InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Arthur J. Gallagher
Exploit: RansomwareArthur J. Gallagher (AJG): Insurance Broker
Risk to Business: 1.673= Severe
Arthur J. Gallagher (AJG), a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to customers impacted in a previously unannounced ransomware attack that hit its systems in late September 2020. The company said that an unknown party accessed data contained within their network between June 3, 2020, and September 26, 2020. The company has apparently just completed its investigation.
Individual Risk: 1.522= Severe
While the company did not specify the types of data exposed, their SEC filing did and PII starred heavily on the list. Data exposed may include a client’s Social Security number or tax identification number, driver’s license, passport or other government identification number, date of birth, username and password, employee identification number, financial account or credit card information, electronic signature, medical treatment, claim, diagnosis, medication or other medical information, health insurance information, medical record or account number and biometric information.
How It Could Affect Your Business: Proprietary data like this is cybercriminal gold. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.
Washington State Department of Labor and Industries
https://www.thenewstribune.com/news/state/washington/article252532918.html
Exploit: Third-Party Data BreachWashington State Department of Labor and Industries: Government Agency
Risk to Business: 1.816 = Severe
Washington State informed over 16,000 workers that their PII may have been exposed in a ransomware attack on Renton market research company Pacific Market Research (PMR). The contractor was hit with a ransomware attack in May 2021.
Risk to Business: 1.516 = Severe
The exposed information for workers includes claim numbers and dates of birth for 16,466 workers who had workers’ compensation claims in 2019, which PMR had used to conduct a customer service survey for the agency.
How it Could Affect Your Business: An unsecured database is easy pickings for cybercriminals and a rookie mistake that could cost the survey company a client.
Practicefirst
https://healthitsecurity.com/news/healthcare-ransomware-attack-targets-practice-management-vendor
Exploit: RansomwarePracticefirst: Healthcare Technology Services
Risk to Business: 2.223=Severe
Practicefirst announced that a 2020 healthcare ransomware attack may have exposed personally identifiable information (PII) of patients and employees. The service provider specializes in medical billing, coding, credentialing, bookkeeping, and practice management solutions. When they detected suspicious activity on December 30th, 2020, they shut down all systems, changed passwords and notified authorities but not before the bad guys scooped up data.
Risk to Business: 2.201=Severe
Practicefirst disclosed that patient and employee information has been impacted including birthdates, names, addresses, driver’s license numbers, Social Security numbers, email addresses and tax identification numbers employee usernames and passwords, bank account information. Other data that may have been stolen is primarily treatment-focused like diagnoses, lab and treatment information, medication information and health insurance identification.
How it Could Affect Your Business: Clients and employees won’t be happy about having this kind of personal information stolen – and neither will the Department of Health and Human Services.
UofL Health
https://www.infosecurity-magazine.com/news/kentucky-healthcare-system-exposes/Exploit: Insider Threat (Employee Error)
UofL Health: Healthcare System
Risk to Business: 1.575 = Severe
Kentucky-based UofL Health has notified more than 40,000 patients of an employee blunder that resulted in their personal health information being emailed to the wrong address. In this case, a UofL employee accidentally sent personal health information from UofL patients to an email address outside of the health system’s network. According to UofL, the accidental recipient of the data did not view or access any patient information.
Risk to Business: 1.502 = Severe
Patients whose data was impacted by the incident have been offered free identity protection services. No specifics about what exact data was accessed have been released beyond personal health information.
How it Could Affect Your Business: Employee errors that impact compliance in a heavily regulated industry pack a punch after regulators get to work.
United Kingdom – Salvation Army
https://www.theregister.com/2021/06/30/salvation_army_ransomware_attack/Exploit: Hacking
Salvation Army – Non-Profit
Risk to Business: 2.424= Severe
The United Kingdom arm of the evangelical Christian nonprofit Salvation Army disclosed that it had been the victim of an unspecified cyberattack. The industry press are reporting that the attack was purportedly ransomware but no confirmation is available at this time. The fundamentalist charity says that no programs were impacted and has not released information about the type of data that was stolen.
Customers Impacted: Unknown
How it Could Affect Your Business: organizations that hold financial information for donors should put extra care into securing it to keep those people donating.
Spain – MasMovil
https://www.hackread.com/revil-ransomware-gang-hits-masmovil-telecom/Exploit: Ransomware
MasMovil: Telecommunications
Risk to Business: 1.801 = Severe
Cybercrime gang REvil struck Spain’s fourth-largest telecom over the 4th of July weekend. The group claims to have “downloaded databases and other important data” belonging to the telecom giant, sharing screenshots apparently of the stolen MasMovil data that shows folders named Backup, RESELLERS, PARLEM and OCU.
Customers Impacted: Unknown
How it Could Affect Your Business: If client data was impacted, GDPR carries stiff penalties for customer data loss and those continue to climb.
Mercedes Benz USA
https://www.bleepingcomputer.com/news/security/mercedes-benz-data-breach-exposes-ssns-credit-card-numbers/Exploit: Third Party Risk
Mercedes Benz USA: Carmaker
Risk to Business: 1.611= Severe
Mercedes-Benz USA has disclosed a data breach impacting some of its US customers. The data breach exposed PII of under 1,000 Mercedes-Benz customers and potential buyers. This breach was announced after a Mercedes-Benz vendor informed the company that the personal information of select customers was exposed due to an insufficiently secured cloud storage instance.
Individual Risk: 1.802= Severe
According to the company, the breach affects some customers and potential vehicle buyers who had entered sensitive information on Mercedez-Benz company and dealer websites between 2014 and 2017. The vendor who notified Mercedez-Benz of the data breach states that the exposed information included: self-reported customer credit scores, driver license numbers, Social Security numbers (SSNs), credit card numbers and dates of birth.
Customers Impacted: 1,000
How It Could Affect Your Business: Proprietary data like this is cybercriminal gold. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.
Washington Suburban Sanitary Commission (WSSC)
https://baltimore.cbslocal.com/2021/06/27/wssc-water-investigating-ransomware-attack/
Exploit: RansomwareWashington Suburban Sanitary Commission (WSSC): Utility
Risk to Business: 2.116 = Severe
Washington Suburban Sanitary Commission (WSSC) has disclosed a ransomware attack that impacted some of its systems. The utility noted that the incident impacted a portion of their network that operates non-essential business systems. The company has admitted that cybercriminals were able to gain access to internal files but no more information has been provided. The incident is still under investigation. WSSC is the utility that provides water and sewer services to the Washington, DC metropolitan area.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets like utilities and infrastructure targets as ransomware gangs try to score a big payday fast from targets that can’t afford downtime.
DreamHost
https://www.infosecurity-magazine.com/news/cloud-database-exposes-800m/Exploit: Unsecured Database
DreamHost: WordPress Hosting Service
Risk to Business: 1.823=Severe
A misconfigured cloud database exposed over 800 million records linked to WordPress users through hosting provider DreamHost. The 814 million records came from the firm’s managed WordPress hosting business DreamPress and appeared to date back to 2018. In this 86GB database, researchers noted admin and user information, including WordPress login location URLs, first and last names, email addresses, usernames, roles, host IP addresses, timestamps and configuration and security information, some linked to users with .gov and .edu email addresses. The database was purportedly secured within hours but the damage had already been done.
Customers Impacted: Unknown
How it Could Affect Your Business: There’s no excuse for making basic security blunders, and clients may be less likely to want to work with those who do. A strong security culture prevents these blunders from happening.
Altus Group
Exploit: RansomwareAltus Group: Real Estate Software
Risk to Business: 1.775 = Severe
Altus Group, a commercial real estate software solutions company, has announced that its data was breached. The company initially said that no data was stolen, a new ransomware group begs to differ. New cybercrime gang Hive has published samples of data allegedly stolen from Altus Group on its new dark website. The provided sample of exfiltrated files includes business data and documents, as well as Argus certificates and development files. No ransom amount has been confirmed and the incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: In this economy, ransomware groups are only going to keep cropping up and that means your clients are facing new danger every day.
United Kingdom – French Connection UK (FCUK)
https://www.techtimes.com/articles/262039/20210626/revil-ransomware-gang-strikes-again-attacking-fcuk-fashion-label.htmExploit: Ransomware
French Connection UK (FCUK): Clothing Brand
Risk to Business: 2.351= Severe
United Kingdom-based clothing company French Connection UK has been hit by a major cybercrime gang: REvil. The ransomware gang was able to get away with a plethora of internal company data after taking control of the company’s back-end servers. The type of data has not been specified, but both business and employee data is at risk.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is everywhere these days and every business is at risk. Companies in every industry of every size are in cybercriminals’ sights as they hunt for big paydays.
Sweden – InfoSolutions
https://cybernews.com/news/swedish-covid-19-lab-with-millions-of-test-results-breached/Exploit: Hacking
InfoSolutions: Medical IT Solutions
Risk to Business: 1.661 = Severe
InfoSolutions, a company that provides IT services to Swedish Public Health Agency including maintaining journals and COVID-19 databases in Sweden, published a statement claiming that it detected an intrusion to a database employed by 15 of 21 Sweden’s regions. The company says that there is no indication that any information has been passed on and that the databases were locked quickly. The internal investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Business: Medical data is catnip for hackers because it’s worth its weight in gold in dark web data markets, and healthcare targets worldwide have been under siege throughout the pandemic.
Brazil – Grupo Fleury
https://www.bleepingcomputer.com/news/security/healthcare-giant-grupo-fleury-hit-by-revil-ransomware-attack/Exploit: Ransomware
Grupo Fleury: Medical Diagnostics Laboratory
Risk to Business: 1.702 = Severe
REvil had a busy week. They also struck medical services company Grupo Fleury, Brazil’s largest laboratory operator. The REvil gang is demanding $5 million to receive a decryptor and not leak allegedly stolen files, and it has published a sample according to its usual protocol. Grupo Fleury’s data could potentially contain enormous amounts of personal and medical data of patients, but no specifics of what was stolen have been made available.
Customers Impacted: Unknown
How it Could Affect Your Business: Phishing and ransomware are today’s cybercriminal’s favorite tools to get the job done, and no matter how big or small, no organization is safe.
Mercedes Benz USA
https://www.bleepingcomputer.com/news/security/mercedes-benz-data-breach-exposes-ssns-credit-card-numbers/Exploit: Third Party Risk
Mercedes Benz USA: Carmaker
Risk to Business: 1.611= Severe
Mercedes-Benz USA has disclosed a data breach impacting some of its US customers. The data breach exposed PII of under 1,000 Mercedes-Benz customers and potential buyers. This breach was announced after a Mercedes-Benz vendor informed the company that the personal information of select customers was exposed due to an insufficiently secured cloud storage instance.
Individual Risk: 1.802= Severe
According to the company, the breach affects some customers and potential vehicle buyers who had entered sensitive information on Mercedez-Benz company and dealer websites between 2014 and 2017. The vendor who notified Mercedez-Benz of the data breach states that the exposed information included: self-reported customer credit scores, driver license numbers, Social Security numbers (SSNs), credit card numbers and dates of birth.
Customers Impacted: 1,000
How It Could Affect Your Business: Proprietary data like this is cybercriminal gold. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.
Washington Suburban Sanitary Commission (WSSC)
https://baltimore.cbslocal.com/2021/06/27/wssc-water-investigating-ransomware-attack/
Exploit: RansomwareWashington Suburban Sanitary Commission (WSSC): Utility
Risk to Business: 2.116 = Severe
Washington Suburban Sanitary Commission (WSSC) has disclosed a ransomware attack that impacted some of its systems. The utility noted that the incident impacted a portion of their network that operates non-essential business systems. The company has admitted that cybercriminals were able to gain access to internal files but no more information has been provided. The incident is still under investigation. WSSC is the utility that provides water and sewer services to the Washington, DC metropolitan area.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets like utilities and infrastructure targets as ransomware gangs try to score a big payday fast from targets that can’t afford downtime.
DreamHost
https://www.infosecurity-magazine.com/news/cloud-database-exposes-800m/Exploit: Unsecured Database
DreamHost: WordPress Hosting Service
Risk to Business: 1.823=Severe
A misconfigured cloud database exposed over 800 million records linked to WordPress users through hosting provider DreamHost. The 814 million records came from the firm’s managed WordPress hosting business DreamPress and appeared to date back to 2018. In this 86GB database, researchers noted admin and user information, including WordPress login location URLs, first and last names, email addresses, usernames, roles, host IP addresses, timestamps and configuration and security information, some linked to users with .gov and .edu email addresses. The database was purportedly secured within hours but the damage had already been done.
Customers Impacted: Unknown
How it Could Affect Your Business: There’s no excuse for making basic security blunders, and clients may be less likely to want to work with those who do. A strong security culture prevents these blunders from happening.
Altus Group
Exploit: RansomwareAltus Group: Real Estate Software
Risk to Business: 1.775 = Severe
Altus Group, a commercial real estate software solutions company, has announced that its data was breached. The company initially said that no data was stolen, a new ransomware group begs to differ. New cybercrime gang Hive has published samples of data allegedly stolen from Altus Group on its new dark website. The provided sample of exfiltrated files includes business data and documents, as well as Argus certificates and development files. No ransom amount has been confirmed and the incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: In this economy, ransomware groups are only going to keep cropping up and that means your clients are facing new danger every day.
