InTegriLogic Blog
InTegriLogic has been serving the Tucson area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
FinalSite
https://thejournal.com/articles/2022/01/07/thousands-of-schools-affected-by-ransomware-attack-on-website-provider-finalsite.aspxExploit: Ransomware
FinalSite: Education Technology Provider
Risk to Business: 1.227=Extreme
School website services provider FinalSite has suffered a ransomware attack that disrupted access to websites for thousands of schools worldwide. FinalSite provides solutions for over 8,000 K – 12 schools and universities in 115 countries. school districts that hosted their websites with FinalSite found that they were no longer reachable or were displaying errors. Bleeping Computer reports that in addition to the website outages the attack prevented schools from sending closure notifications due to weather or COVID-19. FinalSite says that approximately 5,000 school websites went offline as a result of the ransomware attack and no data was stolen. An investigation is ongoing.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses.
Broward Health
https://www.techtimes.com/articles/270004/20220103/hospital-data-breach-personal-info-1-3-million-patients-staff-data-breach.htmExploit: Hacking
Broward Health: Hospital System
Risk to Business: 2.223 =Severe
Florida-based healthcare system Broward Health has disclosed a data breach affecting 1,357,879 individuals after an intruder gained unauthorized access to the hospital’s network and patient data. The organization discovered the breach four days after the initial intrusion and immediately notified the FBI and the US Department of Justice. Broward Health contracted a third-party cybersecurity expert to help with the investigations.
Risk to Business: 2.419=Severe
The exposed personal data for patients and former patients at Broward health may include Social Security numbers, bank or financial account information, driver’s license numbers, names, addresses, telephone numbers and hospital payment account information. Protected health information including medical information like care history, condition, treatment and diagnosis records may also have been exposed.
How It Could Affect Your Business: Medical data is always a win for cybercriminals and losing it is an expensive nightmare for hospitals once regulators are finished with them.
D.W. Morgan
https://www.websiteplanet.com/blog/dwmorgan-leak-report/Exploit: Hacking
D.W. Morgan: Logistics and Supply Chain Management
Risk to Business: 1.717= Severe
Researchers at Website Planet uncovered a data breach at D.W. Morgan because of a misconfigured AW3 bucket. The exposed data included more than 2.5 million files equating to over 100GB of data related to D.W. Morgan’s clients and their shipments from 2013 to late 2021. Some files also included sensitive client data and employee PII. Website Planet revealed that records pertaining to deliveries for clients including Cisco, and Life Technologies was also exposed in files.
Customers Impacted: Unknown
How It Could Affect Your Business: Service providers like this are goldmines for cybercriminals, amping up supply chain risk for everyone.
Ravkoo
https://www.bleepingcomputer.com/news/security/us-online-pharmacy-ravkoo-links-data-breach-to-aws-portal-incident/Exploit: Hacking
Ravkoo: Pharmacy
Risk to Business: 1.719 = Severe
US-based online pharmacy Ravkoo has disclosed a data breach. The company disclosed that its AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed by unauthorized parties, resulting in the potential compromise of customers’ prescription and health information.
Customers Impacted: Unknown
How it Could Affect Your Business: Once again, a service provider that maintains a large array of records full of PII was hit, gaining cybercriminals a data bonanza.
FlexBooker
https://www.bleepingcomputer.com/news/security/flexbooker-discloses-data-breach-over-37-million-accounts-impacted/Exploit: Hacking
FlexBooker: Scheduling Platform
Risk to Business: 1.806=Moderate
FlexBooker experienced an attack before the holidays that resulted in the theft of more than three million user records. The platform is used for scheduling and employee calendar management by small businesses like doctor’s offices, real estate companies, service sector businesses and similar companies. Bleeping Computer reports that a group calling themselves Uawrongteam, has claimed responsibility, providing links to archives and files with sensitive information, such as photos, driver’s licenses, and other IDs as proof.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.
