InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Meyer Manufacturing Co. Ltd.
https://www.securityweek.com/cookware-distribution-giant-meyer-discloses-data-breachExploit: Ransomware
Meyer Manufacturing Co. Ltd.: Cookware Manufacturing & Distribution
Risk to Business: 2.177= Severe
Meyer Manufacturing Co. Ltd recently filed a data breach notification disclosing a ransomware attack that impacted employees of its distribution arm. Bleeping Computer reports that this attack is the work of the Conti ransomware group. In its disclosure, Meyer said the initial incident occurred in October 2021 but was not discovered until December 2021. The attack affected Meyer and its subsidiaries, including Hestan Commercial Corp., Hestan Smart Cooking, Hestan Vineyards and Blue Mountain Enterprises LLC.
Risk to Business: 1.919= Severe
Employee personal information was snatched in this incident including their first and last name, address, date of birth, gender, race or ethnicity, Social Security number, health insurance information, medical information, driver’s license, passport or government-issued identification number, and Permanent Resident Card and information regarding immigration status.
How It Could Affect Your Business: Data that can be used to falsify identities is a valuable commodity on the dark web and cybercriminals never stop looking for soft targets that enable them to steal it.
The City of Baltimore
https://www.infosecurity-magazine.com/news/baltimore-conned-out-of-375k/Exploit: Business Email Compromise
The City of Baltimore: Municipality
Risk to Business: 1.251=Extreme
Buckle up because this is a saga. A report just released by the Office of the Inspector General (OIG) details a business email compromise disaster that ended up costing the city of Baltimore more than $375,000. In this incident, bad actors managed to change the bank details kept on file for a vendor who had an agreement with Baltimore’s Mayor’s Office of Children and Family Success (MOCFS). The cybercriminals contacted both MOCFS and Baltimore’s Bureau of Accounting and Payroll Services (BAPS) asking to have the vendor’s banking information updated to send payments to a different bank account at another financial institution. BAPS ultimately complied with the fraudster’s change request, then began sending electronic payments to the new address. You know how this one ends up. Ultimately, cybercriminals made off with $376,213.10. The vendor was not named, but the report noted that cybercriminals had gained access to the vendor’s email accounts through a phishing attack.
How It Could Affect Your Business: Business email compromise is the most dangerous cybercrime according to FBI IC3, 64x worse than ransomware. This is why.
The Internet Society (ISOC)
https://thecyberwire.com/newsletters/privacy-briefing/4/33Exploit: Misconfiguration
The Internet Society (ISOC): Non-Profit
Risk to Business: 2.776 = Moderate
Cybersecurity researchers recently announced the discovery of a trove of information belonging to ISOC in an unsecured Microsoft Azure blob. The blob was reported to contain contained millions of files with personal and login details belonging to ISOC members. ISOC has secured the blob but there’s no telling how long that data was exposed for or who may have seen it.
Risk to Business: 1.282= Moderate
The member data exposed includes members’ full names, preferred language, the account ID, donation history, login credentials, social media tokens, email and street addresses, genders and similar personal information.
How It Could Affect Your Business: Human error aka employee negligence is the biggest cause of a data breach because it’s what makes things like this happen.
Expeditors International
https://www.bleepingcomputer.com/news/security/expeditors-shuts-down-global-operations-after-likely-ransomware-attack/Exploit: Ransomware
Expeditors International: Logistics & Freight Forwarding
Risk to Business: 1.364 = Extreme
Expeditors International was hit by a ransomware attack over the President’s Day holiday weekend that has resulted in the company being forced to shut down most of its operations worldwide. First announced by the company on Sunday night, Expeditors International warned that services and systems may be offline until they can restore them from backups. The incident could snarl supply chains globally. Expeditors International handles warehousing and distribution, transportation, customs and compliance at 350 locations worldwide.
