated that the stolen funds amounted to $77 million spread across three chains: Ethereum ($60 million), Binance Smart Chain ($9.2 million) and Polygon ($8.5 million). The largest share of the $77 million was accounted for by the relatively minor taraxa (TARA) with $10.8 million, while the combined shares of stablecoins USDT and USDC accounted for $10.7 million. The Singapore-based exchange, which was formerly known as BitMax, claims to serve one million institutional and retail clients.
Customers Impacted: Unknown
How it Could Affect Your Business: Crypto and DeFi platforms have been getting hit right and left by bad actors looking for a quick payday, with major attacks every week for the last month.
Australia – Frontier Software
https://www.zdnet.com/article/south-australian-government-employee-data-taken-in-frontier-software-ransomware-attack/Exploit: Ransomware
Frontier Software: Payroll Services Technology Provider
Risk to Business: 2.323 = Severe
South Australia’s state government announced that state government employee data has been exfiltrated as part of a ransomware attack on payroll provider Frontier Software. The company has informed the government that at least up to 80,000 government employees and 38,000 employees of other businesses may have had their data snatched by bad actors in the November 13 incident.
Individual Risk: 2.401 = Severe
The stolen employee data contained names, dates of birth, tax file numbers, home addresses, bank account details, employment start dates, payroll period, remuneration, and other payroll-related information.
How it Could Affect Your Business: The second appearance of a payrolls services firm this week is a reminder that these companies store exactly the kind of data that is cybercriminals catnip.
Atalanta
https://portswigger.net/daily-swig/us-food-importer-atalanta-admits-ransomware-attackExploit: Ransomware
Atalanta: Food Importer
Risk to Business: 1.616= Severe
Imported foods outfit Atalanta has admitted that it suffered a data breach involving employees’ personal information as the result of a ransomware attack in July 2021. An investigation concluded that information related to Atalanta’s current and former employees and some visitors was accessed and acquired by an unauthorized party. Atalanta is North America’s largest privately-held specialty food importer. No details were offered by the company about how many records were exposed and what personal information they contained.
Customers Impacted: Unknown
How It Could Affect Your Business: Data breach risk has become especially nasty as cybercriminals look to distributors and service providers who may maintain large stores of data for a quick score.
Cox Communications
https://www.bleepingcomputer.com/news/security/cox-discloses-data-breach-after-hacker-impersonates-support-agent/Exploit: Phishing (Vishing)
Cox Communications: Digital Cable Provider
Risk to Business: 1.773=Severe
Cox Communications has disclosed a data breach after a hacker impersonated a support agent to gain access to customers’ personal information. The story goes that on October 11th, 2021, a bad actor impersonated a Cox support agent by phone to gain access to customer information. Cox is the third-largest cable television provider in the US with around 3 million customers.
Individual Risk: 1.813=Severe
Customers may have had information material to their Cox account exposed including name, address, telephone number, Cox account number, Cox.net email address, username, PIN code, account security question and answer, and/or the types of services that they receive from Cox.
How It Could Affect Your Business: Vishing has been gaining popularity as employees handle fewer phone calls, making them more likely to take the ones they do get seriously. This is the same method of attack that was used in the 2020 Twitter hack.
The Virginia Division of Legislative Automated Systems (DLAS)
https://apnews.com/article/technology-legislature-executive-branch-virginia-ralph-northam-8adc7aa73b93c91b0687b741b6acd202Exploit: Ransomware
The Virginia Division of Legislative Automated Systems (DLAS): Government Technology Services
Risk to Business: 1.318=Extreme
A ransomware attack has hit the division of Virginia’s state government that handles IT for agencies and commissions within the Virginia legislature. Hackers accessed the agency’s system late Friday, then deployed ransomware. A ransom demand was received on Monday. A Virginia state official told CNN that DLAS was shutting down many of its computer servers in an attempt to stop the spread of ransomware. No information was available at press time about the amount of the ransom demand or what if any data was stolen. AP reports that this attack is the first recorded on a state legislature.
Customers Impacted: Unknown
How It Could Affect Your Business: In an ultra-competitive sector like crypto, customers will be watching every move a company makes, especially if it could potentially cost them money.