France – Inetum Group
https://www.bleepingcomputer.com/news/security/global-it-services-provider-inetum-hit-by-ransomware-attack/Exploit: Ransomware
Inetum Group: IT Services Provider
Risk to Business: 1.991 = Severe
Over the winter holidays, French IT services company Inetum Group was hit by a ransomware attack that impacted its business and its customers. The company was quick to reassure clients that none of the main infrastructures, communication, collaboration tools or delivery operations for Inetum clients has been affected. Inetum Group has notified authorities about the attack and is collaborating with specialized cybercrime units. A third party investigation is underway. Inetum provides IT services for clients in myriad industries in 26 countries.
Customers Impacted: Unknown
How it Could Affect Your Business: IT services companies are juicy targets for crooks who may be able to parlay a successful attack on them into an intrusion on one of their clients.
Switzerland – CPH Chemie + Papier
https://www.hackread.com/german-audio-tech-sennheiser-expose-customers-data/
Exploit: MalwareCPH Chemie + Papier: Industrial Packaging. Paper and Chemicals
Risk to Business: 1.806 = Severe
Swiss company CPH Chemie + Papier has announced that it was hit with a cyberattack that has impacted its IT systems and some production facilities. Production in the paper and packaging operations in Perlen LU and Müllheim, Germany was halted briefly but the company’s chemical operations were unaffected. Malware is suspected to be the culprit. Investigation and recovery efforts are underway.
Customers Impacted: Unknown
How it Could Affect Your Business: Ransomware isn’t the only malware on the block. Other types of malware also pack a nasty punch that can devastate businesses.
Singapore – OG Department Stores
https://www.straitstimes.com/singapore/consumer/personal-data-of-og-department-store-customers-leakedExploit: Hacking
OG Department Stores: Retailer
Risk to Business: 2.721 = Moderate
OG Department Stores has announced that they’ve experienced a breach that has exposed customers’ personal data. The company said that the incident affected members who are in either the basic or gold membership tiers. OG said it has reported the matter to the police and other relevant authorities, including the Personal Data Protection Commission (PDPC) and the Cyber Security Agency of Singapore (CSA).
Risk to Business: 2.775 = Moderate
Customer data that may have been compromised includes the names, mailing addresses, email addresses, mobile numbers, genders and dates of birth. Encrypted data including NRIC numbers and passwords may also have been snatched.
How it Could Affect Your Business: Personal data is always a winner for cybercriminals who are looking to make a quick profit in the booming dark web data markets.
Why Your Business Needs a Data Security Policy
Today, the competitive business environment is data-driven. Data provides key insights into your customers and business performance that helps you make better decisions and improve processes. However, the sudden influx of employees working remotely exposes your organization’s information to several security threats.
According to the FBI, cybersecurity complaints increased from 1,000 to 4,000 complaints daily during the COVID-19 pandemic.[i] The growing number of data breaches only validates that data security should be a top priority.
Data Security Versus Data Privacy
A well-crafted data security policy is critical to protecting your organization’s data from unauthorized access. It is important to understand the difference between data security and data privacy to develop a clearly defined data security policy. Data security is the process of securing sensitive information, such as company and customer data, from unauthorized access and exploitation. On the other hand, data privacy, also known as information privacy, is the process of managing how information is collected, used, stored and disseminated by an organization.
Risks and Consequences of Not Having a Data Security Policy
Despite the growing number of data breaches, most small and midsized businesses do not have well-established data security policies. The lack of a data security program opens the door to a wide variety of security risks, such as data theft, data tampering and unauthorized access to sensitive information. The impact of a single data breach can be much more devastating and result in huge financial loss. It can also have the following serious consequences:
Damage Brand Reputation: A security breach can tarnish your brand’s image and drive away potential customers. Your customers will lose trust and confidence in your company.
Disrupt Business Operations: The period of downtime from the moment a security incident occurs, right up to restoration, significantly affects business operations, leading to low productivity, revenue loss and unhappy customers.
Legal Implications: Organizations that fall victim to data breaches face serious consequences including fines, legal action and compensation to customers.
