InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
The Week in Breach News: 02/23/22 – 03/01/22
State Bar of California
https://www.latimes.com/california/story/2022-02-27/california-bar-investigates-possible-data-breach-after-discipline-records-published-onlineExploit: Hacking
State Bar of California: Legal Professional & Regulatory Body
Risk to Business: 2.177= Severe
The State Bar of California is investigating a data breach after learning that a third-party website had published confidential information about 260,000 attorney discipline cases in California and other jurisdictions. The exposed data included case numbers, file dates, information about the types of cases and their statuses, respondent and complaining witness names.
How It Could Affect Your Business: Sensitive data of this sort is a valuable commodity. This information could be used for blackmail, fraud, spear phishing, BEC and so much more nastiness.
New York State Ethics Commission
https://www.insurancejournal.com/news/east/2022/02/28/655883.htmExploit: Hacking
New York State Ethics Commission: Regulatory Authority
Risk to Business: 2.807=Moderate
New York’s ethics commission has shut down its online filing system after a cyberattack. The attack impacted several functions including a web server for the agency’s lobbying application and financial disclosure filing systems as well as other functions. The systems were taken offline late last week and will remain offline for the foreseeable future.
Nvidia
https://www.reuters.com/technology/chipmaker-nvidia-investigating-potential-cyberattack-report-2022-02-25/Exploit: Ransomware
Nvidia: Graphics Processing Units (GPU) Manufacturer
Risk to Business: 1.616 = Severe
Legendary graphics chipmaker Nvidia has been hit with ransomware that took several of the company’s functions down for days, including internal email and developer tools. Ransomware group Lapsus$ is claiming responsibility. The group claims to have some 1TB of Nvidia threatening to leak it if Nvidia doesn’t pay an unspecified sum. In a highly unusual turn of events, a few days later, Lapsus$ took to the web to indignantly complain that Nvidia had hacked them in return, encrypting the data that Lapsus$ had snatched. The group says they have backups, and they’ll start publishing Nvidia’s data soon.
How It Could Affect Your Business: Cybercriminals are having a field day attacking supply chain targets in the hope of scoring a big payday fast from an organization with no time to lose.
Bridgestone Americas
https://portswigger.net/daily-swig/bridgestone-americas-disconnects-manufacturing-facilities-following-security-incidentExploit: Hacking
Bridgestone Americas: Tire Manufacturer
Risk to Business: 1.414 = Extreme
Bridgestone is shutting down production at its factories around the US as the company deals with an unspecified cybersecurity incident. The company released a statement saying that it was immediately disconnecting and pausing production at factories in the US and Latin America, with no projected timeline for reopening provided to employees.
How it Could Affect Your Business: Supply chain disruption has been the name of the game for cybercriminals and tires are an important part of most supply chains.
France – Melijoe
https://www.safetydetectives.com/news/melijoe-leak-report/Exploit: Misconfiguration
Melijoe: Luxury Children’s Clothier
Risk to Business: 2.771=Moderate
An Amazon S3 bucket that belonged to French kids’ fashion retailer Melijoe was left accessible on the web with no authentication controls in place, exposing the sensitive and personal data of potentially hundreds of thousands of customers. The bucket has exposed almost 2 million files, totaling around 200 GB of data, including wish lists, purchases, preferences and other customer data.
Risk to Individual: 2.822=Moderate
The Preferences dataset exposed forms of customer PII and sensitive customer data, including email addresses, names of children, genders, dates of birth, preferences of brands. Other datasets included SKUs of purchased items, payment type (but not payment card or bank information), order dates and delivery preferences.
Sweden – Axis
https://www.zdnet.com/article/swedish-camera-giant-axis-still-recovering-from-cyberattack/Exploit: Hacking
Axis: Camera Manufacturer
Risk to Business: 1.719 = Severe
Axis has shut down all of its public-facing services in response to alerts from its cybersecurity and intrusion detection system on Sunday, the company said in a statement. Axis said that its Case Insight tool in the US and the Camera Station License System were dealing with partial outages as well as Device Manager Extend Device upgrades for OS and apps. The incident is under investigation and services are expected to be restored quickly.
How it Could Affect Your Business: Cloud-hosted services and data have become very attractive for hackers, with cloud data breaches up by 30% in 2021.
Taiwan – Asustor NAS
Exploit: RansomwareAsustor NAS: Computer Hardware Developer
Risk to Business: 1.231 = Extreme
Owners of Asustor NAS drives have discovered that their devices have been hit by DeadBolt ransomware. Users were greeted with a message from the DeadBolt ransomware attempting to extort 0.03 bitcoins (approximately US $1140 at current exchange rates) for the promised release of a decryption key that would allow users to access their data. Asustor is investigating the matter and in the meantime, the company has disabled functionality which can allow remote access to its NAS drives: ASUSTOR EZ-Connect, ASUSTOR EZ Sync, and ezconnect.to
Japan – Toyota
https://www.reuters.com/business/autos-transportation/toyota-suspends-all-domestic-factory-operations-after-suspected-cyber-attack-2022-02-28/Exploit: Third-Party Risk
Toyota: Automobile Manufacturer
Risk to Business: 1.892 = Severe
Toyota announced that it is shutting down its domestic factory operations briefly after a cyberattack at a supplier. The supplier, Kojima Industries Corp, has admitted to being attacked but offered no further information. It was not made clear how long Toyota’s Japanese factories, which total one-third of its production yearly, will be closed.
How it Could Affect Your Business: This is the exact scenario cybercriminals want to make quick moneywhen they attack small suppliers of large corporations and shut down production lines.
About the author