Kronos Ultimate Group
https://www.bostonglobe.com/2021/12/14/business/businesses-face-payroll-scheduling-woes-after-ransomware-attack-kronos/Exploit: Ransomware
Kronos Ultimate Group: Payroll Services
Risk to Business: 1.619= Severe
HR management company Ultimate Kronos Group has been hit by a ransomware attack that could have devastating ongoing repercussions. The company’s Kronos Workforce Central was paralyzed in the attack. That prevents its clients, including heavyweights like Tesla and Puma, from processing payroll, handling timesheets and managing their workforce. Kronos first became aware of unusual activity on Kronos Private Cloud on Saturday evening. The company’s blog says that it is likely the issue may require several weeks to resolve.
Customers Impacted:
How it Could Affect Your Business: Once again, cybercriminals choose a target that offers them a huge stash of data, especially valuable personal and financial information.
United Kingdom – SPAR Convenience Stores
https://www.infosecurity-magazine.com/news/cyberattack-closes-uk-convenience/Exploit: Ransomware
SPAR Convenience Stores: Convenience Store Chain
Risk to Business: 1.412= Extreme
UK convenience store chain SPAR fell victim to a cyberattack that impacted operations at a store level. SPAR has around 2600 stores located across the UK. The suspected ransomware attack impacted 330 SPAR locations primarily located in the north of England. Those stores were left unable to process payments made using credit or debit cards for a time. The attack also prevented the stores from using their accounting or stock control systems. Some of the affected shops remain closed in the wake of the attack, but some have reopened accepting only cash payments. An investigation is ongoing.
Customers Impacted: Unknown
Sweden – Volvo Cars
https://www.securityweek.com/hackers-steal-research-data-swedens-volvo-cars
Exploit: HackingVolvo Cars: Automotive Manufacturer
Risk to Business: 2.112 = Severe
Swedish automotive company Volvo announced that hackers had violated its network and made off with valuable research and development data in a cyberattack. The company went on to say that its investigation confirmed that a limited amount of the company’s R&D property was stolen during the intrusion, but no other data was accessed. The company was quick to assure Volvo owners that there would be no impact on the safety or security of their cars or their personal data.
Customers Impacted: Unknown
How it Could Affect Your Business: Research and development data is a niche market on the dark web that can be very profitable for the bad guys.
Germany – Hellmann Worldwide Logistics
https://www.zdnet.com/article/german-logistics-giant-hellmann-reports-cyberattack/Exploit: Ransomware
Hellmann Worldwide Logistics: Transportation Logistics Firm
Risk to Business: 1.7684 = Severe
Hellmann Worldwide Logistics reported a cyberattack this week that packed a punch. The company said that a cyberattack, suspected to be ransomware, caused them to have to temporarily remove all connections to their central data center. Hellmann said its Global Crisis Taskforce discovered the attack but outside cybersecurity experts were brought in to help with the response. The company serves clients in 173 countries, running logistics for a range of air, sea, rail and road freight services.
Customers Impacted: Unknown
How it Could Affect Your Business: Transportation companies have been squarely in cybercriminals’ sights since the start of the global pandemic, upping risk for businesses in that sector.
France – Régie Autonome des Transports Parisiens (RATP)
https://www.infosecurity-magazine.com/news/french-transport-giant-exposes/Exploit: Misconfiguration
Régie Autonome des Transports Parisiens (RATP): Transportation Authority
Risk to Business: 1.723 = Severe
A state-owned French transportation giant is in hot water after exposing personal information for nearly 60,000 employees via an unsecured HTTP server. Researchers discovered the server on October 13 left open and accessible to anyone. It contained an SQL database backup dating back to 2018 with over three million records. This featured the details of 57,000 RATP employees — including senior executives and the cybersecurity team. Source code related to RATP’s employee benefits web portal was also exposed with API keys that enabled access to the sensitive info about the website’s backend and RATP’s GitHub account.
Individual Risk: 1.723 = Severe
The exposed employee data includes full names, email addresses, logins for their RATP employee accounts and MD5-hashed passwords.
How it Could Affect Your Business: This error could have been prevented and the resulting incident will not be cheap to fix after GDPR regulators get finished slapping down penalties.