United Kingdom – French Connection UK (FCUK)
https://www.techtimes.com/articles/262039/20210626/revil-ransomware-gang-strikes-again-attacking-fcuk-fashion-label.htmExploit: Ransomware
French Connection UK (FCUK): Clothing Brand
Risk to Business: 2.351= Severe
United Kingdom-based clothing company French Connection UK has been hit by a major cybercrime gang: REvil. The ransomware gang was able to get away with a plethora of internal company data after taking control of the company’s back-end servers. The type of data has not been specified, but both business and employee data is at risk.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is everywhere these days and every business is at risk. Companies in every industry of every size are in cybercriminals’ sights as they hunt for big paydays.
Sweden – InfoSolutions
https://cybernews.com/news/swedish-covid-19-lab-with-millions-of-test-results-breached/Exploit: Hacking
InfoSolutions: Medical IT Solutions
Risk to Business: 1.661 = Severe
InfoSolutions, a company that provides IT services to Swedish Public Health Agency including maintaining journals and COVID-19 databases in Sweden, published a statement claiming that it detected an intrusion to a database employed by 15 of 21 Sweden’s regions. The company says that there is no indication that any information has been passed on and that the databases were locked quickly. The internal investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Business: Medical data is catnip for hackers because it’s worth its weight in gold in dark web data markets, and healthcare targets worldwide have been under siege throughout the pandemic.
Brazil – Grupo Fleury
https://www.bleepingcomputer.com/news/security/healthcare-giant-grupo-fleury-hit-by-revil-ransomware-attack/Exploit: Ransomware
Grupo Fleury: Medical Diagnostics Laboratory
Risk to Business: 1.702 = Severe
REvil had a busy week. They also struck medical services company Grupo Fleury, Brazil’s largest laboratory operator. The REvil gang is demanding $5 million to receive a decryptor and not leak allegedly stolen files, and it has published a sample according to its usual protocol. Grupo Fleury’s data could potentially contain enormous amounts of personal and medical data of patients, but no specifics of what was stolen have been made available.
Customers Impacted: Unknown
How it Could Affect Your Business: Phishing and ransomware are today’s cybercriminal’s favorite tools to get the job done, and no matter how big or small, no organization is safe.
Cognyte
https://beta.darkreading.com/attacks-breaches/cyber-analytics-database-exposed-5-billion-records-onlineExploit: Unsecured Database
Cognyte: Data Analytics Firm
Risk to Business: 1.802= Severe
Data analytics company Cognyte warns folks about data exposure from third-party sources, and it had to send one out for itself this week. Researchers discovered an unsecured database operated by Cognyte that left some 5 billion records collected from a range of data incidents exposed online. The stored data is part of Cognyte’s cyber intelligence service, which is used to alert customers to third-party data exposures. The incident is under investigation.
Customers Impacted: Unknown
How It Could Affect Your Business: Proprietary like this is catnip for hackers. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.
Invenergy LLC
https://www.infosecurity-magazine.com/news/revil-claims-responsibility-for/Exploit: Ransomware
Invenergy LLC: Energy Company
Risk to Business: 1.916 = Severe
REvil has claimed responsibility for a recent cyberattack on renewable energy company Invenergy. The gang claims to have compromised the company’s computer systems and exfiltrated four terabytes of data. Among the information allegedly taken by REvil are contracts and project data. In a bizarre twist, REvil also claims to have obtained “very personal and spicy” information regarding Invenergy’s chief executive officer, Michael Polsky.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets are hot right now as ransomware gangs try to score a big payday fast from targets that can’t afford downtime.
CVS
https://www.zdnet.com/article/billions-of-records-belonging-to-cvs-health-exposed-online/#ftag=RSSbaffb68Exploit: Thitd-Party Threat (Misconfiguration)
CVS: Drug Store Chain
Risk to Business: 1.416= Extreme
CVS is in hot water after researchers discovered a trove of over one billion records online that were connected to the US healthcare and pharmaceutical giant. The unsecured databasewas extimated to be 204GB in size. According to reports, the databases contained an astonishing assortment of sensitive data like event and configuration data, visitor IDs, session IDs, device access information and details on how the logging system operated from the backend. Search records exposed also included queries for medications, COVID-19 vaccines and a variety of CVS products, referencing both CVS Health and CVS.com.
Customers Impacted: Unknown
How it Could Affect Your Business: Every company needs to make it a priority to be certain that their contractors and partners are handling and storing sensitive data correctly. Poor cyber hygiene at a service provider can become an expensive disaster fast.
Wegman’s
https://www.bleepingcomputer.com/news/security/us-supermarket-chain-wegmans-notifies-customers-of-data-breach/Exploit: Third-Party Threat (Misconfiguration)
Wegman’s: Grocery Store Chain
Risk to Business: 2.227= Severe
East Coast gourmet grocer Wegmans issued a release announcing that a service provider had failed to correctly configure two of its databases, exposing a large quantity of customer data. According to Wegmans, the databases that the contractor maintained contained customer identity and shopping habit information as well as an assortment of client PII. The company says the issue is resolved.
Risk to Business: 2.776 = Moderate
The release says that customer information exposed in the data breach included names, addresses, phone numbers, birth dates, Shoppers Club numbers, Wegmans.com account e-mail addresses and passwords. No Social Security, financial or medical information was stolen and only salted password hashes were stored in the databases maintained by the negligent contractor.
How it Could Affect Your Business: Clients expect a high level of information security from companies that they trust with their personal information and excuses about errors by contractors aren’t going to get businesses off the hook if there’s trouble.
Carnival Cruise Line
https://www.scmagazine.com/home/email-security/carnival-discloses-new-data-breach-on-email-accounts/
Exploit: HackingCarnival Cruise Lines: Cruise Ship Operator
Risk to Business: 1.651= Severe
Perennially cybersecurity challenged cruise line Carnival issued a breach disclosure on Thursday confirming hackers attacked email accounts and gained access to data about its customers and employees. The company said that the data snatched was collected during the travel booking process, through the course of employment or from providing services to the company, including COVID or other safety testing.
Risk to Business: 1.802= Severe
The poassenger data accessed included names, addresses, phone numbers, passport numbers, dates of birth, health information, and, in some limited instances, additional personal information like social security or national identification numbers. No clear information was provided about the employee information that was exposed.
How it Could Affect Your Business: This is the third major cybersecurity blunder for Carnival in just one year, and that is likely to create a great deal of mistrust with consumers just as the travel industry is getting back on it’s feet.
United Kingdom – Cake Box
https://www.bleepingcomputer.com/news/security/eggfree-cake-box-suffer-data-breach-exposing-credit-card-numbers/Exploit: Hacking
Cake Box: Bakery Chain
Risk to Business: 1.661 = Severe
UK celebration cake chain Cake Box isn’t celebrating this week. The company has disclosed a data breach after threat actors hacked their website and obtained credit card numbers. According to the release, the breach occurred way back in April 2020 and they’re just informing consumers. Payment skimming malware is to blame. Experts suspect that this breach is the result of a Magecart attack.
Individual Risk 2.802 = Severe
When customers made purchases on the site while it was infected malicious scripts sent the first name and surname, email address, postal address, and payment card information including the three-digit CVV code to a remote server controlled by the attackers. This is an ancient breach in terms of the time it took for consumers to be informed, and the damage has definitely already been done.
How it Could Affect Your Business: There is no excuse for waiting more than a year to inform customers that their data has been stolen, especially financial data like credit card numbers. This incident will shake consumer confidence in the brand.
South Korea – Korea Atomic Energy Research Institute (KAERI)
https://www.theregister.com/2021/06/21/south_koreas_nuclear_think_tank/Exploit: Nation-State Cybercrime
Korea Atomic Energy Research Institute (KAERI): Government Agency
Risk to Business: 1.633 = Severe
South Korean officials have admitted that the government nuclear think tank Korea Atomic Energy Research Institute (KAERI) was hacked by nation-state threat actors in May 2021 after the incident was brought to light by reporters. The Korean media is accusing the agency of perpetrating a cover-up. According to experts, the North Korean Kimusky cybercrime gang is to blame. This group often uses phishing to mimic websites like Gmail, Outlook, Telegram and more. The group then installs Android and Windows backdoor “AppleSeed” to collect information and frequently makes use of ransomware. The extent of the data theft is unknown.
Customers Impacted: Unknown
How it Could Affect Your Business: Nation-state threat actors frequently use phishing and ransomware to get the job done, and no matter how big or small, no organization is safe.
Cognyte
https://beta.darkreading.com/attacks-breaches/cyber-analytics-database-exposed-5-billion-records-onlineExploit: Unsecured Database
Cognyte: Data Analytics Firm
Risk to Business: 1.802= Severe
Data analytics company Cognyte warns folks about data exposure from third-party sources, and it had to send one out for itself this week. Researchers discovered an unsecured database operated by Cognyte that left some 5 billion records collected from a range of data incidents exposed online. The stored data is part of Cognyte’s cyber intelligence service, which is used to alert customers to third-party data exposures. The incident is under investigation.
Customers Impacted: Unknown
How It Could Affect Your Business: Proprietary like this is catnip for hackers. It’s both useful for committing future cybercrime and quickly saleable in the busy dark web data markets.
Invenergy LLC
https://www.infosecurity-magazine.com/news/revil-claims-responsibility-for/Exploit: Ransomware
Invenergy LLC: Energy Company
Risk to Business: 1.916 = Severe
REvil has claimed responsibility for a recent cyberattack on renewable energy company Invenergy. The gang claims to have compromised the company’s computer systems and exfiltrated four terabytes of data. Among the information allegedly taken by REvil are contracts and project data. In a bizarre twist, REvil also claims to have obtained “very personal and spicy” information regarding Invenergy’s chief executive officer, Michael Polsky.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets are hot right now as ransomware gangs try to score a big payday fast from targets that can’t afford downtime.
CVS
https://www.zdnet.com/article/billions-of-records-belonging-to-cvs-health-exposed-online/#ftag=RSSbaffb68Exploit: Thitd-Party Threat (Misconfiguration)
CVS: Drug Store Chain
Risk to Business: 1.416= Extreme
CVS is in hot water after researchers discovered a trove of over one billion records online that were connected to the US healthcare and pharmaceutical giant. The unsecured databasewas extimated to be 204GB in size. According to reports, the databases contained an astonishing assortment of sensitive data like event and configuration data, visitor IDs, session IDs, device access information and details on how the logging system operated from the backend. Search records exposed also included queries for medications, COVID-19 vaccines and a variety of CVS products, referencing both CVS Health and CVS.com.
Customers Impacted: Unknown
How it Could Affect Your Business: Every company needs to make it a priority to be certain that their contractors and partners are handling and storing sensitive data correctly. Poor cyber hygiene at a service provider can become an expensive disaster fast.
Wegman’s
https://www.bleepingcomputer.com/news/security/us-supermarket-chain-wegmans-notifies-customers-of-data-breach/Exploit: Third-Party Threat (Misconfiguration)
Wegman’s: Grocery Store Chain
Risk to Business: 2.227= Severe
East Coast gourmet grocer Wegmans issued a release announcing that a service provider had failed to correctly configure two of its databases, exposing a large quantity of customer data. According to Wegmans, the databases that the contractor maintained contained customer identity and shopping habit information as well as an assortment of client PII. The company says the issue is resolved.
Risk to Business: 2.776 = Moderate
The release says that customer information exposed in the data breach included names, addresses, phone numbers, birth dates, Shoppers Club numbers, Wegmans.com account e-mail addresses and passwords. No Social Security, financial or medical information was stolen and only salted password hashes were stored in the databases maintained by the negligent contractor.
How it Could Affect Your Business: Clients expect a high level of information security from companies that they trust with their personal information and excuses about errors by contractors aren’t going to get businesses off the hook if there’s trouble.
Carnival Cruise Line
https://www.scmagazine.com/home/email-security/carnival-discloses-new-data-breach-on-email-accounts/
Exploit: HackingCarnival Cruise Lines: Cruise Ship Operator
Risk to Business: 1.651= Severe
Perennially cybersecurity challenged cruise line Carnival issued a breach disclosure on Thursday confirming hackers attacked email accounts and gained access to data about its customers and employees. The company said that the data snatched was collected during the travel booking process, through the course of employment or from providing services to the company, including COVID or other safety testing.
Risk to Business: 1.802= Severe
The poassenger data accessed included names, addresses, phone numbers, passport numbers, dates of birth, health information, and, in some limited instances, additional personal information like social security or national identification numbers. No clear information was provided about the employee information that was exposed.
How it Could Affect Your Business: This is the third major cybersecurity blunder for Carnival in just one year, and that is likely to create a great deal of mistrust with consumers just as the travel industry is getting back on it’s feet.
United Kingdom – Cake Box
https://www.bleepingcomputer.com/news/security/eggfree-cake-box-suffer-data-breach-exposing-credit-card-numbers/Exploit: Hacking
Cake Box: Bakery Chain
Risk to Business: 1.661 = Severe
UK celebration cake chain Cake Box isn’t celebrating this week. The company has disclosed a data breach after threat actors hacked their website and obtained credit card numbers. According to the release, the breach occurred way back in April 2020 and they’re just informing consumers. Payment skimming malware is to blame. Experts suspect that this breach is the result of a Magecart attack.