Loss of Intellectual Property: A data breach not only puts your company and customer information at risk, but you also run the risk of losing patents, blueprints and other certifications.
Proactive and Preventative Strategies to Protect Your Data
The truth is anyone can become a victim of data breaches. The costs of recovering your compromised data can be greater than taking proactive measures to prevent breaches from occurring in the first place.
Protecting your organization’s most valuable asset requires far more than an IT security program. Having a well-documented information security policy in place is an important step to protect sensitive data and minimize threats. Apart from setting up the policy, you should constantly communicate guidelines and best practices for data protection across your organization.
Understanding the Key Elements of a Data Security Policy
It is critical to identify both internal and external risks that could disrupt business operations in order to establish a robust data security policy. Here are some key elements your company’s data protection policy should include:
Data Privacy: As businesses gather massive amounts of customer information, it is extremely important to ensure confidential data records are safeguarded from prying eyes and opportunistic scammers. Having a data privacy policy in place will not only help you stay compliant with regulations but will also help prevent malicious misuse of your clients’ sensitive data.
Password Management: According to the 2020 Data Breach Investigations Report, over 80 percent of data breaches due to hacking are password-related. It is vital that you implement a strong password management policy for all users who have access to your company’s resources so as to mitigate the risks of security breaches. The policy should state the importance of periodically updating passwords, how to manage and secure passwords, and the implications of not adhering to the policies and procedures.
Internet Usage: Businesses today rely heavily on the internet for their day-to-day operations, which also makes them vulnerable to several security risks. Therefore, it’s important to have an internet usage policy to guide your employees on how to securely access the internet. Your employees should be made aware that browsing restricted sites and downloading unnecessary files are prohibited and failing to adhere to these rules can be detrimental.
Email Usage: In the 2019 Data Breach Investigations Report, 94 percent of malware was delivered through email. A carefully outlined email policy will protect your employees and organizations from threats related to malicious emails. Training programs on email etiquette will ensure corporate emails are responsibly used and confidential client-related information is secured and protected.
Company-Owned and Personal Employee Devices: The sudden shift to remote working has dramatically increased the level of security risks. Having a company-owned device policy will help in managing, monitoring and securing both the device and the information on it from unauthorized access and data theft.
As personal employee devices are used for both recreational and business purposes, it’s difficult to monitor and control personal devices, which can be easily exploited. By outlining a comprehensive information security policy, such as using up-to-date software, connecting to the network through secure VPN and immediately reporting if the device is lost or stolen, you can minimize the risks of data breaches.
Software User Agreements: Every software user should comply with the end-user license agreement. Breaching this agreement could result in lawsuits and fines. A software user agreement policy will ensure your employees are using only those software applications that are legal and approved by your company.
Reporting Security Breaches: A security incident can occur when you least expect it. Data breaches should be immediately reported to minimize negative impacts and prevent further attacks. A data breach policy will guide your employees on what actions need to be taken to manage data breaches. It will also ensure your employees follow appropriate procedures while reporting such incidents.
Conquer the Challenge of Data Policies
For any organization, data is a valuable asset that needs to be protected at all costs. Adding to the challenge are the constantly evolving and complex data privacy regulations that every business should comply with.
To find out how you can secure your data while staying compliant with regulations, contact us today.
Article curated and used by permission.
[i] https://thehill.com/policy/cybersecurity/493198-fbi-sees-spike-in-cyber-crime-reports-during-coronavirus-pandemic
Why Your Business Needs a Data Security Policy
Today, the competitive business environment is data-driven. Data provides key insights into your customers and business performance that helps you make better decisions and improve processes. However, the sudden influx of employees working remotely exposes your organization’s information to several security threats.
According to the FBI, cybersecurity complaints increased from 1,000 to 4,000 complaints daily during the COVID-19 pandemic.[i] The growing number of data breaches only validates that data security should be a top priority.