Singapore – AscendEX
https://www.coindesk.com/business/2021/12/13/crypto-exchange-ascendex-hacked-losses-estimated-at-77m/Exploit: Hacking
AscendEX: Cryptocurrency Trading Platform
Risk to Business: 1.223 = Extreme
Cryptocurrency exchange AscendEX suffered a hack for an estimated $77 million following a breach of one its hot wallets. The company announced the hack on Twitter, saying that it had identified a number of unauthorized transactions from one of its hot wallets on Saturday. Blockchain analytics firm PeckShield estimated that the stolen funds amounted to $77 million spread across three chains: Ethereum ($60 million), Binance Smart Chain ($9.2 million) and Polygon ($8.5 million). The largest share of the $77 million was accounted for by the relatively minor taraxa (TARA) with $10.8 million, while the combined shares of stablecoins USDT and USDC accounted for $10.7 million. The Singapore-based exchange, which was formerly known as BitMax, claims to serve one million institutional and retail clients.
Customers Impacted: Unknown
How it Could Affect Your Business: Crypto and DeFi platforms have been getting hit right and left by bad actors looking for a quick payday, with major attacks every week for the last month.
Australia – Frontier Software
https://www.zdnet.com/article/south-australian-government-employee-data-taken-in-frontier-software-ransomware-attack/Exploit: Ransomware
Frontier Software: Payroll Services Technology Provider
Risk to Business: 2.323 = Severe
South Australia’s state government announced that state government employee data has been exfiltrated as part of a ransomware attack on payroll provider Frontier Software. The company has informed the government that at least up to 80,000 government employees and 38,000 employees of other businesses may have had their data snatched by bad actors in the November 13 incident.
Individual Risk: 2.401 = Severe
The stolen employee data contained names, dates of birth, tax file numbers, home addresses, bank account details, employment start dates, payroll period, remuneration, and other payroll-related information.
How it Could Affect Your Business: The second appearance of a payrolls services firm this week is a reminder that these companies store exactly the kind of data that is cybercriminals catnip.
When used strategically, technology can help small and medium-sized businesses (SMBs) develop a more productive, efficient and innovative workforce. That’s why businesses that prioritize technology are three times more likely to exceed corporate goals.* In a business world that’s evolving at a breakneck pace, your company may not be able to perform at its full potential if it lacks the necessary technology.
However, even the most cutting-edge technology can experience the occasional hiccup and slow you down if you don't keep up with regular updates and support. Performing an annual technology refresh can help you avoid this altogether.
A technology refresh is the process of replacing technology components regularly by evaluating their ability to integrate with other infrastructure components and obsolescence, rather than waiting until the outdated element becomes the most significant impediment to achieving your company's vision.
A technology refresh is crucial because maintaining legacy infrastructure components comes at a cost. It exposes your systems to hackers, reduces overall productivity and may even drive your most valuable employees out the door because they are tired of dealing with outdated technology that makes it difficult to do their jobs. Additionally, as the costs of maintaining outdated IT components and the risks of failure continue to rise, day-to-day operations can be negatively impacted.
Is it time to refresh your company's technology? Keep an eye out for the following six signs:
Technological roadblocks can be frustrating and attempting to overcome them on your own can be overwhelming. Get started on your path to a technology refresh with an experienced partner like us. Knowing that the process is in expert hands gives you peace of mind and allows you to focus on growing your business. Contact us now for a free consultation.
Technology can improve:
- Business communication
- Decision making
- Marketing
- Security
- Customer support
- Resource management
- Time and cost efficiency
However, even the most cutting-edge technology can experience the occasional hiccup and slow you down if you don't keep up with regular updates and support. Performing an annual technology refresh can help you avoid this altogether.
A technology refresh is the process of replacing technology components regularly by evaluating their ability to integrate with other infrastructure components and obsolescence, rather than waiting until the outdated element becomes the most significant impediment to achieving your company's vision.
A technology refresh is crucial because maintaining legacy infrastructure components comes at a cost. It exposes your systems to hackers, reduces overall productivity and may even drive your most valuable employees out the door because they are tired of dealing with outdated technology that makes it difficult to do their jobs. Additionally, as the costs of maintaining outdated IT components and the risks of failure continue to rise, day-to-day operations can be negatively impacted.