How it Could Affect Your Business: Supply chain disruption has been the name of the game for cybercriminals and freight forwarders on land and on the sea have been constantly targeted lately
OpenSea
https://www.cnbc.com/2022/02/20/nft-marketplace-opensea-is-investigating-a-phishing-hack.htmlExploit: Phishing
OpenSea: NFT Trading Marketplace
Risk to Business: 1.282=Extreme
Online NFT marketplace OpenSea has been embroiled in controversy after a cyberattack cost investors their NFT. There’s been a lot of back-and-forth on this one. A phishing attack perpetrated on the platform’s users is purportedly to blame for the incident that has so far left more than 30 of its users unable to access their NFTs, although some claims have been made on Twitter pointing to a flaw in the platform’s code. Reports say that the attacker has made somewhere between $1.7 – 2 million in Ethereum from selling some of the stolen NFTs. An estimated 254 tokens were stolen over three hours.
Customers Impacted: Unknown
How it Could Affect Your Business: Phishing is a danger to any business in any industry, and it can do massive damage as well as cost a fortune.
United Kingdom – National Health Service (NHS)
https://www.dailymail.co.uk/news/article-10531637/Tens-thousands-NHS-patients-private-medical-information-leaked-shocking-data-breach.htmlExploit: Third-Party Data Breach
National Health Service (NHS): National Healthcare Agency
Risk to Business: 2.919 = Moderate
A shocking report from the Daily Mail details the exposure of all sorts of sensitive data for thousands of patients served by the NHS. The information was exposed by an NHS service provider, PSL Print Management. Reports say that the exposed confidential files include hospital appointment letters for women’s health emergencies, test results of cervical screening and letters to parents of children needing urgent surgery. The information dates back as far as 2015, a huge no-no under data protection rules. The incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Third-party risk is a problem that will only continue growing worse for organizations as they increasingly farm out work to smaller specialty service providers.
Switzerland – The University of Neuchâtel
https://www.swissinfo.ch/eng/university-of-neuch%C3%A2tel-hit-by-cyberattack/47360432
Exploit: RansomwareThe University of Neuchâtel: Institution of Higher Learning
Risk to Business: 2.775 = Moderate
Swiss college The University of Neuchâtel is back online after a cyberattack that is likely ransomware knocked its systems out last week. The attack encrypted some systems making it impossible for students or employees to access materials and systems related to classwork. The university is unable to confirm if any data was stolen. Operations have since been restored.
How it Could Affect Your Business: Schools at every level have been battered by cybercrime since the start of the global pandemic.
Japan – Mizuno
https://www.bleepingcomputer.com/news/security/sports-brand-mizuno-hit-with-ransomware-attack-delaying-orders/Exploit: Ransomware
Mizuno: Sports Equipment and Sportswear Manufacturer
Risk to Business: 2.227 = Severe
Japanese brand Mizuno has experienced some business disruption after a ransomware attack on its US-based operations corporate network. The incident left the company facing phone outages and order delays as systems are restored. Customers have been left unable to place new orders or track orders in progress as well. No word on an expected timeline for restoration.
Customers Impacted: Unknown
How it Could Affect Your Business: Retailers have been experiencing a serious increase in ransomware attacks in the last 12 months.
Meyer Manufacturing Co. Ltd.
https://www.securityweek.com/cookware-distribution-giant-meyer-discloses-data-breachExploit: Ransomware
Meyer Manufacturing Co. Ltd.: Cookware Manufacturing & Distribution
Risk to Business: 2.177= Severe
Meyer Manufacturing Co. Ltd recently filed a data breach notification disclosing a ransomware attack that impacted employees of its distribution arm. Bleeping Computer reports that this attack is the work of the Conti ransomware group. In its disclosure, Meyer said the initial incident occurred in October 2021 but was not discovered until December 2021. The attack affected Meyer and its subsidiaries, including Hestan Commercial Corp., Hestan Smart Cooking, Hestan Vineyards and Blue Mountain Enterprises LLC.
Risk to Business: 1.919= Severe
Employee personal information was snatched in this incident including their first and last name, address, date of birth, gender, race or ethnicity, Social Security number, health insurance information, medical information, driver’s license, passport or government-issued identification number, and Permanent Resident Card and information regarding immigration status.
How It Could Affect Your Business: Data that can be used to falsify identities is a valuable commodity on the dark web and cybercriminals never stop looking for soft targets that enable them to steal it.