Individual Risk 2.802 = Severe
When customers made purchases on the site while it was infected malicious scripts sent the first name and surname, email address, postal address, and payment card information including the three-digit CVV code to a remote server controlled by the attackers. This is an ancient breach in terms of the time it took for consumers to be informed, and the damage has definitely already been done.
How it Could Affect Your Business: There is no excuse for waiting more than a year to inform customers that their data has been stolen, especially financial data like credit card numbers. This incident will shake consumer confidence in the brand.
South Korea – Korea Atomic Energy Research Institute (KAERI)
https://www.theregister.com/2021/06/21/south_koreas_nuclear_think_tank/Exploit: Nation-State Cybercrime
Korea Atomic Energy Research Institute (KAERI): Government Agency
Risk to Business: 1.633 = Severe
South Korean officials have admitted that the government nuclear think tank Korea Atomic Energy Research Institute (KAERI) was hacked by nation-state threat actors in May 2021 after the incident was brought to light by reporters. The Korean media is accusing the agency of perpetrating a cover-up. According to experts, the North Korean Kimusky cybercrime gang is to blame. This group often uses phishing to mimic websites like Gmail, Outlook, Telegram and more. The group then installs Android and Windows backdoor “AppleSeed” to collect information and frequently makes use of ransomware. The extent of the data theft is unknown.
Customers Impacted: Unknown
How it Could Affect Your Business: Nation-state threat actors frequently use phishing and ransomware to get the job done, and no matter how big or small, no organization is safe.
Electronic Arts Inc (EA)
https://www.reuters.com/business/hackers-steal-wealth-data-ea-vice-2021-06-10/Exploit: Hacking
Electronic Arts Inc: Game Developer
Risk to Business: 1.355= Extreme
Electronic Arts (EA) has announced that it is investigating a data breach. Cybercriminals stole valuable corporate data from the company including game source code and related tools. Early reports noted that hackers had stolen source codes for the popular title “FIFA 21” and source code and tools for the Frostbite engine. Researchers estimate that 780 gigabytes of data was snatched then advertised for sale on underground hacking forums.
How It Could Affect Your Business: Hackers are always interested in proprietary data and corporate secrets, the 3rd most popular category for theft. They’re easy money in the busy dark web data markets.
Edward Don
Exploit: RansomwareEdward Don: Foodservice Distributor
Risk to Business: 1.816 = Severe
Foodservice equipment distributor Edward Don has been hit by a ransomware attack. The incident has disrupted their business operations, including their phone systems, network and email. As a result, employees have been driven to using personal Gmail accounts to communicate with customers regarding urgent orders or fulfillment issues. The incident is under investigation and full functionality was quickly restored,
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets like this are becoming all too common as ransomware gangs seek to cause maximum buzz for maximum profit.
McDonald’s Corp
https://www.reuters.com/technology/mcdonalds-hit-by-data-breach-south-korea-taiwan-wsj-2021-06-11/Exploit: Ransomware
McDonald’s Corp: Fast Food Chain
Risk to Business: 2.606= Moderate
McDonald’s Corp. said hackers exposed US business information and some customer data in South Korea and Taiwan. The attackers accessed e-mails, phone numbers and delivery addresses. The company reported that it had hired external consultants to investigate unauthorized activity on an internal security system, prompted by a specific incident in which the unauthorized access was cut off a week after it was identified. The announcement noted that the burger chain does not believe any customer payment data was stolen but cautioned that there may be employee data exposed.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks that focus on obtaining corporate or business data are increasingly troubling because each one adds more sensitive data to the dark web that can be used against
Intuit
https://www.bleepingcomputer.com/news/security/intuit-notifies-customers-of-compromised-turbotax-accounts/Exploit: Account Takeover (ATO)
Intuit: Financial Software Developer
Risk to Business: 1.612= Severe
Accounting software giant Intuit has notified customers that they have suffered a breach. The company warned users of TurboTax that their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks. Intuit announced that the threat actors used credentials (usernames and passwords) obtained from “a non-Intuit source” to gain access to the accounts.
Risk to Business: 1.832= Severe
Intuit notified potentially impacted clients by mail that information contained in a prior year’s tax return or current tax returns in progress including their name, Social Security number, address(es), date of birth, driver’s license number and financial information (e.g., salary and deductions) and information of other individuals contained in the tax return may have been exposed.
How it Could Affect Your Business: Clients expect a high level of information security from companies that they trust with their personal and financial information, and may stop doing business with companies that fail to protect it.
Sol Oriens
https://www.techtimes.com/amp/articles/261472/20210615/revil-hacking-group-s-ransomware-attack-nuclear-weapons-contractor-sol.htmExploit: Ransomware
Sol Oriens: Defense Contractor
Risk to Business: 2.337= Severe
REvil has struck again, this time against a tiny but important target in the defense sector. Sol Oriens, which consults for the US Department of Energy’s National Nuclear Safety Administration, is a 50-person firm based in Albuquerque, New Mexico. Researchers noted finding Sol Oriens documents posted on the dark web, told CNBC that they include invoices for NNSA contracts, descriptions of research and development projects managed by defense and energy contractors dated as recently as 2021
Customers Impacted: Unknown
How it Could Affect Your Business: This seemingly small attack could pack big consequences. Ransomware gangs have been increasingly focused on hitting strategic targets that service major clients.
Volkswagen Group of America
https://www.reuters.com/business/autos-transportation/vw-says-data-breach-vendor-impacted-33-million-people-north-america-2021-06-11/Exploit: Third- Party Data Breach
Volkswagen Group of America: Automotive Manufacturer
Risk to Business: 1.825 = Severe
Volkswagen US has announced that it has suffered a data breach impacting millions of US customers and prospective customers. the car company released information saying that a data breach at a vendor has exposed data on more than 3.3 million buyers and prospective buyers in North America. An unauthorized third party obtained limited personal information about customers and interested buyers from a vendor that its Audi Volkswagen brands and some U.S. and Canadian dealers used for digital sales and marketing.
Risk to Business: 2.213 = Severe
The information was gathered for sales and marketing between 2014 and 2019 and was in an electronic file the vendor left unsecured. According to Volkswagen, the majority of people impacted had phone numbers and email addresses exposed, but some clients had their driver’s license information stolen as well. In some cases, information about a vehicle purchased, leased, or inquired about was also obtained. VW said 90,000 Audi customers and prospective buyers also had sensitive data impacted relating to purchase or lease eligibility. VW said it will offer free credit protection services to those individuals.
How it Could Affect Your Business: Attacks on data processors and other essential service providers have escalated as cybercriminals look for big data scores and information that facilitates more cybercrimes.
New York City Law Department
https://www.nytimes.com/2021/06/07/nyregion/cyberattack-law-department-nyc.html
Exploit: RansomwareNew York City Law Department: Municipal Government Agency
Risk to Business: 1.633 = Severe
The New York City Law Department experienced a cyberattack that impacted its computer systems, forcing it to shut down its technology. The network also had to be disconnected from other city systems for safety. Systems are being restored slowly and the FBI is investigating along with New York police.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks that strike at government and infrastructure targets frequently use ransomware to get the job done, and no matter how big or small, no organization is safe.
Carter’s
https://threatpost.com/baby-clothes-carters-leaks-customer-records/166866/Carter’s: Children’s Clothier
Exploit: Third Party Data Breach
Risk to Business: 2.331 = Severe
In a new disclosure, baby clothing giant Carter’s admitted that it had suffered a data breach through a third-party data processor. This exposed the personal data of hundreds of thousands of its customers over a multiyear period. The service provider, Linc, handled automation for online purposes. The Linc system was used to send customers shortened URLs containing everything from purchase details to tracking information without basic security protections.
Customers Impacted: Unknown
How it Could Affect Your Business: Every business has relationships with other businesses, and every relationship they have creates risk. Protecting companies from supply chain risk is imperative.
Electronic Arts Inc (EA)
https://www.reuters.com/business/hackers-steal-wealth-data-ea-vice-2021-06-10/Exploit: Hacking
Electronic Arts Inc: Game Developer
Risk to Business: 1.355= Extreme
Electronic Arts (EA) has announced that it is investigating a data breach. Cybercriminals stole valuable corporate data from the company including game source code and related tools. Early reports noted that hackers had stolen source codes for the popular title “FIFA 21” and source code and tools for the Frostbite engine. Researchers estimate that 780 gigabytes of data was snatched then advertised for sale on underground hacking forums.
How It Could Affect Your Business: Hackers are always interested in proprietary data and corporate secrets, the 3rd most popular category for theft. They’re easy money in the busy dark web data markets.
Edward Don
Exploit: RansomwareEdward Don: Foodservice Distributor
Risk to Business: 1.816 = Severe
Foodservice equipment distributor Edward Don has been hit by a ransomware attack. The incident has disrupted their business operations, including their phone systems, network and email. As a result, employees have been driven to using personal Gmail accounts to communicate with customers regarding urgent orders or fulfillment issues. The incident is under investigation and full functionality was quickly restored,
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets like this are becoming all too common as ransomware gangs seek to cause maximum buzz for maximum profit.
McDonald’s Corp
https://www.reuters.com/technology/mcdonalds-hit-by-data-breach-south-korea-taiwan-wsj-2021-06-11/Exploit: Ransomware
McDonald’s Corp: Fast Food Chain
Risk to Business: 2.606= Moderate
McDonald’s Corp. said hackers exposed US business information and some customer data in South Korea and Taiwan. The attackers accessed e-mails, phone numbers and delivery addresses. The company reported that it had hired external consultants to investigate unauthorized activity on an internal security system, prompted by a specific incident in which the unauthorized access was cut off a week after it was identified. The announcement noted that the burger chain does not believe any customer payment data was stolen but cautioned that there may be employee data exposed.
Customers Impacted: Unknown
How it Could Affect Your Business: Cyberattacks that focus on obtaining corporate or business data are increasingly troubling because each one adds more sensitive data to the dark web that can be used against
Intuit
https://www.bleepingcomputer.com/news/security/intuit-notifies-customers-of-compromised-turbotax-accounts/Exploit: Account Takeover (ATO)
Intuit: Financial Software Developer
Risk to Business: 1.612= Severe
Accounting software giant Intuit has notified customers that they have suffered a breach. The company warned users of TurboTax that their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks. Intuit announced that the threat actors used credentials (usernames and passwords) obtained from “a non-Intuit source” to gain access to the accounts.
Risk to Business: 1.832= Severe
Intuit notified potentially impacted clients by mail that information contained in a prior year’s tax return or current tax returns in progress including their name, Social Security number, address(es), date of birth, driver’s license number and financial information (e.g., salary and deductions) and information of other individuals contained in the tax return may have been exposed.
How it Could Affect Your Business: Clients expect a high level of information security from companies that they trust with their personal and financial information, and may stop doing business with companies that fail to protect it.
Sol Oriens
https://www.techtimes.com/amp/articles/261472/20210615/revil-hacking-group-s-ransomware-attack-nuclear-weapons-contractor-sol.htmExploit: Ransomware
Sol Oriens: Defense Contractor
Risk to Business: 2.337= Severe
REvil has struck again, this time against a tiny but important target in the defense sector. Sol Oriens, which consults for the US Department of Energy’s National Nuclear Safety Administration, is a 50-person firm based in Albuquerque, New Mexico. Researchers noted finding Sol Oriens documents posted on the dark web, told CNBC that they include invoices for NNSA contracts, descriptions of research and development projects managed by defense and energy contractors dated as recently as 2021
Customers Impacted: Unknown
How it Could Affect Your Business: This seemingly small attack could pack big consequences. Ransomware gangs have been increasingly focused on hitting strategic targets that service major clients.
Volkswagen Group of America
https://www.reuters.com/business/autos-transportation/vw-says-data-breach-vendor-impacted-33-million-people-north-america-2021-06-11/Exploit: Third- Party Data Breach
Volkswagen Group of America: Automotive Manufacturer
Risk to Business: 1.825 = Severe
Volkswagen US has announced that it has suffered a data breach impacting millions of US customers and prospective customers. the car company released information saying that a data breach at a vendor has exposed data on more than 3.3 million buyers and prospective buyers in North America. An unauthorized third party obtained limited personal information about customers and interested buyers from a vendor that its Audi Volkswagen brands and some U.S. and Canadian dealers used for digital sales and marketing.
Risk to Business: 2.213 = Severe
The information was gathered for sales and marketing between 2014 and 2019 and was in an electronic file the vendor left unsecured. According to Volkswagen, the majority of people impacted had phone numbers and email addresses exposed, but some clients had their driver’s license information stolen as well. In some cases, information about a vehicle purchased, leased, or inquired about was also obtained. VW said 90,000 Audi customers and prospective buyers also had sensitive data impacted relating to purchase or lease eligibility. VW said it will offer free credit protection services to those individuals.
How it Could Affect Your Business: Attacks on data processors and other essential service providers have escalated as cybercriminals look for big data scores and information that facilitates more cybercrimes.