Data Security Versus Data Privacy
A well-crafted data security policy is critical to protecting your organization’s data from unauthorized access. It is important to understand the difference between data security and data privacy to develop a clearly defined data security policy. Data security is the process of securing sensitive information, such as company and customer data, from unauthorized access and exploitation. On the other hand, data privacy, also known as information privacy, is the process of managing how information is collected, used, stored and disseminated by an organization.
Risks and Consequences of Not Having a Data Security Policy
Despite the growing number of data breaches, most small and midsized businesses do not have well-established data security policies. The lack of a data security program opens the door to a wide variety of security risks, such as data theft, data tampering and unauthorized access to sensitive information. The impact of a single data breach can be much more devastating and result in huge financial loss. It can also have the following serious consequences:
Damage Brand Reputation: A security breach can tarnish your brand’s image and drive away potential customers. Your customers will lose trust and confidence in your company.
Disrupt Business Operations: The period of downtime from the moment a security incident occurs, right up to restoration, significantly affects business operations, leading to low productivity, revenue loss and unhappy customers.
Legal Implications: Organizations that fall victim to data breaches face serious consequences including fines, legal action and compensation to customers.
Loss of Intellectual Property: A data breach not only puts your company and customer information at risk, but you also run the risk of losing patents, blueprints and other certifications.
Proactive and Preventative Strategies to Protect Your Data
The truth is anyone can become a victim of data breaches. The costs of recovering your compromised data can be greater than taking proactive measures to prevent breaches from occurring in the first place.
Protecting your organization’s most valuable asset requires far more than an IT security program. Having a well-documented information security policy in place is an important step to protect sensitive data and minimize threats. Apart from setting up the policy, you should constantly communicate guidelines and best practices for data protection across your organization.
Understanding the Key Elements of a Data Security Policy
It is critical to identify both internal and external risks that could disrupt business operations in order to establish a robust data security policy. Here are some key elements your company’s data protection policy should include:
Data Privacy: As businesses gather massive amounts of customer information, it is extremely important to ensure confidential data records are safeguarded from prying eyes and opportunistic scammers. Having a data privacy policy in place will not only help you stay compliant with regulations but will also help prevent malicious misuse of your clients’ sensitive data.
Password Management: According to the 2020 Data Breach Investigations Report, over 80 percent of data breaches due to hacking are password-related. It is vital that you implement a strong password management policy for all users who have access to your company’s resources so as to mitigate the risks of security breaches. The policy should state the importance of periodically updating passwords, how to manage and secure passwords, and the implications of not adhering to the policies and procedures.
Internet Usage: Businesses today rely heavily on the internet for their day-to-day operations, which also makes them vulnerable to several security risks. Therefore, it’s important to have an internet usage policy to guide your employees on how to securely access the internet. Your employees should be made aware that browsing restricted sites and downloading unnecessary files are prohibited and failing to adhere to these rules can be detrimental.
Email Usage: In the 2019 Data Breach Investigations Report, 94 percent of malware was delivered through email. A carefully outlined email policy will protect your employees and organizations from threats related to malicious emails. Training programs on email etiquette will ensure corporate emails are responsibly used and confidential client-related information is secured and protected.
Company-Owned and Personal Employee Devices: The sudden shift to remote working has dramatically increased the level of security risks. Having a company-owned device policy will help in managing, monitoring and securing both the device and the information on it from unauthorized access and data theft.
As personal employee devices are used for both recreational and business purposes, it’s difficult to monitor and control personal devices, which can be easily exploited. By outlining a comprehensive information security policy, such as using up-to-date software, connecting to the network through secure VPN and immediately reporting if the device is lost or stolen, you can minimize the risks of data breaches.
Software User Agreements: Every software user should comply with the end-user license agreement. Breaching this agreement could result in lawsuits and fines. A software user agreement policy will ensure your employees are using only those software applications that are legal and approved by your company.
Reporting Security Breaches: A security incident can occur when you least expect it. Data breaches should be immediately reported to minimize negative impacts and prevent further attacks. A data breach policy will guide your employees on what actions need to be taken to manage data breaches. It will also ensure your employees follow appropriate procedures while reporting such incidents.