The City of Baltimore
https://www.infosecurity-magazine.com/news/baltimore-conned-out-of-375k/Exploit: Business Email Compromise
The City of Baltimore: Municipality
Risk to Business: 1.251=Extreme
Buckle up because this is a saga. A report just released by the Office of the Inspector General (OIG) details a business email compromise disaster that ended up costing the city of Baltimore more than $375,000. In this incident, bad actors managed to change the bank details kept on file for a vendor who had an agreement with Baltimore’s Mayor’s Office of Children and Family Success (MOCFS). The cybercriminals contacted both MOCFS and Baltimore’s Bureau of Accounting and Payroll Services (BAPS) asking to have the vendor’s banking information updated to send payments to a different bank account at another financial institution. BAPS ultimately complied with the fraudster’s change request, then began sending electronic payments to the new address. You know how this one ends up. Ultimately, cybercriminals made off with $376,213.10. The vendor was not named, but the report noted that cybercriminals had gained access to the vendor’s email accounts through a phishing attack.
How It Could Affect Your Business: Business email compromise is the most dangerous cybercrime according to FBI IC3, 64x worse than ransomware. This is why.
The Internet Society (ISOC)
https://thecyberwire.com/newsletters/privacy-briefing/4/33Exploit: Misconfiguration
The Internet Society (ISOC): Non-Profit
Risk to Business: 2.776 = Moderate
Cybersecurity researchers recently announced the discovery of a trove of information belonging to ISOC in an unsecured Microsoft Azure blob. The blob was reported to contain contained millions of files with personal and login details belonging to ISOC members. ISOC has secured the blob but there’s no telling how long that data was exposed for or who may have seen it.
Risk to Business: 1.282= Moderate
The member data exposed includes members’ full names, preferred language, the account ID, donation history, login credentials, social media tokens, email and street addresses, genders and similar personal information.
How It Could Affect Your Business: Human error aka employee negligence is the biggest cause of a data breach because it’s what makes things like this happen.
Expeditors International
https://www.bleepingcomputer.com/news/security/expeditors-shuts-down-global-operations-after-likely-ransomware-attack/Exploit: Ransomware
Expeditors International: Logistics & Freight Forwarding
Risk to Business: 1.364 = Extreme
Expeditors International was hit by a ransomware attack over the President’s Day holiday weekend that has resulted in the company being forced to shut down most of its operations worldwide. First announced by the company on Sunday night, Expeditors International warned that services and systems may be offline until they can restore them from backups. The incident could snarl supply chains globally. Expeditors International handles warehousing and distribution, transportation, customs and compliance at 350 locations worldwide.
How it Could Affect Your Business: Supply chain disruption has been the name of the game for cybercriminals and freight forwarders on land and on the sea have been constantly targeted lately
OpenSea
https://www.cnbc.com/2022/02/20/nft-marketplace-opensea-is-investigating-a-phishing-hack.htmlExploit: Phishing
OpenSea: NFT Trading Marketplace
Risk to Business: 1.282=Extreme
Online NFT marketplace OpenSea has been embroiled in controversy after a cyberattack cost investors their NFT. There’s been a lot of back-and-forth on this one. A phishing attack perpetrated on the platform’s users is purportedly to blame for the incident that has so far left more than 30 of its users unable to access their NFTs, although some claims have been made on Twitter pointing to a flaw in the platform’s code. Reports say that the attacker has made somewhere between $1.7 – 2 million in Ethereum from selling some of the stolen NFTs. An estimated 254 tokens were stolen over three hours.
Customers Impacted: Unknown
How it Could Affect Your Business: Phishing is a danger to any business in any industry, and it can do massive damage as well as cost a fortune.
United Kingdom – National Health Service (NHS)
https://www.dailymail.co.uk/news/article-10531637/Tens-thousands-NHS-patients-private-medical-information-leaked-shocking-data-breach.htmlExploit: Third-Party Data Breach
National Health Service (NHS): National Healthcare Agency
Risk to Business: 2.919 = Moderate
A shocking report from the Daily Mail details the exposure of all sorts of sensitive data for thousands of patients served by the NHS. The information was exposed by an NHS service provider, PSL Print Management. Reports say that the exposed confidential files include hospital appointment letters for women’s health emergencies, test results of cervical screening and letters to parents of children needing urgent surgery. The information dates back as far as 2015, a huge no-no under data protection rules. The incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Third-party risk is a problem that will only continue growing worse for organizations as they increasingly farm out work to smaller specialty service providers.