New York City Law Department
https://www.nytimes.com/2021/06/07/nyregion/cyberattack-law-department-nyc.html
Exploit: RansomwareNew York City Law Department: Municipal Government Agency
Risk to Business: 1.633 = Severe
The New York City Law Department experienced a cyberattack that impacted its computer systems, forcing it to shut down its technology. The network also had to be disconnected from other city systems for safety. Systems are being restored slowly and the FBI is investigating along with New York police.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks that strike at government and infrastructure targets frequently use ransomware to get the job done, and no matter how big or small, no organization is safe.
Carter’s
https://threatpost.com/baby-clothes-carters-leaks-customer-records/166866/Carter’s: Children’s Clothier
Exploit: Third Party Data Breach
Risk to Business: 2.331 = Severe
In a new disclosure, baby clothing giant Carter’s admitted that it had suffered a data breach through a third-party data processor. This exposed the personal data of hundreds of thousands of its customers over a multiyear period. The service provider, Linc, handled automation for online purposes. The Linc system was used to send customers shortened URLs containing everything from purchase details to tracking information without basic security protections.
Customers Impacted: Unknown
How it Could Affect Your Business: Every business has relationships with other businesses, and every relationship they have creates risk. Protecting companies from supply chain risk is imperative.
United States iConstituent
https://www.nbcnews.com/politics/congress/house-communications-vendor-compromised-ransomware-attack-n1269934Exploit: Ransomware
IConstituent: Communications Services
Risk to Business: 1.655= Severe
A major service provider to members of the US House of Representatives is recovering from a ransomware incident that has left Members scrambling. iConstituent provides constituent communications services for House offices including facilitating Member emails and newsletters. The House Chief Administrative Officer (CAO) is coordinating a response with iConstituent, and the CAO has announced that no other House data or systems have been compromised.
How It Could Affect Your Business: Ransomware against service providers has been a hot profit center for cybercriminals and they’re not letting up on potentially vulnerable targets.
United States – Cox Media Group
https://therecord.media/live-streams-go-down-across-cox-radio-tv-stations-in-apparent-ransomware-attack/Exploit: Ransomware
Cox Media Group: TV & Radio Station Operator
Risk to Business: 1.227= Extreme
A number of TV and radio stations around the US went dark briefly after a suspected ransomware attack on parent company Cox Media Group. Stations impacted included News9, WSOC, WSB, WPXI, KOKI, and almost all Cox radio stations. The Cox Media Group owns 57 radio and TV stations across 20 US markets. Internal networks and live streaming capabilities for other Cox media properties, such as web streams and mobile apps, were also impacted in the June 35r event. Service was quickly restored and the event is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets like this are becoming all too common as ransomware gangs seek to cause maximum buzz for maximum profit.
United States – Navistar International Corporation
https://www.reuters.com/technology/us-truck-maker-navistar-says-aware-it-breach-2021-06-07/Exploit: Ransomware
Navistar International Corporation: Specialty Vehicle Manufacturer
Risk to Business: 2.812= Moderate
Truck manufacturer Navistar International has notified the Securities and Exchange Commission (SEC) that they’ve fallen prey to a ransomware attack. Navistar makes trucks, buses and diesel engines, while its Navistar Defense subsidiary produces several US military vehicles. The company confirmed that there was data exfiltration in the suspected ransomware attack, but no details have been made available regarding the nature of that data.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.
United States – New York Metropolitan Transit Authority (M.T.A.)
https://www.nytimes.com/2021/06/02/nyregion/mta-cyber-attack.html
Exploit: Nation-State hackingNew York Metropolitan Transit Authority (M.T.A.): Regional Transport Operator
Risk to Business: 2.812= Moderate
Officials at NY M.T.A released information that their system had been the target of a cyberattack by a hacking group believed to have links to the Chinese government. According to the report, nation-state actors penetrated the Metropolitan Transportation Authority’s computer systems in April. The investigation has concluded and NY M.T.A. was able to confirm that no sensitive data or rider data was impacted.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.
United States – LineStar Integrity Services
https://www.wired.com/story/linestar-pipeline-ransomware-leak/Exploit: Ransomware
LineStar Integrity Services: Pipeline Technology Services
Risk to Business: 2.522= Severe
Cybersecurity researchers discovered that pipeline technology provider LineStar Integrity was hit in a ransomware incident at approximately the same time as Colonial Pipeline resulting in 70+GB of company data finding a new home on the dark web. LineStar Integrity Services sells auditing, compliance, maintenance, and technology services to pipeline customers and is based in Houston, TX.
Customers Impacted: Unknown
How it Could Affect Your Business: Increasing frequency off cyberattacks on service providers show that cybercriminals are taking every chance to strike against linchpins of business services.
United Kingdom – Furniture Village
https://www.theregister.com/2021/06/04/furniture_village_confirms_cyberattack/Exploit: Hacking
Furniture Village: Home Goods Retailer
Risk to Business: 1.115 = Extreme
UK home goods giant Furniture Village has confirmed that it has been suffering the impact of an unnamed cyberattack. For the past week, the company’s internal systems, as well as some customer-facing systems, have been experiencing outages. The company stated that no data appears to have been stolen. Impacted systems include included delivery systems, phone systems, and payment mechanisms.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks on older systems are often easy money for cybercriminals looking for data to sell with a low overhead and fast turnaround time.
Australia – New South Wales Health (NSW Health)
https://www.zdnet.com/article/nsw-health-confirms-data-breached-due-to-accellion-vulnerability/Exploit: Third-Party Data Breach
New South Wales Health (NSW Health): Regional Healthcare Agency
Risk to Business: 1.616 = Severe
New South Wales Health has confirmed that it is the latest organization impacted by the major cyberattack on the file transfer system owned by medical data services provider Accellion last month. The state entity said that no medical records maintained in public hospitals were affected. The agency has begun notifying people whose data may have been accessed. NSW Health has upgraded its technology to avoid future problems.
Individual Risk: 1.616 = Severe
New South Wales Health disclosed that identity information and health-related personal information were exposed for some patients. The agency is in the process of contacting people who have been impacted.
How it Could Affect Your Business: Attacks on major data processors like this puts many businesses at risk. Cybercriminals are hungry for saleable information and these places are treasure troves.
Japan – Fulifilm
https://www.bleepingcomputer.com/news/security/fujifilm-confirms-ransomware-attack-disrupted-business-operations/Exploit: Ransomware
Fujifilm: Film & Photo Technology Developer
Risk to Business: 1.922 = Severe
Legendary Japanese film technology company Fujifilm announced that it has been the victim of a ransomware attack that has impacted its operations. The purported ransomware attack led to a network outage that impacted access to email for employees, billings system and a problem reporting system. Experts believe that this attack was carried out with REvil technology. Investigation and recovery have begun and many systems have been fully restored.
Customers Impacted: Unknown
How it Could Affect Your Business: Business disruptions from ransomware attacks can be costly even if no business or customer data is stolen, and extra costs for recovery can add up.
United States iConstituent
https://www.nbcnews.com/politics/congress/house-communications-vendor-compromised-ransomware-attack-n1269934Exploit: Ransomware
IConstituent: Communications Services
Risk to Business: 1.655= Severe
A major service provider to members of the US House of Representatives is recovering from a ransomware incident that has left Members scrambling. iConstituent provides constituent communications services for House offices including facilitating Member emails and newsletters. The House Chief Administrative Officer (CAO) is coordinating a response with iConstituent, and the CAO has announced that no other House data or systems have been compromised.
How It Could Affect Your Business: Ransomware against service providers has been a hot profit center for cybercriminals and they’re not letting up on potentially vulnerable targets.
United States – Cox Media Group
https://therecord.media/live-streams-go-down-across-cox-radio-tv-stations-in-apparent-ransomware-attack/Exploit: Ransomware
Cox Media Group: TV & Radio Station Operator
Risk to Business: 1.227= Extreme
A number of TV and radio stations around the US went dark briefly after a suspected ransomware attack on parent company Cox Media Group. Stations impacted included News9, WSOC, WSB, WPXI, KOKI, and almost all Cox radio stations. The Cox Media Group owns 57 radio and TV stations across 20 US markets. Internal networks and live streaming capabilities for other Cox media properties, such as web streams and mobile apps, were also impacted in the June 35r event. Service was quickly restored and the event is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against strategic targets like this are becoming all too common as ransomware gangs seek to cause maximum buzz for maximum profit.
United States – Navistar International Corporation
https://www.reuters.com/technology/us-truck-maker-navistar-says-aware-it-breach-2021-06-07/Exploit: Ransomware
Navistar International Corporation: Specialty Vehicle Manufacturer
Risk to Business: 2.812= Moderate
Truck manufacturer Navistar International has notified the Securities and Exchange Commission (SEC) that they’ve fallen prey to a ransomware attack. Navistar makes trucks, buses and diesel engines, while its Navistar Defense subsidiary produces several US military vehicles. The company confirmed that there was data exfiltration in the suspected ransomware attack, but no details have been made available regarding the nature of that data.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.
United States – New York Metropolitan Transit Authority (M.T.A.)
https://www.nytimes.com/2021/06/02/nyregion/mta-cyber-attack.html
Exploit: Nation-State hackingNew York Metropolitan Transit Authority (M.T.A.): Regional Transport Operator
Risk to Business: 2.812= Moderate
Officials at NY M.T.A released information that their system had been the target of a cyberattack by a hacking group believed to have links to the Chinese government. According to the report, nation-state actors penetrated the Metropolitan Transportation Authority’s computer systems in April. The investigation has concluded and NY M.T.A. was able to confirm that no sensitive data or rider data was impacted.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.
United States – LineStar Integrity Services
https://www.wired.com/story/linestar-pipeline-ransomware-leak/Exploit: Ransomware
LineStar Integrity Services: Pipeline Technology Services
Risk to Business: 2.522= Severe
Cybersecurity researchers discovered that pipeline technology provider LineStar Integrity was hit in a ransomware incident at approximately the same time as Colonial Pipeline resulting in 70+GB of company data finding a new home on the dark web. LineStar Integrity Services sells auditing, compliance, maintenance, and technology services to pipeline customers and is based in Houston, TX.
Customers Impacted: Unknown
How it Could Affect Your Business: Increasing frequency off cyberattacks on service providers show that cybercriminals are taking every chance to strike against linchpins of business services.
United Kingdom – Furniture Village
https://www.theregister.com/2021/06/04/furniture_village_confirms_cyberattack/Exploit: Hacking
Furniture Village: Home Goods Retailer
Risk to Business: 1.115 = Extreme
UK home goods giant Furniture Village has confirmed that it has been suffering the impact of an unnamed cyberattack. For the past week, the company’s internal systems, as well as some customer-facing systems, have been experiencing outages. The company stated that no data appears to have been stolen. Impacted systems include included delivery systems, phone systems, and payment mechanisms.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks on older systems are often easy money for cybercriminals looking for data to sell with a low overhead and fast turnaround time.
Australia – New South Wales Health (NSW Health)
https://www.zdnet.com/article/nsw-health-confirms-data-breached-due-to-accellion-vulnerability/Exploit: Third-Party Data Breach
New South Wales Health (NSW Health): Regional Healthcare Agency
Risk to Business: 1.616 = Severe
New South Wales Health has confirmed that it is the latest organization impacted by the major cyberattack on the file transfer system owned by medical data services provider Accellion last month. The state entity said that no medical records maintained in public hospitals were affected. The agency has begun notifying people whose data may have been accessed. NSW Health has upgraded its technology to avoid future problems.
Individual Risk: 1.616 = Severe
New South Wales Health disclosed that identity information and health-related personal information were exposed for some patients. The agency is in the process of contacting people who have been impacted.
How it Could Affect Your Business: Attacks on major data processors like this puts many businesses at risk. Cybercriminals are hungry for saleable information and these places are treasure troves.
Japan – Fulifilm
https://www.bleepingcomputer.com/news/security/fujifilm-confirms-ransomware-attack-disrupted-business-operations/Exploit: Ransomware
Fujifilm: Film & Photo Technology Developer
Risk to Business: 1.922 = Severe
Legendary Japanese film technology company Fujifilm announced that it has been the victim of a ransomware attack that has impacted its operations. The purported ransomware attack led to a network outage that impacted access to email for employees, billings system and a problem reporting system. Experts believe that this attack was carried out with REvil technology. Investigation and recovery have begun and many systems have been fully restored.
Customers Impacted: Unknown
How it Could Affect Your Business: Business disruptions from ransomware attacks can be costly even if no business or customer data is stolen, and extra costs for recovery can add up.
United States – DailyQuiz
https://therecord.media/8-3-million-plaintext-passwords-exposed-in-dailyquiz-data-breach/Exploit: Hacking
DailyQuiz: Entertainment App
Risk to Business: 1.655= Severe
The personal details of 13 million DailyQuiz users have been leaked online after a hacker breached the app developer’s database. Millions of user passwords were stored in that database unsafely in a plain text format and were subsequently stolen. Researchers recently discovered that the DailyQuiz database was up for sale in dark web data markets.
Individual Risk: 2.711= Moderate
Users should be aware that their passwords have been compromised and change any accounts that share that password as well as updating their DailyQuiz accounts.
How It Could Affect Your Business: Weak password storage is symptomatic of low cybersecurity safety standards and shows clients that you don’t take their data privacy seriously.
