InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
The Week in Breach News: 07/20/22 – 07/26/22
Exploit: Hacking
Twitter: Social Media Network
Risk to Business: 2.783 = Moderate
Cybercriminals say that they’ve exploited a vulnerability in the Twitter platform to obtain data about 5.4 million accounts. Altogether, bad actors claim to have snatched data from 5.4 million accounts, with the data now up for sale on a hacker forum for $30,000. Twitter was alerted to the exploit in January 2022 and fixed it quickly, but the damage had already been done. The method used to scrape the data was similar to an attack on Facebook in 2021. Twitter has not confirmed or denied the attack as of press time, saying that the incident is under investigation.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Business: Cybercriminals are always happy to exploit vulnerabilities and security gaps that allow them to obtain data.
AllOne Health Resources, INC.
https://www.jdsupra.com/legalnews/allone-health-resources-inc-discovers-8173610/
Exploit: Business Email Compromise (BEC)
AllOne Health Resources: Insurance Company
Risk to Business: 1.672 = Severe
AllOne Health Resources, Inc. Has experienced a data breach as the result of a business email compromise attack. The company says that an unauthorized party gained access to sensitive consumer data contained on its network after landing the BEC attack. According to AllOne Health, the company discovered the breach after it realized that the company’s finance department had sent several wire transfers to a fraudulently created bank account. That prompted an investigation which revealed that bad actors had gained access to an employee’s email account and snatched sensitive data.
Individual Risk: 1.703 = Severe
Exposed information includes the names, addresses, dates of birth, driver’s license numbers, Social Security numbers and health information of 13,669 individuals.
How It Could Affect Your Business: A data security disaster in the healthcare sector is extra expensive and damaging after regulators weigh in.
Blue Cross and Blue Shield (BCBS) of Massachusetts
https://healthitsecurity.com/news/bcbs-of-massachusetts-reports-third-party-vendor-data-breach
Exploit: Supply Chain Risk
Blue Cross and Blue Shield (BCBS) of Massachusetts: Insurance Company
Risk to Business: 1.701 = Severe
Blue Cross and Blue Shield (BCBS) of Massachusetts has filed a notice with the Maine Attorney General’s Office stating that the company had suffered a breach of employee pension data thanks to an insider incident at a vendor, LifeWorks US. BCBS of Massachusetts and BCBS of Massachusetts HMO Blue used the vendor for services related to employee pension plan payments. BCBS says that on May 17, 2022, a now former LifeWorks employee mishandled data by emailing spreadsheets containing identifiable information about BCBS employees to both their personal email address and the personal email address of another former LifeWorks employee.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Business: Supply chain risk is an ongoing problem that won’t be going away anytime soon, and cybercrime doesn’t even have to be involved for it to damage a business.
Entrust
Exploit: Ransomware
Entrust: Software Company
Risk to Business: 1.776 = Severe
Digital security software maker Entrust has confirmed that it suffered a cyberattack where threat actors breached its network and stole data from internal systems. Entrust says that about two weeks ago, bad actors penetrated security and gained access to corporate data. The company maintains that data theft does not have an impact on its products and services. No ransomware group has claimed responsibility for the attack as of press time, and no ransom demand has been released.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business: Bad actors aren’t just looking for PII/PHI or financial data, they’re also in the market to steal data about OT and proprietary data.
Neopets
Exploit: Hacking
Neopets: Video Game Website
Risk to Business: 2.304 = Severe
Virtual pet website Neopets has suffered a data breach that resulted in the theft of source code and a database containing the personal information of over 69 million members. A hacker on the dark web going by the name TarTarX is selling the source code and database for the Neopets.com website for four bitcoins. Neopets recently launched NFTs that will be an element in an upcoming online Metaverse game.
Individual Risk: 2.215 = Severe
The data includes members’ usernames, names, email addresses, zip code, date of birth, gender, country, an initial registration email and other site/game-related information.
How it Could Affect Your Business: The bad guys are always hungry for big pools of data, and adding some source code to the mix makes it even better.
Gas South, LLC
https://www.securityweek.com/glass-and-metal-packaging-giant-ardagh-group-discloses-cyberattack
Exploit: Hacking
Gas South, LLC.: Natural Gas Company
Risk to Business: 1.929 = Severe
Atlanta, Georgia natural gas provider Gas South has disclosed a data breach that may have exposed consumer data. The company says that an unauthorized party had access to its network between February 13 and February 23, 2022, with access to sensitive consumer data related to 38,000 individuals. Gas South is the largest natural gas provider in the Southeastern United States.
Individual Risk: 2.215 = Severe
The consumer information exposed may have included customers’ Social Security numbers, driver’s license numbers and financial data.
How it Could Affect Your Business: Utilities and other infrastructure targets have been under the gun for the last year, with 14 of 16 critical infrastructure sectors hit by a cyberattack in 2021.
Qmunity
https://globalnews.ca/news/9009970/qmunity-cyber-attack/
Exploit: Hacking
Qmunity: Non-Profit
Risk to Business: 2.017 = Severe
Non-profit Qmunity, a 2SLGBTQ+ resource and online community provider, says that its website has been hacked, leading to service disruptions. Cybercriminals injected malicious code into the site, deferring users to download apps and illicit third-party pages. Most website functions have been restored and no client or personal data stored was accessed. This is the second cyberattack aimed at a Vancouver-based 2SLGBTQ+ resource in the past few weeks.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business: Adding or adjusting links to be malicious is a signature trick of cybercriminals and they never stop using it.
The Town of St. Mary’s, Ontario
https://www.theverge.com/2022/7/22/23274372/st-marys-canada-lockbit-ransomware-cyber-incident
Exploit: Ransomware
St. Mary’s, Ontario: Municipality
Risk to Business: 2.017 = Severe
A ransomware attack has hit the town of St Mary’s in Ontario, locking staff out of internal systems and encrypted data. The ransomware group LockBit has claimed responsibility. The cybercriminals uploaded a sample to their leak site containing directories corresponding to municipal operations like finance, health and safety, sewage treatment, property files, and public works. Town officials were quick to reassure citizens that essential municipal services like transit and water systems haven’t been impacted. No word on any ransom demand or if the municipality plans to pay. LockBit is also responsible for another attack on a small town this week, hitting Frederick, Colorado on July 14. The group is demanding $200,000 not to publish the data snatched from Frederick, CO.
Individual Impact: No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Business: Governments and agencies have been targets for ransomware because the bad guys know they have a higher chance of getting paid thanks to the time-sensitive nature of government services.
About the author