Switzerland – The University of Neuchâtel
https://www.swissinfo.ch/eng/university-of-neuch%C3%A2tel-hit-by-cyberattack/47360432
Exploit: RansomwareThe University of Neuchâtel: Institution of Higher Learning
Risk to Business: 2.775 = Moderate
Swiss college The University of Neuchâtel is back online after a cyberattack that is likely ransomware knocked its systems out last week. The attack encrypted some systems making it impossible for students or employees to access materials and systems related to classwork. The university is unable to confirm if any data was stolen. Operations have since been restored.
How it Could Affect Your Business: Schools at every level have been battered by cybercrime since the start of the global pandemic.
Japan – Mizuno
https://www.bleepingcomputer.com/news/security/sports-brand-mizuno-hit-with-ransomware-attack-delaying-orders/Exploit: Ransomware
Mizuno: Sports Equipment and Sportswear Manufacturer
Risk to Business: 2.227 = Severe
Japanese brand Mizuno has experienced some business disruption after a ransomware attack on its US-based operations corporate network. The incident left the company facing phone outages and order delays as systems are restored. Customers have been left unable to place new orders or track orders in progress as well. No word on an expected timeline for restoration.
Customers Impacted: Unknown
How it Could Affect Your Business: Retailers have been experiencing a serious increase in ransomware attacks in the last 12 months.
6 Questions to Ask Before Implementing a Technology Change
It can be exciting to introduce new technology into your business. Finding a solution that will help your team members do their jobs more efficiently and effectively by filling a gap in your technology infrastructure is certainly an achievement. However, before you get carried away with quickly implementing your new solution to reap the benefits, there are a few things you should know.
When introducing new technology into your IT infrastructure, keep in mind that change can be difficult for individuals. It can be hard to predict whether end users will readily accept or resist the change. Before implementing new technology, you need a well-planned change management strategy to help you achieve success and get the most out of your investment.
Change management is an approach that deals with changes or transformations in organizational processes, objectives and technology. The goal of change management is to devise strategies to implement and govern transformation while helping people adjust to it.
There are a few factors to consider before beginning your change management journey.
Ask these questions before making a technology change:
What is being changed?
Assume you are starting a transition from backup solution “X” to backup solution “Y.” Before implementation, spend some time assessing what the backup solution “X” lacks, why it needs an update and how important it is.
What will this change mean for people, processes and technology?
Examine technology mapping and dependencies to ensure you understand the implications of pulling systems offline for updates. Also, determine the processes that need to be modified and the individuals who oversee them.
Who will manage the change?
When is the best time to implement this change?
If you're about to embark on a new transition, but your employees are still dealing with the effects of previous changes, it may be a good idea to postpone the planned transformation if possible. On the flip side, if your employees have adjusted well to a recent change, then introducing a new transition could work out just as well.
How long will the change take?
Who will reach out to support if something goes wrong?
Collaboration with a managed service provider (MSP) who can support you in emergency and non-emergency situations can be a good idea.
Find the right partner
Change is a challenging experience. You risk damaging key processes and losing valuable team members to burnout if you don't have a good change management strategy in place. An expert with years of experience and subject knowledge, like us, may be exactly what your company needs.
Feel free to contact us for a consultation on change management.
6 Questions to Ask Before Implementing a Technology Change
It can be exciting to introduce new technology into your business. Finding a solution that will help your team members do their jobs more efficiently and effectively by filling a gap in your technology infrastructure is certainly an achievement. However, before you get carried away with quickly implementing your new solution to reap the benefits, there are a few things you should know.
When introducing new technology into your IT infrastructure, keep in mind that change can be difficult for individuals. It can be hard to predict whether end users will readily accept or resist the change. Before implementing new technology, you need a well-planned change management strategy to help you achieve success and get the most out of your investment.
Change management is an approach that deals with changes or transformations in organizational processes, objectives and technology. The goal of change management is to devise strategies to implement and govern transformation while helping people adjust to it.
There are a few factors to consider before beginning your change management journey.
Ask these questions before making a technology change:
What is being changed?