United States – Rehoboth McKinley Christian Health Care Services (RMCHCS)
https://portswigger.net/daily-swig/us-healthcare-non-profit-reports-data-breach-impacting-200-000-patients-employeesExploit: Hacking
Rehoboth McKinley Christian Health Care Services (RMCHCS): Health Non-Profit
Risk to Business: 1.833= Severe
Rehoboth McKinley Christian Health Care Services (RMCHCS) has reported a data breach reported caused by improper access to data impacting around 200,000 patients and employees. RMCHCS operates a 60-bed acute care hospital and four clinics providing emergency care, cancer care, and hospice and pediatric services in Arizona and New Mexico. The company did not say how the data was improperly accessed.
Risk to Business: 1.833= Severe
RMCHCS states that the breached material includes names, dates of birth, postal addresses, telephone numbers, and email addresses, as well as Social Security, driver’s license, passport and (for Native Americans) tribal ID numbers. Healthcare-specific details of patient care were also involved, but it’s not consistent across accounts. Healthcare data potentially impacted may include medical record numbers, dates of service and healthcare provider names; prescription, treatment, and diagnosis information; and billing and claims information, including financial account information.
How it Could Affect Your Business: Data theft is always a problem, but theft of medical data is a disaster for healthcare orgs that will have to pay major fines for security failures.
United States – Bose
https://www.hackread.com/logistics-giant-leaks-data-lolz-when-alerted/Exploit: Ransomware
Bose: Audio Equipment Maker
Risk to Business: 2.812= Moderate
Audio manufacturing titan Bose disclosed a data breach following a ransomware attack that hit the company’s systems in early March. In a regulatory filing, the company explained that a small amount of employee data had been potentially exposed as had several unnamed spreadsheets. No customer or other proprietary data was reported as compromised but the investigation is still ongoing.
Risk to Business: 2.812= Moderate
According to the company, a very small amount of employee personally identifying data and payroll data was compromised. Current and former employees should be alert to spear phishing and identity theft.
How it Could Affect Your Business: Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.
United States – JBS SA
https://www.cnn.com/2021/06/01/tech/jbs-usa-cyberattack-meat-producer/index.htmlExploit: Ransomware
JBS SA: Meat Processor
Risk to Business: 1.221 = Extreme
International meat supplier JBS SA has been hit by a ransomware attack. The world’s largest meat producer, Brazil-based JBS has operations in 15 countries and serves customers worldwide including the US, Australia and Canada. The company is in contact with federal officials and has brought in a “top firm” to investigate and remediate the incident which is potentially tied to nation-state cybercrime. JBS stated that the attack only impacts some supplier transactions and no data was stolen.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is the preferred weapon of cybercriminals, especially of the nation-state variety, for its potential for business disruption without even stealing data.
Canada – Canada Post
https://globalnews.ca/news/7894760/canada-post-data-breach/Exploit: Third Party Data Breach
Canada Post: Postal Service
Risk to Business: 1.882 = Severe
A supplier’s malware attack is responsible for a nasty data breach at Canada Post affecting 44 of the company’s large business clients and their 950,000 receiving customers. The exposure comes from Commport Communications, an electronic data interchange (EDI) solution supplier that manages shipping data for business customers, informed Canada Post that address data associated with some of their customers had been compromised in May 2021. Canada Post has announced that only shipping information pertaining to less than 50 corporate customers was involved.
Customers Impacted: 44 companies and an estimated 950,000 individual addresses
How it Could Affect Your Business: Third-party and supply chain data breaches like this one are becoming all too common as clever cybercriminals go for data-rich targets – and the problem will only get worse thanks to booming dark web data markets.
Australia – TPG Telecom
https://www.zdnet.com/article/a-pair-of-tpg-trustedcloud-customers-were-breached/Exploit: Hacking
TPG Telecom: Communications Technology
Risk to Business: 1.115 = Extreme
TPG Telecom has announced that it had the data of two unnamed large customers improperly accessed on its legacy TrustedCloud hosting service. It added it did not believe any other customers were impacted by the breach. The service was part of a 2011 acquisition by the telecom and is set to be decommissioned in August 2021. An investigation is underway and authorities have been informed.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks on older systems are often easy money for cybercriminals looking for data to sell with a low overhead and fast turnaround time.
Japan – Net Marketing Co.
https://www.japantimes.co.jp/news/2021/05/22/business/tech/omiai-dating-app-hack-japan/Exploit: Hacking
Net Marketing Co.: App Creator
Risk to Business: 1.922 = Severe
Japanese app company Net Marketing Co. said Friday that the personal data of 1.71 million users of one of its apps has been compromised in a hacking incident. The company is the operator of the popular dating app Omiai. Net Marketing said that Omiai customer information provided to the company between January 2018 and last month has been accessed on more than one occasion by unauthorized parties and PII on users may have been stolen.
Individual Risk: 1.942 = Severe
The company notes that assorted user data, including names, identity cards, addresses, email addresses and face photos, was likely leaked due to unauthorized access to its server. Customers that use the Omiai app should be cautious for spear phishing and identity theft risk.
How it Could Affect Your Business: Personal data like this is a hot commodity in booming dark web data markets. Failing to protect it adequately makes it catnip for cybercriminals.
United States – DailyQuiz
https://therecord.media/8-3-million-plaintext-passwords-exposed-in-dailyquiz-data-breach/Exploit: Hacking
DailyQuiz: Entertainment App
Risk to Business: 1.655= Severe
The personal details of 13 million DailyQuiz users have been leaked online after a hacker breached the app developer’s database. Millions of user passwords were stored in that database unsafely in a plain text format and were subsequently stolen. Researchers recently discovered that the DailyQuiz database was up for sale in dark web data markets.
Individual Risk: 2.711= Moderate
Users should be aware that their passwords have been compromised and change any accounts that share that password as well as updating their DailyQuiz accounts.
How It Could Affect Your Business: Weak password storage is symptomatic of low cybersecurity safety standards and shows clients that you don’t take their data privacy seriously.
United States – Rehoboth McKinley Christian Health Care Services (RMCHCS)
https://portswigger.net/daily-swig/us-healthcare-non-profit-reports-data-breach-impacting-200-000-patients-employeesExploit: Hacking
Rehoboth McKinley Christian Health Care Services (RMCHCS): Health Non-Profit
Risk to Business: 1.833= Severe
Rehoboth McKinley Christian Health Care Services (RMCHCS) has reported a data breach reported caused by improper access to data impacting around 200,000 patients and employees. RMCHCS operates a 60-bed acute care hospital and four clinics providing emergency care, cancer care, and hospice and pediatric services in Arizona and New Mexico. The company did not say how the data was improperly accessed.
Risk to Business: 1.833= Severe
RMCHCS states that the breached material includes names, dates of birth, postal addresses, telephone numbers, and email addresses, as well as Social Security, driver’s license, passport and (for Native Americans) tribal ID numbers. Healthcare-specific details of patient care were also involved, but it’s not consistent across accounts. Healthcare data potentially impacted may include medical record numbers, dates of service and healthcare provider names; prescription, treatment, and diagnosis information; and billing and claims information, including financial account information.
How it Could Affect Your Business: Data theft is always a problem, but theft of medical data is a disaster for healthcare orgs that will have to pay major fines for security failures.
United States – Bose
https://www.hackread.com/logistics-giant-leaks-data-lolz-when-alerted/Exploit: Ransomware
Bose: Audio Equipment Maker
Risk to Business: 2.812= Moderate
Audio manufacturing titan Bose disclosed a data breach following a ransomware attack that hit the company’s systems in early March. In a regulatory filing, the company explained that a small amount of employee data had been potentially exposed as had several unnamed spreadsheets. No customer or other proprietary data was reported as compromised but the investigation is still ongoing.
Risk to Business: 2.812= Moderate
According to the company, a very small amount of employee personally identifying data and payroll data was compromised. Current and former employees should be alert to spear phishing and identity theft.
How it Could Affect Your Business: Ransomware is evolving, meaning every incident stands a chance of containing an even harder to stop new variant that could do lasting damage.
United States – JBS SA
https://www.cnn.com/2021/06/01/tech/jbs-usa-cyberattack-meat-producer/index.htmlExploit: Ransomware
JBS SA: Meat Processor
Risk to Business: 1.221 = Extreme
International meat supplier JBS SA has been hit by a ransomware attack. The world’s largest meat producer, Brazil-based JBS has operations in 15 countries and serves customers worldwide including the US, Australia and Canada. The company is in contact with federal officials and has brought in a “top firm” to investigate and remediate the incident which is potentially tied to nation-state cybercrime. JBS stated that the attack only impacts some supplier transactions and no data was stolen.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is the preferred weapon of cybercriminals, especially of the nation-state variety, for its potential for business disruption without even stealing data.
Canada – Canada Post
https://globalnews.ca/news/7894760/canada-post-data-breach/Exploit: Third Party Data Breach
Canada Post: Postal Service
Risk to Business: 1.882 = Severe
A supplier’s malware attack is responsible for a nasty data breach at Canada Post affecting 44 of the company’s large business clients and their 950,000 receiving customers. The exposure comes from Commport Communications, an electronic data interchange (EDI) solution supplier that manages shipping data for business customers, informed Canada Post that address data associated with some of their customers had been compromised in May 2021. Canada Post has announced that only shipping information pertaining to less than 50 corporate customers was involved.
Customers Impacted: 44 companies and an estimated 950,000 individual addresses
How it Could Affect Your Business: Third-party and supply chain data breaches like this one are becoming all too common as clever cybercriminals go for data-rich targets – and the problem will only get worse thanks to booming dark web data markets.
Australia – TPG Telecom
https://www.zdnet.com/article/a-pair-of-tpg-trustedcloud-customers-were-breached/Exploit: Hacking
TPG Telecom: Communications Technology
Risk to Business: 1.115 = Extreme
TPG Telecom has announced that it had the data of two unnamed large customers improperly accessed on its legacy TrustedCloud hosting service. It added it did not believe any other customers were impacted by the breach. The service was part of a 2011 acquisition by the telecom and is set to be decommissioned in August 2021. An investigation is underway and authorities have been informed.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks on older systems are often easy money for cybercriminals looking for data to sell with a low overhead and fast turnaround time.
Japan – Net Marketing Co.
https://www.japantimes.co.jp/news/2021/05/22/business/tech/omiai-dating-app-hack-japan/Exploit: Hacking
Net Marketing Co.: App Creator
Risk to Business: 1.922 = Severe
Japanese app company Net Marketing Co. said Friday that the personal data of 1.71 million users of one of its apps has been compromised in a hacking incident. The company is the operator of the popular dating app Omiai. Net Marketing said that Omiai customer information provided to the company between January 2018 and last month has been accessed on more than one occasion by unauthorized parties and PII on users may have been stolen.
Individual Risk: 1.942 = Severe
The company notes that assorted user data, including names, identity cards, addresses, email addresses and face photos, was likely leaked due to unauthorized access to its server. Customers that use the Omiai app should be cautious for spear phishing and identity theft risk.
How it Could Affect Your Business: Personal data like this is a hot commodity in booming dark web data markets. Failing to protect it adequately makes it catnip for cybercriminals.
Small and Medium Businesses (SMBs) usually invest less in cybersecurity, making them easier targets for cybercriminals. Close to 30% of businesses experience a cyberattack at least once per week.1
The need for constant vigilance and defense against hackers has led many SMBs to complicate cybersecurity matters. Though the percentage of businesses that have adopted formal, business-wide incident response plans has increased from 18% in 2015 to 26% in 2020, the ability to contain an actual attack dropped by 13%.2 This is because: (1) businesses do not consistently test threat-readiness of incident response plans and (2) many of them use too many security products that hamper the ability to identify and respond to a cyberattack.
It is here where a cyber resilience strategy can help organizations protect uptime and recover from incidents faster. Some people use the terms cybersecurity and cyber resilience simultaneously, but the meanings are different.
While cybersecurity primarily aims at blocking nefarious cyber players from attacking your network, cyber resilience is more about planning, defending, responding to and recovering quickly from a cyberattack. Endpoint protection, email security, network security, backup and data recovery, identity and access management and a host of other critical solutions together fuel a comprehensive cyber resilience strategy.
Your business is cyber resilient when:
Article curated and used by permission.Sources:
The need for constant vigilance and defense against hackers has led many SMBs to complicate cybersecurity matters. Though the percentage of businesses that have adopted formal, business-wide incident response plans has increased from 18% in 2015 to 26% in 2020, the ability to contain an actual attack dropped by 13%.2 This is because: (1) businesses do not consistently test threat-readiness of incident response plans and (2) many of them use too many security products that hamper the ability to identify and respond to a cyberattack.
It is here where a cyber resilience strategy can help organizations protect uptime and recover from incidents faster. Some people use the terms cybersecurity and cyber resilience simultaneously, but the meanings are different.
While cybersecurity primarily aims at blocking nefarious cyber players from attacking your network, cyber resilience is more about planning, defending, responding to and recovering quickly from a cyberattack. Endpoint protection, email security, network security, backup and data recovery, identity and access management and a host of other critical solutions together fuel a comprehensive cyber resilience strategy.