Warning Signs to Look Out For
Is it time to refresh your company's technology? Keep an eye out for the following six signs:
Systems are running slowly
Experiencing suspicious pop-ups
Random shutdowns
Connection issues
Lack of integration between your systems, software and technology
Your system acts possessed
Collaboration Is the Best Way Forward
Technological roadblocks can be frustrating and attempting to overcome them on your own can be overwhelming. Get started on your path to a technology refresh with an experienced partner like us. Knowing that the process is in expert hands gives you peace of mind and allows you to focus on growing your business. Contact us now for a free consultation.
Source:
*Adobe Digital Trends Report
When used strategically, technology can help small and medium-sized businesses (SMBs) develop a more productive, efficient and innovative workforce. That’s why businesses that prioritize technology are three times more likely to exceed corporate goals.* In a business world that’s evolving at a breakneck pace, your company may not be able to perform at its full potential if it lacks the necessary technology.
Technology can improve:
- Business communication
- Decision making
- Marketing
- Security
- Customer support
- Resource management
- Time and cost efficiency
A technology refresh is the process of replacing technology components regularly by evaluating their ability to integrate with other infrastructure components and obsolescence, rather than waiting until the outdated element becomes the most significant impediment to achieving your company's vision.
A technology refresh is crucial because maintaining legacy infrastructure components comes at a cost. It exposes your systems to hackers, reduces overall productivity and may even drive your most valuable employees out the door because they are tired of dealing with outdated technology that makes it difficult to do their jobs. Additionally, as the costs of maintaining outdated IT components and the risks of failure continue to rise, day-to-day operations can be negatively impacted.
Warning Signs to Look Out For
Is it time to refresh your company's technology? Keep an eye out for the following six signs:
Systems are running slowly
Experiencing suspicious pop-ups
Random shutdowns
Connection issues
Lack of integration between your systems, software and technology
Your system acts possessed
Collaboration Is the Best Way Forward
Technological roadblocks can be frustrating and attempting to overcome them on your own can be overwhelming. Get started on your path to a technology refresh with an experienced partner like us. Knowing that the process is in expert hands gives you peace of mind and allows you to focus on growing your business. Contact us now for a free consultation.
Source:
*Adobe Digital Trends Report
Planned Parenthood
https://www.washingtonpost.com/nation/2021/12/01/los-angeles-planned-parenthood-hack/Exploit: Ransomware
Planned Parenthood: Healthcare Provider
Risk to Business: 1.616= Severe
Bad actors gained access to the personal information of an estimated 400,000 patients of Planned Parenthood in Los Angeles this past October in a probable ransomware attack. A spokesperson said that someone gained access to Planned Parenthood Los Angeles’ network between October 9 and 17, deployed and exfiltrated an undisclosed number of files. The breach is limited to the Los Angeles affiliate and an investigation is underway.
Risk to Business: 1.703= Severe
PPLA told clients that PII and PHI had been exposed including the patient’s name, address, insurance information, date of birth, and clinical information, such as diagnosis, procedure, and/or prescriptions.
How It Could Affect Your Business: Medical information is valuable, especially sensitive information like this that can be used for both cybercrime and blackmail, and patients expect that healthcare providers will protect it.
Gale Healthcare Solutions
https://www.zdnet.com/article/sensitive-information-of-30k-florida-healthcare-workers-exposed-in-unprotected-database/Exploit: Misconfiguration
Gale Healthcare Solutions: Healthcare Job Placement
Risk to Business: 1.611=Severe
More than 30,000 US healthcare workers’ personal information was recently exposed due to a non-password-protected database owned by Gale Healthcare Solutions, a Florida-based healthcare staffing provider. Files containing the PII of healthcare workers that the company placed were hosted on an unsecured AWS cloud server that was uncovered by security researchers in September. Gale Health Solutions says that the environment has been deactivated and secured. The company also says that there is no evidence there was any further unauthorized access beyond the researcher or that any personal data has been, or will be, misused.
Individual Risk: 1.813=Severe
Researchers reported that the files they saw contained a healthcare worker’s face image or ID badge, full name and a number consistent with an SSN. Other personal data about the impacted workers may also have been exposed.