Assume you are starting a transition from backup solution “X” to backup solution “Y.” Before implementation, spend some time assessing what the backup solution “X” lacks, why it needs an update and how important it is.
What will this change mean for people, processes and technology?
Examine technology mapping and dependencies to ensure you understand the implications of pulling systems offline for updates. Also, determine the processes that need to be modified and the individuals who oversee them.
Who will manage the change?
When is the best time to implement this change?
If you're about to embark on a new transition, but your employees are still dealing with the effects of previous changes, it may be a good idea to postpone the planned transformation if possible. On the flip side, if your employees have adjusted well to a recent change, then introducing a new transition could work out just as well.
How long will the change take?
Who will reach out to support if something goes wrong?
Collaboration with a managed service provider (MSP) who can support you in emergency and non-emergency situations can be a good idea.
Find the right partner
Change is a challenging experience. You risk damaging key processes and losing valuable team members to burnout if you don't have a good change management strategy in place. An expert with years of experience and subject knowledge, like us, may be exactly what your company needs.
Feel free to contact us for a consultation on change management.
San Francisco 49ers
https://abcnews.go.com/Sports/wireStory/ransomware-gang-hacked-49ers-football-team-82865844Exploit: Ransomware
San Francisco 49ers: National Football League (NFL) Team
Risk to Business: 1.727= Severe
While everyone was focused on the big game last week, cybercriminals were focused on the San Francisco 49ers. The team was hit by a ransomware attack, purportedly by BlackByte. The cybercriminals claim they stole some of the football team’s financial data, invoices and other internal documents. The team stressed the fact that this event appeared to be limited to their corporate network and did not endanger any fan or stadium databases.
Customers Impacted: Unknown
How It Could Affect Your Business: Organizations in industries that have had historically poor security are attractive low-hanging fruit for cybercriminals.
EasyVote Solutions
https://www.govtech.com/security/georgia-voter-info-posted-online-after-software-company-breachExploit: Misconfiguration
EasyVote Solutions: Voting Software Company
Risk to Business: 1.561 =Severe
EasyVote Solutions has exposed some voter and poll worker data. The data was left unguarded and easily accessible on the internet. The software company says that exposed information does not include full voting records or registrations. The breach was discovered by South Carolina Law Enforcement Division (SLED) internet researchers. SLED and the FBI are investigating.
Individual Risk: 1.772 =Severe
Exposed data for voters can include names, addresses, races and dates of birth. Exposed data for poll workers may include those details plus identity documents, Social Security numbers and financial data.
How It Could Affect Your Business: Misconfiguration and sloppy security aren’t uncommon mistakes, but they’re always a problem and could be an expensive regulatory disaster in some industries.
Meter
https://www.zdnet.com/article/4-4-million-stolen-in-attack-on-blockchain-infrastructure-meter/Exploit: Hacking
Meter: De Fi Platform
Risk to Business: 1.279= Extreme
Another day, another DeFi hack. This time the victim was blockchain infrastructure company Meter. $4.4 million was stolen during a cyberattack on the Meter Passport platform in the form of 1391 ETH and 2.74 BTC. The incident also impacted Meter’s Moonriver Network. The company acknowledged the hack on Saturday, urging users not to trade unbacked meterBNB circulating on Moonriver. The company says that it plans to repay some investors and the incident is under investigation.
Customers Impacted: Unknown
How It Could Affect Your Business: De Fi continues to be a hotbed of hacking activity as cybercriminals seek quick scores of cryptocurrency, and there’s still no end to the danger in sight.
Memorial Hermann Health System
https://www.khou.com/article/news/local/memorial-hermann-cyberattack-security-breach/285-1cc8295d-48a4-452e-a6f2-1b4fd059f201Exploit: Third-Party Breach
Memorial Hermann Health System: Healthcare Provider
Risk to Business: 1.861 = Severe
Memorial Hermann Health System is notifying patients that their data has been exposed after a data security incident at one of their service providers, Advent Health Partners. That company has been investigating unauthorized activity on company email accounts related to Memorial Hermann data. The incident was first spotted in September 2021.