Arm Your Business with Cyber Resilience
The cyberthreat landscape is evolving at lightning speed and traditional security measures cannot keep up with it. Experts have predicted that a ransomware attack will occur every 11 seconds in 2021.3 The only way forward for businesses, including yours, is to draft a cyber resilience strategy that highlights ways to move forward in the face of a cyberattack.Your business is cyber resilient when:
- You’ve implemented measures to guard against cyberattacks
- Proper risk control measures for data protection get deployed
- Hackers cannot severely disrupt business operation during or after an attack
- Threat protection
- Adaptability
- Recoverability
- Durability
5 Ways Cyber Resilience Protects SMBs
Adopting cyber resilience proves beneficial before, during and after cyberattacks. Five ways cyber resilience protects SMBs:- Enhances system security, work culture and internal processes
- Maintains business continuity
- Reduces financial loss
- Meets regulatory and insurance requirements
- Boosts company reputation
Don’t worry if the concept of cyber resilience is tough to crack. We can guide your business to and through cyber resilience. Start with an assessment to check your business’ cyber resilience level. Contact us now!
Article curated and used by permission.
Sources:
1.Infosecurity Magazine
2. The 2020 Cyber Resilient Organization Study
3. JD Supra Knowledge Center
Small and Medium Businesses (SMBs) usually invest less in cybersecurity, making them easier targets for cybercriminals. Close to 30% of businesses experience a cyberattack at least once per week.1 The need for constant vigilance and defense against hackers has led many SMBs to complicate cybersecurity matters. Though the percentage of businesses that have adopted formal, business-wide incident response plans has increased from 18% in 2015 to 26% in 2020, the ability to contain an actual attack dropped by 13%.2 This is because: (1) businesses do not consistently test threat-readiness of incident response plans and (2) many of them use too many security products that hamper the ability to identify and respond to a cyberattack.
It is here where a cyber resilience strategy can help organizations protect uptime and recover from incidents faster. Some people use the terms cybersecurity and cyber resilience simultaneously, but the meanings are different.
While cybersecurity primarily aims at blocking nefarious cyber players from attacking your network, cyber resilience is more about planning, defending, responding to and recovering quickly from a cyberattack. Endpoint protection, email security, network security, backup and data recovery, identity and access management and a host of other critical solutions together fuel a comprehensive cyber resilience strategy.
Arm Your Business with Cyber Resilience
The cyberthreat landscape is evolving at lightning speed and traditional security measures cannot keep up with it. Experts have predicted that a ransomware attack will occur every 11 seconds in 2021.3 The only way forward for businesses, including yours, is to draft a cyber resilience strategy that highlights ways to move forward in the face of a cyberattack.
Your business is cyber resilient when:- You’ve implemented measures to guard against cyberattacks
- Proper risk control measures for data protection get deployed
- Hackers cannot severely disrupt business operation during or after an attack
- Threat protection
- Adaptability
- Recoverability
- Durability
5 Ways Cyber Resilience Protects SMBs
Adopting cyber resilience proves beneficial before, during and after cyberattacks. Five ways cyber resilience protects SMBs:
- Enhances system security, work culture and internal processes
- Maintains business continuity
- Reduces financial loss
- Meets regulatory and insurance requirements
- Boosts company reputation
Don’t worry if the concept of cyber resilience is tough to crack. We can guide your business to and through cyber resilience. Start with an assessment to check your business’ cyber resilience level. Contact us now!
Article curated and used by permission.
Sources: 1.Infosecurity Magazine 2. The 2020 Cyber Resilient Organization Study 3. JD Supra Knowledge Center
With the cyberthreat landscape getting more complicated with every passing minute, cybersecurity deserves more attention than ever before. Fully trusting applications, interfaces, networks, devices, traffic and users without authentication is no longer an option. Misjudging and misplacing your trust in a malicious entity can lead to severe breaches that can damage your business. Zero Trust Security practices, however, can go a long way towards helping small and medium-sized businesses (SMBs) minimize cybersecurity risks and prevent data breaches.
Zero Trust was introduced in 2010 by John Kindervag, a former Forrester analyst. The concept has since gained wide acclaim and approval as a trusted framework for cybersecurity. The Zero Trust approach trusts nothing within or outside its perimeter and insists on verifying everything attempting to connect to the company systems before granting access. In simple terms, the National Institute of Standards and Technology (NIST) refers to it as a “never trust, always verify” approach.
Implementing Zero Trust Security within your business can help guard against data breaches, downtime, productivity loss, customer churn and reputation damage. Over 70% of businesses planned for the deployment of Zero Trust in 2020 and it is even more critical for SMBs in an era where workforces and networks are becoming heavily distributed.1
If you’re not equipped with a solid defense against cyberthreats, you may regret it later when a breach happens. Chances are your current approach to cybersecurity falls short of stopping cybercriminals from accessing your network. The Zero Trust approach can change all that.
Adopting Zero Trust Security within your business does not mean you throw away your existing security tools and technologies. In fact, according to NIST, Zero Trust Security must incorporate existing security tools and technologies more systematically.
Build an effective Zero Trust model that encompasses governance policies—like giving users only the access needed to complete their tasks—and technologies such as:
Taking your business down the path of Zero Trust may not be easy, but it’s certainly achievable and well worth it. Don’t worry about where and how to begin. With the right MSP partner by your side, your journey becomes easier and more successful. Contact us to get started.
Article curated and used by permission.
Source:
Zero Trust was introduced in 2010 by John Kindervag, a former Forrester analyst. The concept has since gained wide acclaim and approval as a trusted framework for cybersecurity. The Zero Trust approach trusts nothing within or outside its perimeter and insists on verifying everything attempting to connect to the company systems before granting access. In simple terms, the National Institute of Standards and Technology (NIST) refers to it as a “never trust, always verify” approach.
Implementing Zero Trust Security within your business can help guard against data breaches, downtime, productivity loss, customer churn and reputation damage. Over 70% of businesses planned for the deployment of Zero Trust in 2020 and it is even more critical for SMBs in an era where workforces and networks are becoming heavily distributed.1
Three Misconceptions and Facts About Zero Trust Security
Misconception: Zero Trust Security is only for enterprises.
Misconception: Zero Trust Security is too complex.
Misconception: The cost of implementing Zero Trust is too high.
Still Not Convinced?
Let’s look at a few statistics that should convince you of the seriousness of today’s cyberthreat landscape as well as the need for a Zero Trust approach:- Human error causes close to 25% of data breaches.2
- Experts predict that ransomware attacks will occur every 11 seconds in 2021.3
- Over 40% of employees are expected to work from home post-pandemic.4
- Phishing attacks have increased by over 60% since the pandemic started.5
If you’re not equipped with a solid defense against cyberthreats, you may regret it later when a breach happens. Chances are your current approach to cybersecurity falls short of stopping cybercriminals from accessing your network. The Zero Trust approach can change all that.
Adopting Zero Trust Security within your business does not mean you throw away your existing security tools and technologies. In fact, according to NIST, Zero Trust Security must incorporate existing security tools and technologies more systematically.
Build an effective Zero Trust model that encompasses governance policies—like giving users only the access needed to complete their tasks—and technologies such as:
- Multifactor authentication
- Identity and access management
- Risk management
- Analytics
- Encryption
- Orchestration
- Scoring
- File-system permissions
Taking your business down the path of Zero Trust may not be easy, but it’s certainly achievable and well worth it. Don’t worry about where and how to begin. With the right MSP partner by your side, your journey becomes easier and more successful. Contact us to get started.
Article curated and used by permission.
Source:
- com
- IBM 2020 Cost of Data Breach Report
- JD SUPRA Knowledge Center
- Gartner Report
- Security Magazine Verizon Data Breach Digest
With the cyberthreat landscape getting more complicated with every passing minute, cybersecurity deserves more attention than ever before. Fully trusting applications, interfaces, networks, devices, traffic and users without authentication is no longer an option. Misjudging and misplacing your trust in a malicious entity can lead to severe breaches that can damage your business. Zero Trust Security practices, however, can go a long way towards helping small and medium-sized businesses (SMBs) minimize cybersecurity risks and prevent data breaches.
Zero Trust was introduced in 2010 by John Kindervag, a former Forrester analyst. The concept has since gained wide acclaim and approval as a trusted framework for cybersecurity. The Zero Trust approach trusts nothing within or outside its perimeter and insists on verifying everything attempting to connect to the company systems before granting access. In simple terms, the National Institute of Standards and Technology (NIST) refers to it as a “never trust, always verify” approach.
Implementing Zero Trust Security within your business can help guard against data breaches, downtime, productivity loss, customer churn and reputation damage. Over 70% of businesses planned for the deployment of Zero Trust in 2020 and it is even more critical for SMBs in an era where workforces and networks are becoming heavily distributed.1
Three Misconceptions and Facts About Zero Trust Security
Misconception: Zero Trust Security is only for enterprises.
Misconception: Zero Trust Security is too complex.
Misconception: The cost of implementing Zero Trust is too high.
Still Not Convinced?
Let’s look at a few statistics that should convince you of the seriousness of today’s cyberthreat landscape as well as the need for a Zero Trust approach:- Human error causes close to 25% of data breaches.2
- Experts predict that ransomware attacks will occur every 11 seconds in 2021.3
- Over 40% of employees are expected to work from home post-pandemic.4
- Phishing attacks have increased by over 60% since the pandemic started.5
If you’re not equipped with a solid defense against cyberthreats, you may regret it later when a breach happens. Chances are your current approach to cybersecurity falls short of stopping cybercriminals from accessing your network. The Zero Trust approach can change all that.
Adopting Zero Trust Security within your business does not mean you throw away your existing security tools and technologies. In fact, according to NIST, Zero Trust Security must incorporate existing security tools and technologies more systematically.
Build an effective Zero Trust model that encompasses governance policies—like giving users only the access needed to complete their tasks—and technologies such as:
- Multifactor authentication
- Identity and access management
- Risk management
- Analytics
- Encryption
- Orchestration
- Scoring
- File-system permissions
Article curated and used by permission. Source:
- com
- IBM 2020 Cost of Data Breach Report
- JD SUPRA Knowledge Center
- Gartner Report
- Security Magazine Verizon Data Breach Digest
Experts estimate that humans produce 2.5 quintillion bytes of data every day.1 That is a lot of information. However, having a poor backup strategy can wipe out all or vast portions of your data in a single click. From accidental deletions and malicious attacks to natural disasters, there are multiple ways by which you can lose your business data. Therefore, make sure a robust backup and disaster recovery (BDR) solution is an integral part of your business.
When you lose crucial data permanently, the consequences can be devastating. Some costly aftereffects of data loss are:
Financial institutions must comply with requirements put forward by:
That said, survival in the hospitality industry can be tough. We live in an era where people check public ratings of a hotel room, even if they only plan on staying just one night. A minor dent in reputation could be an enormous blow to a hospitality business.
All critical data like credit card information and customers’ Personally Identifiable Information (PII) must be handled with care to avoid satisfaction issues and regulatory fines. Hence, backup and disaster recovery are an essential part of hospitality.
Article curated and used by permission.
When you lose crucial data permanently, the consequences can be devastating. Some costly aftereffects of data loss are:
- Productivity Disruptions: Companies hit by an incident face an average of close to 200 hours per year of downtime.2
- Loss of customer trust: One-third of customers end their association with a business following a severe data-loss incident.2
- Regulatory penalties: The penalties may vary based on the regulatory bodies governing your industry, and they can cost millions of dollars.
Healthcare
There can be severe complications when data loss happens in the healthcare industry:- If a patient’s health records go missing when needed, a life-saving surgery could get delayed or denied.
- Without the billing records, a hospital cannot process payments.
- Regulatory bodies like HIPAA slap hefty fines on hospitals for carelessly handling data. HIPAA can impose penalties anywhere between $100 to $50,000 for an individual violation, with a maximum fine of $1.5 million per calendar year of neglect.4
Finance
A robust backup and disaster recovery solution is an important part of any financial institution’s growth and survival.Financial institutions must comply with requirements put forward by:
- Regulations like the Gramm-Leach-Bliley Act (GLBA)
- Financial agency regulatory agencies like the Financial Industry Regulatory Authority (FINRA)
- International regulators such as the Financial Conduct Authority (FCA)
- The Securities and Exchange Commission (SEC)
Hospitality
The information generated in the hospitality industry is in a precarious position. This is because the hospitality industry often invests less in backup and disaster recovery than other industries.That said, survival in the hospitality industry can be tough. We live in an era where people check public ratings of a hotel room, even if they only plan on staying just one night. A minor dent in reputation could be an enormous blow to a hospitality business.
All critical data like credit card information and customers’ Personally Identifiable Information (PII) must be handled with care to avoid satisfaction issues and regulatory fines. Hence, backup and disaster recovery are an essential part of hospitality.
Adopt BDR Before It Is Too Late
Avoiding data loss at any cost is vital for your business to survive and thrive. It is, therefore, highly recommended to have the right BDR provider to maintain control of business-critical data. If you are confused about how to take the first step, do not worry. We are here to help. Our BDR expertise can help your business sail smoothly without being caught in the whirlpool of data loss. Contact us now to learn more.Article curated and used by permission.
Sources:
Techjury.net
IDC Report
IBM Cost of Data Breach Report
National Library of Medicine
Experts estimate that humans produce 2.5 quintillion bytes of data every day.1 That is a lot of information. However, having a poor backup strategy can wipe out all or vast portions of your data in a single click. From accidental deletions and malicious attacks to natural disasters, there are multiple ways by which you can lose your business data. Therefore, make sure a robust backup and disaster recovery (BDR) solution is an integral part of your business.