How It Could Affect Your Business: This mistake will be expensive and coveted healthcare workers may be inclined to choose a different staffing agency because of this carelessness.
MonoX
https://www.hackread.com/hackers-steal-badger-defi-monox/Exploit: Hacking
MonoX: Cryptocurrency Finance
Risk to Business: 1.318=Extreme
The MonoX DEX platform has experienced a breach that did damage to the tune of $31 million. The breach took place after hackers exploited a vulnerability in smart contract software, then exploited the vulnerability to increase the price of MONO through smart contracts and bought assets with MONO tokens. DeFi platform Badger was also reportedly hit by hackers for $120 million last week after they gained access by targeting a protocol on the Ethereum network.
Customers Impacted: Unknown
How It Could Affect Your Business: In an ultra-competitive sector like crypto, customers will be watching every move a company makes, especially if it could potentially cost them money.
DNA Diagnostics Center
Exploit: RansomwareDNA Diagnostics Center: Healthcare Services
Risk to Business: 1.819= Severe
DNA Diagnostics Center said that on August 6, the company discovered that there had been unauthorized access to its network that enabled someone to access and exfiltrate an archived database that contained patient PII collected between 2004 and 2012. The Ohio-based company says that 2,102,436 people had their information exposed. Victims may have been ordered to undergo genetic testing as part of a legal matter.
Individual Risk 1.617= Severe
The company is sending letters to impacted individuals warning them that they may have had their PII and sensitive data such as Social Security number or payment information exposed. Anyone whose personal information was accessed is being offered Experian credit monitoring.
How it Could Affect Your Business: Companies that store two kinds of valuable data like this are at high risk for an expensive and damaging ransomware incident that will have lasting financial results.
United Kingdom – BitMart
https://portswigger.net/daily-swig/crypto-exchange-bitmart-reports-150-million-theft-following-hackExploit: Hacking
BitMart: Cryptocurrency Exchange
Risk to Business: 1.212= Extreme
Cryptocurrency trading platform BitMart has been hacked resulting in the loss of an estimated $150 million in funds. Portswigger reports that Blockchain security firm Peckshield has estimated losses of around $200 million following an attack on the platform on Saturday (December 4), comprising $100 million on the Ethereum blockchain and $96 million on the Binance Smart Chain. BitMart said n a statement that it was temporarily suspending withdrawals until further notice after detecting a large-scale security breach centered on two ‘hot’ wallets. BitMart claims that it has more than nine million customers across more than 180 countries.
Customers Impacted: Unknown
How it Could Affect Your Business: Crypto platforms have been squarely in cybercriminals’ sights in the last few months and consumers are watching to see which ones are able to avoid trouble.
Japan – Panasonic
https://www.securitymagazine.com/articles/96615-panasonic-discloses-data-breach
Exploit: HackingPanasonic: Electronics Manufacturer
Risk to Business: 1.919 = Severe
Panasonic has confirmed that it’s had a security breach after unauthorized users accessed its network on November 11. The company says that an internal investigation revealed that some data on a file server had been accessed by intruders. No information was given about what data was accessed or how much. Panasonic says that it is working with an outside firm to get to the bottom of the matter and expressed its apologies for the incident.
Customers Impacted: Unknown
How it Could Affect Your Business: Large companies are treasure troves for data-hungry cybercriminals looking for a quick, low-risk score to turn over for fast profit.
Australia – CS Energy
https://www.itpro.co.uk/security/ransomware/361687/cs-energy-ransomware-attackExploit: Ransomware
CS Energy: Energy Company
Risk to Business: 1.723 = Severe
CS Energy confirmed it experienced a ransomware attack on November 27. The company said the incident was limited to its corporate network and did not impact operations at its Callide and Kogan Creek power stations. CS Energy’s CEO said that the company contained the ransomware attack by segregating the corporate network from other internal networks and enacting business continuity processes. CS Energy is owned by the Queensland government.
Customers Impacted: Unknown
How it Could Affect Your Business: Utility companies and other critical infrastructure businesses are tempting targets for cybercriminals because their essential nature makes the owners more likely to pay a ransom.