Individual Risk: 1.712 = Severe
An unauthorized third party accessed multiple files containing Memorial Hermann patients’ protected health information (PHI) that may include first names, last names, dates of birth, social security numbers, driver’s license numbers, financial information, health insurance information and treatment information.
How it Could Affect Your Business: Cybercriminals are poised to attack any company that handles or stores large amounts of valuable personal or health-related data.
Switzerland – Swissport International
https://securityaffairs.co/wordpress/127655/cyber-crime/swissport-international-ransomware-attack.htmlExploit: Ransomware
Swissport International: Aviation Services
Risk to Business: 2.171= Severe
Aviation services company Swissport International was struck with a ransomware attack that had a major impact on its operations, leading to flight delays for 22 flights out of Zurich Airport. The aviation company provides cargo handling, security, maintenance, cleaning and lounge hospitality at airports in 50 countries. The company’s website was back up and running quickly, and the incident is under investigation.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware attacks against transportation and transportation infrastructure targets have been increasing as cybercriminals look for quick paydays.
Portugal – Vodafone
https://therecord.media/cyberattack-brings-down-vodafone-portugal-mobile-voice-and-tv-services/Exploit: Hacking
Vodafone: Communications Carrier
Risk to Business: 2.919 = Moderate
Wireless carrier Vodafone Portugal said that a substantial amount of its customer data services went offline for one overnight period following a cyberattack. The company’s 4G and 5G mobile networks, along with fixed voice, television, SMS and voice/digital answering services went down. The company says that customer data doesn’t appear to have been accessed or compromised. Some services still remain offline a week after the attack.
Customers Impacted: Unknown
How it Could Affect Your Business: Attacks against communications companies have been a major component of the recent wave of infrastructure and related hacking.
Croatia – A1 Hrvatska
Exploit: Unauthorized AccessA1 Hrvatska: Communications Carrier
Risk to Business: 1.904 = Severe
Croatian telecom A1 Hrvatska has disclosed a data security incident that led to the exposure of personal data for an estimated 200,000 customers. The company says that the exposure was due to unauthorized access to one of their user databases that contained sensitive personal information. The company was quick to specify that no consumer financial data was exposed. The incident has not affected A1 Hrvatska’s services or operations.
Individual Risk: 2.711 = Moderate
The customer information exposed includes users’ full names, personal identification numbers, physical addresses and telephone numbers.
How it Could Affect Your Business: Utilities/Infrastructure are at the top of the cybercriminal hit list these days, and companies in those sectors should take note.
Slovenia – Pop TV
https://therecord.media/cyber-attack-disrupts-slovenias-top-tv-station/Exploit: Ransomware
Pop TV: Television Network
Risk to Business: 1.2011 = Severe
Ransomware practitioners stole the show at Pop TV, Slovenia’s most popular TV channel. As a result news programs including the station’s news broadcast 24UR were unable to show any computer graphics. Particularly irksome for customers was the fact that the attack prevented new content from being added to the platform, impacting streaming any of its channels and live sporting events, such as the Winter Olympics. Slovenia’s Computer Emergency Response Team, SI-CERT is investigating.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals looking for fast money are likely to target businesses that are in time-sensitive industries.
New South Wales Department of Customer Service
https://www.smh.com.au/politics/federal/sensitive-business-addresses-among-500-000-published-in-covid-data-breach-20220214-p59wal.htmlExploit: Misconfiguration
New South Wales Department of Customer Service: Regional Government Agency
Risk to Business: 1.211 = Extreme
A real data exposure mess has brewed in New South Wales, Australia thanks to a government-run QR code-based COVID-19 check-in program. The COVID Safe Businesses and Organizations dataset was discovered loose on the internet and it included data for sensitive sites and organizations alongside data about run-of-the-mill companies. Some of the sensitive data posted gave details about the physical facilities and locations of prisons, critical infrastructure networks including power stations and tunnel entry sites as well as dozens of shelters and crisis accommodation centers. Even national security-related locations were exposed. In this program, businesses and organizations registered as COVID-safe to access a QR code for staff and customers to check-in at their physical locations. The program has been discontinued.
Customers Impacted: Unknown
How it Could Affect Your Business: Information is gold on the dark web. The locations of sensitive infrastructure targets will be circulating quickly and could easily fall into the wrong hands.