When you lose crucial data permanently, the consequences can be devastating. Some costly aftereffects of data loss are:
Financial institutions must comply with requirements put forward by:
That said, survival in the hospitality industry can be tough. We live in an era where people check public ratings of a hotel room, even if they only plan on staying just one night. A minor dent in reputation could be an enormous blow to a hospitality business.
All critical data like credit card information and customers’ Personally Identifiable Information (PII) must be handled with care to avoid satisfaction issues and regulatory fines. Hence, backup and disaster recovery are an essential part of hospitality.
Article curated and used by permission.
When you lose crucial data permanently, the consequences can be devastating. Some costly aftereffects of data loss are:
- Productivity Disruptions: Companies hit by an incident face an average of close to 200 hours per year of downtime.2
- Loss of customer trust: One-third of customers end their association with a business following a severe data-loss incident.2
- Regulatory penalties: The penalties may vary based on the regulatory bodies governing your industry, and they can cost millions of dollars.
Healthcare
There can be severe complications when data loss happens in the healthcare industry:- If a patient’s health records go missing when needed, a life-saving surgery could get delayed or denied.
- Without the billing records, a hospital cannot process payments.
- Regulatory bodies like HIPAA slap hefty fines on hospitals for carelessly handling data. HIPAA can impose penalties anywhere between $100 to $50,000 for an individual violation, with a maximum fine of $1.5 million per calendar year of neglect.4
Finance
A robust backup and disaster recovery solution is an important part of any financial institution’s growth and survival.Financial institutions must comply with requirements put forward by:
- Regulations like the Gramm-Leach-Bliley Act (GLBA)
- Financial agency regulatory agencies like the Financial Industry Regulatory Authority (FINRA)
- International regulators such as the Financial Conduct Authority (FCA)
- The Securities and Exchange Commission (SEC)
Hospitality
The information generated in the hospitality industry is in a precarious position. This is because the hospitality industry often invests less in backup and disaster recovery than other industries.That said, survival in the hospitality industry can be tough. We live in an era where people check public ratings of a hotel room, even if they only plan on staying just one night. A minor dent in reputation could be an enormous blow to a hospitality business.
All critical data like credit card information and customers’ Personally Identifiable Information (PII) must be handled with care to avoid satisfaction issues and regulatory fines. Hence, backup and disaster recovery are an essential part of hospitality.
Adopt BDR Before It Is Too Late
Avoiding data loss at any cost is vital for your business to survive and thrive. It is, therefore, highly recommended to have the right BDR provider to maintain control of business-critical data. If you are confused about how to take the first step, do not worry. We are here to help. Our BDR expertise can help your business sail smoothly without being caught in the whirlpool of data loss. Contact us now to learn more.Article curated and used by permission.
Sources:
Techjury.net
IDC Report
IBM Cost of Data Breach Report
National Library of Medicine
United States – Utility Trailer Manufacturing
https://www.freightwaves.com/news/trailer-maker-utility-targeted-in-ransomware-attackExploit: Ransomware
Utility Trailer Manufacturing: Trailer Fabrication
Risk to Business: 1.655= Severe
California-based Utility Trailer Manufacturing was hit by the Clop ransomware gang. As proof of the hit, the gang released 5 gigabytes of data to the dark web this week. The company has not been clear on the impact of the breach beyond saying that client data including payment records were not accessed and manufacturing remains normal.
Individual Risk: 1.507= Severe
While the company is staying mum about the content of the breach, researchers have determined that an extensive amount of sensitive personal data about employees, including payrolls and human resources information was included in the incident after finding it on the dark web. Past and present employees should be alert for identity theft and spear phishing attempts.
How It Could Affect Your Business: A new ransomware attack is launched every 40 seconds, and every business is in the line of fire. Making sure that you have all the bases covered and taking smart precautions like increased security awareness training can help reduce risk.
United States – Alaska Department of Health and Social Services
https://www.govinfosecurity.com/alaska-health-department-services-affected-by-malware-attack-a-16708Exploit: Malware
Alaska Department of Health and Social Services: Regional Human Services Agency
Risk to Business: 1.833= Severe
The Alaska health department’s website was taken offline Monday evening and will be unavailable to the public for an indeterminate amount of time as IT teams work to investigate and recover from a malware attack. COVID-19 immunization and most data dashboards are maintained by an outside contractor and are still operational. The department’s main website, background check system, the state of Alaska’s vital records system, Alaska’s behavioral health and substance abuse management system and the state’s system for schools to report vaccine data to public health have all been impacted.
Customers Impacted: Unknown
How it Could Affect Your Business: Malware that takes important systems offline can seriously impact an organization’s operations, costing a fortune in remediation, investigation and recovery. Government targets have been especially appealing to cybercriminals due to their notoriously weak security.
United States – Bergen Logistics
https://www.hackread.com/logistics-giant-leaks-data-lolz-when-alerted/Exploit: Unsecured Database
Bergen Logistics: Shipping & Fulfillment
Risk to Business: 2.812= Moderate
Security researchers recently discovered an exposed database belonging to Bergen Logistics. The Elasticsearch server contains a trove of 467,979 login credentials and shipment records relevant to the company’s customers. Bergen Logistics handles import/export, picking and packing for clients in the fashion industry. the company also direct ships to customers of online marketplaces and e-commerce stores.
Individual Risk: 2.772= Moderate
The exposed data for customers includes names, addresses, order numbers and details, email and contact information and plaintext passwords to customer accounts. This data could be used for spear phishing attempts.
How it Could Affect Your Business: There are enough ways to suffer a cybersecurity incident without causing them through negligence, even though employee error is still the number one cause of a data breach. Making sure to cover the bases with basics goes a long way toward improving security.
United Kingdom – One Call
https://www.doncasterfreepress.co.uk/news/one-call-cyber-attack-all-you-need-to-know-about-hackers-darkside-and-insurance-boss-john-radford-3244076Exploit: Ransomware
One Call: Insurer
Risk to Business: 1.606 = Severe
Insurer OneCall admitted last week that a ransomware attack disrupted its core IT system and forced it to shut down its servers. The attack was perpetrated by the notorious DarkSide gang, which purportedly went dark after the Colonial Pipeline fiasco. the hackers are demanding a ransom of more than $20k. The company has released no clear information on what data was stolen or how long the investigation and recovery will take, although news outlets are reporting customer and financial data as potentially stolen by the gang.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is the preferred weapon of cybercriminals, especially those in major gangs. Increased security awareness training is a must for every client because it makes organizations up to 70% less likely to experience damaging cybersecurity incidents like this one.
United Kingdom – FastTrack Reflex Recruitment
https://www.hackread.com/uk-recruitment-firm-exposed-applicants-data/Exploit: Misconfiguration
FastTrack Reflex Recruitment: Staffing Firm
Risk to Business: 1.882 = Severe
FastTrack Reflex Recruitment is the latest company to join the ranks of businesses that have had data leaks due to misconfigured AWS S3 buckets. The leaky bucket contained CVs for applicants and also included PII. Experts counted 21,000 client files (including duplicates), equating to 5GB of data,
Individual Risk: 1.780 = Severe
In the bucket, applicant CVs were exposed including attached identity documents like passports, work permits, identity card numbers and similar documents. In many cases, names, addresses, social media profile URLs, contact information DOBs and photos were also exposed
How it Could Affect Your Business: Simple failures in setup like this are a symptom of low standards and a sloppy cybersecurity culture. They’re also a quick way into disaster as this will not only cost money to fix, it will also incur penalties under GDPR and similar legislation.
Ireland – Ardagh Group
https://portswigger.net/daily-swig/packaging-vendor-ardagh-admits-cyber-attack-disrupted-operationsExploit: Ransomware
Ardagh Group: Packaging Manufacturer
Risk to Business: 1.699 = Severe
Glass and metal packaging giant Ardagh Group was snarled in a suspected ransomware attack. The company said that metal and glass packaging facilities remained operational, but the attack has caused shipping delays and interruptions. Investigation and remediation are underway, and the company expects to have everything back online by the end of the month.
Customers Impacted: Unknown
How it Could Affect Your Business: Make sure your clients are taking every possible precaution against ransomware because 61% of organizations worldwide experienced a damaging ransomware incident in 2020.
New Zealand – Waikato District Health Board
https://www.theregister.com/2021/05/19/new_zealand_hospitals_taken_down/Exploit: Ransomware
Waikato District Health Board: Regional Healthcare Agency
Risk to Business: 1.115 = Extreme
Waikato District Health Board (DHB) had most of its IT services go offline Tuesday morning as the result of a suspect Conti ransomware attack, severely impacting services at six of its affiliate hospitals. Only email service has escaped the shutdown. With patient notes inaccessible, clinical services were disrupted and surgeries postponed. Phone lines went down and hospitals were forced to accept urgent patients only, using pencil and paper records. Service disruptions are expected to continue for several days.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks on healthcare targets have been at the top of the cybercriminals playbook since the beginning of the global pandemic, and they represent a threat to public health, not to mention overstressing already burned-out hospital staffers.
India – Air India
https://www.bleepingcomputer.com/news/security/air-india-data-breach-impacts-45-million-customers/Exploit: Third Party Data Breach
Risk to Business: 2.001 = Severe
Air India disclosed a data breach impacting 4.5 million of its customers following the hack of airline passenger service system provider SITA in February 2021. Dozens of airlines around the world had data exposed in that ransomware incident and the fallout is still shaking out. The airline confirmed that the breach involved personal data and credit card information registered between August 2011 and February 2021 by Air India or its subsidiaries.
Risk to Business: 2.113 = Severe
The exposed data is reported to include passenger details like name, date of birth, contact information, passport information, ticket information, Star Alliance, and Air India frequent flyer data as well as credit card numbers.
How it Could Affect Your Business: Third-party and supply chain data breaches like this one are becoming all too common as clever cybercriminals go for data-rich targets – and the problem will only get worse thanks to booming dark web data markets.
India – Domino’s Pizza India
https://ciso.economictimes.indiatimes.com/news/user-info-linked-to-18cr-dominos-orders-leaked/82899181Exploit: Hacking
Domino’s Pizza India: Restaurant Chain
Risk to Business: 1.774 = Severe
Customer and employee information has been exposed in a hacking incident at Domino’s Pizza India. Security researchers discovered 13TB of employee files and customer details exposed on the dark web. The data leak may be connected to another breach of the pizza chain earlier in April. Jubilant FoodWorks, operator of the chain, said that customers’ financial information remains safe.
Risk to Business: 1.671 = Severe
It is unclear what if any payment data was snatched, but personal information for customers including order dates, addresses, names, order invoices and similar data is available. The hackers claim to also have employee data, but that is unconfirmed.
How it Could Affect Your Business: Personal data is the most desirable information for cybercriminals right now, and every company needs to take precautions to keep them out of databases.
Japan – Mercari
https://www.bleepingcomputer.com/news/security/e-commerce-giant-suffers-major-data-breach-in-codecov-incident/Exploit: Supply Chain Data Breach
Mercari: E-commerce Platform
Risk to Business: 1.922 = Severe
In another big supply chain hit this week, Japanese marketplace Mercari has been compromised as a result of the recent Codecov breach. earlier this year, code coverage tool Codecov disclosed that it had been a victim of a supply-chain attack that lasted for two months and allowed cybercriminals to meddle with its popular Bash Uploader, opening hundreds of companies up to risk. Mercari announced that tens of thousands of customer records, including financial information, were exposed to external actors due to the Codecov breach.
Individual Risk: 1.942 = Severe
In the final tally, 17,085 records related to the transfer of sales proceeds to customer accounts were exposed including bank code, branch code, account number, account holder (kana) and transfer amount; 7,966 records on business partners of “Mercari” and “Merpay,” including names, date of birth, affiliation, e-mail address, and other data were exposed. 2,615 records on employees were also impacted including those working for a Mercari subsidiary. The data is comprised of names of some employees as of April 2021, company email address, employee ID, telephone number, date of birth and other PII plus details of past employees, some contractors and employees of external companies who interacted with Mercari.
How it Could Affect Your Business: Third-party data breaches like this one are the future of business. Reliance on outsourced service providers gives cybercriminals an easy way to scoop up data or snatch access credentials for multiple targets in one fell swoop.
United States – Utility Trailer Manufacturing
https://www.freightwaves.com/news/trailer-maker-utility-targeted-in-ransomware-attackExploit: Ransomware
Utility Trailer Manufacturing: Trailer Fabrication
Risk to Business: 1.655= Severe
California-based Utility Trailer Manufacturing was hit by the Clop ransomware gang. As proof of the hit, the gang released 5 gigabytes of data to the dark web this week. The company has not been clear on the impact of the breach beyond saying that client data including payment records were not accessed and manufacturing remains normal.
Individual Risk: 1.507= Severe
While the company is staying mum about the content of the breach, researchers have determined that an extensive amount of sensitive personal data about employees, including payrolls and human resources information was included in the incident after finding it on the dark web. Past and present employees should be alert for identity theft and spear phishing attempts.
How It Could Affect Your Business: A new ransomware attack is launched every 40 seconds, and every business is in the line of fire. Making sure that you have all the bases covered and taking smart precautions like increased security awareness training can help reduce risk.
United States – Alaska Department of Health and Social Services
https://www.govinfosecurity.com/alaska-health-department-services-affected-by-malware-attack-a-16708Exploit: Malware
Alaska Department of Health and Social Services: Regional Human Services Agency
Risk to Business: 1.833= Severe
The Alaska health department’s website was taken offline Monday evening and will be unavailable to the public for an indeterminate amount of time as IT teams work to investigate and recover from a malware attack. COVID-19 immunization and most data dashboards are maintained by an outside contractor and are still operational. The department’s main website, background check system, the state of Alaska’s vital records system, Alaska’s behavioral health and substance abuse management system and the state’s system for schools to report vaccine data to public health have all been impacted.
Customers Impacted: Unknown
How it Could Affect Your Business: Malware that takes important systems offline can seriously impact an organization’s operations, costing a fortune in remediation, investigation and recovery. Government targets have been especially appealing to cybercriminals due to their notoriously weak security.
United States – Bergen Logistics
https://www.hackread.com/logistics-giant-leaks-data-lolz-when-alerted/Exploit: Unsecured Database
Bergen Logistics: Shipping & Fulfillment
Risk to Business: 2.812= Moderate
Security researchers recently discovered an exposed database belonging to Bergen Logistics. The Elasticsearch server contains a trove of 467,979 login credentials and shipment records relevant to the company’s customers. Bergen Logistics handles import/export, picking and packing for clients in the fashion industry. the company also direct ships to customers of online marketplaces and e-commerce stores.
Individual Risk: 2.772= Moderate
The exposed data for customers includes names, addresses, order numbers and details, email and contact information and plaintext passwords to customer accounts. This data could be used for spear phishing attempts.
How it Could Affect Your Business: There are enough ways to suffer a cybersecurity incident without causing them through negligence, even though employee error is still the number one cause of a data breach. Making sure to cover the bases with basics goes a long way toward improving security.
United Kingdom – One Call
https://www.doncasterfreepress.co.uk/news/one-call-cyber-attack-all-you-need-to-know-about-hackers-darkside-and-insurance-boss-john-radford-3244076Exploit: Ransomware
One Call: Insurer
Risk to Business: 1.606 = Severe
Insurer OneCall admitted last week that a ransomware attack disrupted its core IT system and forced it to shut down its servers. The attack was perpetrated by the notorious DarkSide gang, which purportedly went dark after the Colonial Pipeline fiasco. the hackers are demanding a ransom of more than $20k. The company has released no clear information on what data was stolen or how long the investigation and recovery will take, although news outlets are reporting customer and financial data as potentially stolen by the gang.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is the preferred weapon of cybercriminals, especially those in major gangs. Increased security awareness training is a must for every client because it makes organizations up to 70% less likely to experience damaging cybersecurity incidents like this one.
United Kingdom – FastTrack Reflex Recruitment
https://www.hackread.com/uk-recruitment-firm-exposed-applicants-data/Exploit: Misconfiguration
FastTrack Reflex Recruitment: Staffing Firm
Risk to Business: 1.882 = Severe
FastTrack Reflex Recruitment is the latest company to join the ranks of businesses that have had data leaks due to misconfigured AWS S3 buckets. The leaky bucket contained CVs for applicants and also included PII. Experts counted 21,000 client files (including duplicates), equating to 5GB of data,
Individual Risk: 1.780 = Severe
In the bucket, applicant CVs were exposed including attached identity documents like passports, work permits, identity card numbers and similar documents. In many cases, names, addresses, social media profile URLs, contact information DOBs and photos were also exposed
How it Could Affect Your Business: Simple failures in setup like this are a symptom of low standards and a sloppy cybersecurity culture. They’re also a quick way into disaster as this will not only cost money to fix, it will also incur penalties under GDPR and similar legislation.
Ireland – Ardagh Group
https://portswigger.net/daily-swig/packaging-vendor-ardagh-admits-cyber-attack-disrupted-operationsExploit: Ransomware
Ardagh Group: Packaging Manufacturer
Risk to Business: 1.699 = Severe
Glass and metal packaging giant Ardagh Group was snarled in a suspected ransomware attack. The company said that metal and glass packaging facilities remained operational, but the attack has caused shipping delays and interruptions. Investigation and remediation are underway, and the company expects to have everything back online by the end of the month.
Customers Impacted: Unknown
How it Could Affect Your Business: Make sure your clients are taking every possible precaution against ransomware because 61% of organizations worldwide experienced a damaging ransomware incident in 2020.
New Zealand – Waikato District Health Board
https://www.theregister.com/2021/05/19/new_zealand_hospitals_taken_down/Exploit: Ransomware
Waikato District Health Board: Regional Healthcare Agency
Risk to Business: 1.115 = Extreme
Waikato District Health Board (DHB) had most of its IT services go offline Tuesday morning as the result of a suspect Conti ransomware attack, severely impacting services at six of its affiliate hospitals. Only email service has escaped the shutdown. With patient notes inaccessible, clinical services were disrupted and surgeries postponed. Phone lines went down and hospitals were forced to accept urgent patients only, using pencil and paper records. Service disruptions are expected to continue for several days.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks on healthcare targets have been at the top of the cybercriminals playbook since the beginning of the global pandemic, and they represent a threat to public health, not to mention overstressing already burned-out hospital staffers.
India – Air India
https://www.bleepingcomputer.com/news/security/air-india-data-breach-impacts-45-million-customers/Exploit: Third Party Data Breach
Risk to Business: 2.001 = Severe
Air India disclosed a data breach impacting 4.5 million of its customers following the hack of airline passenger service system provider SITA in February 2021. Dozens of airlines around the world had data exposed in that ransomware incident and the fallout is still shaking out. The airline confirmed that the breach involved personal data and credit card information registered between August 2011 and February 2021 by Air India or its subsidiaries.
Risk to Business: 2.113 = Severe
The exposed data is reported to include passenger details like name, date of birth, contact information, passport information, ticket information, Star Alliance, and Air India frequent flyer data as well as credit card numbers.
How it Could Affect Your Business: Third-party and supply chain data breaches like this one are becoming all too common as clever cybercriminals go for data-rich targets – and the problem will only get worse thanks to booming dark web data markets.
India – Domino’s Pizza India
https://ciso.economictimes.indiatimes.com/news/user-info-linked-to-18cr-dominos-orders-leaked/82899181Exploit: Hacking
Domino’s Pizza India: Restaurant Chain
Risk to Business: 1.774 = Severe
Customer and employee information has been exposed in a hacking incident at Domino’s Pizza India. Security researchers discovered 13TB of employee files and customer details exposed on the dark web. The data leak may be connected to another breach of the pizza chain earlier in April. Jubilant FoodWorks, operator of the chain, said that customers’ financial information remains safe.
Risk to Business: 1.671 = Severe
It is unclear what if any payment data was snatched, but personal information for customers including order dates, addresses, names, order invoices and similar data is available. The hackers claim to also have employee data, but that is unconfirmed.
How it Could Affect Your Business: Personal data is the most desirable information for cybercriminals right now, and every company needs to take precautions to keep them out of databases.
Japan – Mercari
https://www.bleepingcomputer.com/news/security/e-commerce-giant-suffers-major-data-breach-in-codecov-incident/Exploit: Supply Chain Data Breach
Mercari: E-commerce Platform
Risk to Business: 1.922 = Severe
In another big supply chain hit this week, Japanese marketplace Mercari has been compromised as a result of the recent Codecov breach. earlier this year, code coverage tool Codecov disclosed that it had been a victim of a supply-chain attack that lasted for two months and allowed cybercriminals to meddle with its popular Bash Uploader, opening hundreds of companies up to risk. Mercari announced that tens of thousands of customer records, including financial information, were exposed to external actors due to the Codecov breach.
Individual Risk: 1.942 = Severe
In the final tally, 17,085 records related to the transfer of sales proceeds to customer accounts were exposed including bank code, branch code, account number, account holder (kana) and transfer amount; 7,966 records on business partners of “Mercari” and “Merpay,” including names, date of birth, affiliation, e-mail address, and other data were exposed. 2,615 records on employees were also impacted including those working for a Mercari subsidiary. The data is comprised of names of some employees as of April 2021, company email address, employee ID, telephone number, date of birth and other PII plus details of past employees, some contractors and employees of external companies who interacted with Mercari.
How it Could Affect Your Business: Third-party data breaches like this one are the future of business. Reliance on outsourced service providers gives cybercriminals an easy way to scoop up data or snatch access credentials for multiple targets in one fell swoop.
United States – Three Affiliated Tribes
https://nativenewsonline.net/currents/three-affiliated-tribes-hit-by-ransomware-attack-holding-tribal-information-hostagExploit: Ransomware
Three Affiliated Tribes: Tribal Government Organization
Risk to Business: 1.607= Severe
The Three Affiliated Tribes (the Mandan, Hidatsa & Arikara Nations) announced to its staff and employees that its server was infected with ransomware. Since the server was hacked, the tribe has been unable to access files, email and critical information. Employees were also asked to refrain from using their work computers, Investigation and recovery is ongoing
Customers Impacted: Unknown
How It Could Affect Your Business: Protection from ransomware needs to be a top priority for every organization. These days a new attack is launched every 40 seconds putting every business in the line of fire.
United States – US Veterans Administration (VA)
https://threatpost.com/veterans-medical-records-ransomware/166025/Exploit: Ransomware
Veterans Administration: Federal Agency
Risk to Business: 1.722= Severe
The VA has found itself in the cybersecurity hot seat again after a data breach at a records contractor exposed more than 200,000 records for veterans. The contractor, United Valor Solutions, appears to have been the victim of a ransomware attack. Researchers found a trove of their data online, including this sensitive VA data. The VA has announced that its Veterans Benefits Administration (VBA) Privacy Office is currently working with Medical Disability Examination Officer (MDEO) and contractors to further handle the incident, with the VA Data Breach Response Service investigating independently.
Individual Risk: 1.722= Severe
The exposed records contain included patient names, birth dates, medical information, contact information and even doctor information and appointment times, unencrypted passwords and billing details for veterans and their families, all of which could be used in socially engineered spear phishing or fraud scams.
How it Could Affect Your Business: Ransomware is the gift that keeps on giving for medical sector targets. Not only are those victims facing expensive investigation and recovery costs, but they can also expect a substantial HIPAA fine and possibly more regulatory scrutiny.
Ireland – Health Service Executive (HSE)
https://www.bbc.com/news/world-europe-57134916Exploit: Ransomware
Health Service Executive (HSE): National Healthcare Provider
Risk to Business: 1.668 = Severe
Ransomware rocked Ireland after the Conti gang perpetrated attacks on both the Department of Health and Ireland’s national healthcare provider Health Service Executive (HSE). HSE was forced to take action including shutting down the majority of its systems including all national and local systems involved in all core services and all major hospitals. The ransom demand is reported to be $20 million.
The National Cyber Security Centre (NCSC) has said the HSE became aware of a significant ransomware attack on some of its systems in the early hours of Friday morning and the NCSC was informed of the issue and immediately activated its crisis response plan. On Monday, May 18, officials announced that diagnostic services were still impacted as well as other patient care necessities. Officials alos said that it may take the Irish health service weeks to repair systems and restore all services, at a price that will reach into the tens of millions of euros.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware is the preferred weapon of cybercriminals at every activity level. Increased security awareness training makes organizations up to 70% less likely to experience damaging cybersecurity incidents like this one.
France – Acer Finance
https://securityaffairs.co/wordpress/117991/cyber-crime/avaddon-ransomware-acer-finance-axa.htmlExploit: Ransomware
Acer Finance: Financial Advisors
Risk to Business: 2.307 = Severe
Avaddon ransomware came calling at Acer Finance. The Company offers risk management, mutual funds, analysis, financial planning, and advisory services. Acer Finance serves individuals, entrepreneurs, and institutional investors in France. The ransomware gang claims to have stolen confidential company information about clients and employees, and they’re giving Acer Finance 240 hours to communicate and cooperate with them before start leaking the stolen valuable company documents. As proof of the hack, the group published several ID cards, personal documents, contracts, and a screenshot of the folders containing stolen data.
Customers Impacted: Unknown
How it Could Affect Your Business: No organization is safe from phishing. Every company should make stepping up phishing resistance training a priority.
Japan – Toshiba
https://www.cyberscoop.com/darkside-ransomware-toshiba-hack/Exploit: Ransomware
Toshiba: Electronics Manufacturer
Risk to Business: 1.817 = Severe
European units of Japanese tech giant Toshiba are investigating a security incident in which scammers may have used a similar hacking tool to the malware used against IT systems at Colonial Pipeline. The company announced that it had been forced to disconnect network connections between Japan and Europe to stop the spread of ransomware. The attack is believed to have been perpetrated by the DarkSide ransomware gang. Toshiba Tec Group, a unit of the multinational conglomerate which makes printers and other technologies, said the firm had not yet confirmed that customer related information was leaked externally. The incident is under investigation and the company says that it has not paid any ransom.
How it Could Affect Your Business: By disrupting internal operations, ransomware can cause tremendous problems for multinational companies even if no data is stolen or systems encrypted.