Conquer the Challenge of Data Policies For any organization, data is a valuable asset that needs to be protected at all costs. Adding to the challenge are the constantly evolving and complex data privacy regulations that every business should comply with.
To find out how you can secure your data while staying compliant with regulations, contact us today.
Article curated and used by permission. [i] https://thehill.com/policy/cybersecurity/493198-fbi-sees-spike-in-cyber-crime-reports-during-coronavirus-pandemic
Shutterfly
https://www.bleepingcomputer.com/news/security/shutterfly-services-disrupted-by-conti-ransomware-attack/Exploit: Ransomware
Shutterfly: Digital Image & Photography Services
Risk to Business: 1.876=Severe
Shutterfly has been hit with a Conti ransomware attack that allegedly encrypted over 4,000 devices and 120 VMware ESXi servers. On the Conti leak site, they offer samples of stolen Shutterfly data including legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and customer information, including the last four digits of credit cards. Shutterfly said in a statement that their Shutterfly.com, Snapfish, TinyPrints, or Spoonflower sites were not affected by the attack. However, their corporate network, Lifetouch, BorrowLenses, and Groovebook experienced service disruptions.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses as well as retail users.
Pro Wrestling Tees
https://www.bleepingcomputer.com/news/security/pro-wrestling-tees-discloses-data-breach-after-credit-cards-stolen/Exploit: Hacking (Payment Skimmer)
Pro Wrestling Tees: Merchandise & Fan Experience Platform
Risk to Business: 1.612=Severe
Pro Wrestling Tees has disclosed a data breach incident that has resulted in the compromise of the financial details of tens of thousands of its customers. In a data breach notification sent to affected individuals on December 15, 2021, Pro Wrestling Tees disclosed that it was informed by law enforcement that a small portion of its customers’ credit card numbers had been compromised in a malware infection.
Risk to Business: 1.919=Severe
The unnamed cybercriminals stole full names and credit card numbers of Pro Wrestling Tees customers who processed transactions through the platform including CVV codes. The company contends that they don’t store card info within their software and that only a small number of customers who used the checkout page were affected, although users on Reddit claim that many customers have seen fraudulent charges pile up.
How It Could Affect Your Business: Payment card skimmers and other similar malware are an occupational hazard for any company that processes online payments.
Maryland Department of Health
https://www.washingtonpost.com/dc-md-va/2021/12/05/maryland-health-department-cyberattack/Exploit: Hacking
Maryland Department of Health: State Government Agency
Risk to Business: 1.717= Severe
The Maryland Department of Health experienced a cyberattack in early December that disrupted reporting of COVID-19 cases, deaths, testing and vaccination data. Some outlets are pointing to ransomware as the culprit but that has not been confirmed and state officials offered no details of the incident. The attack also impacted reporting in Baltimore. Systems were restored and the state began reporting COVID-19 data again on January 4.
Customers Impacted: Unknown
How It Could Affect Your Business: State agencies have been high on cybercriminals’ target lists throughout 2021 because they’re likely to pay the ransom and that trend is expected to continue in 2022.
UK – Gloucester City Council
https://www.bbc.com/news/uk-england-gloucestershire-59831468Exploit: Hacking
Gloucester City Council: Municipal Government Body
Risk to Business: 1.809 = Severe
Gloucester City Council is in the process of restoring municipal services in the wake of a December 20 cyberattack. Impacted functions include the council’s online revenue and benefits sections as well as planning and customer services. City residents are also unable to access interactive online application forms for housing benefits, council tax support, test and trace support payments and discretionary housing payments. The council is working with the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) to fix the issue.
Customers Impacted: Unknown
How it Could Affect Your Business: Infrastructure targets and municipalities have been very attractive to cybercriminals looking for quick ransom payments to restore essential services.
Norway – Amedia
https://therecord.media/cyberattack-on-one-of-norways-largest-media-companies-shuts-down-presses/Exploit: Ransomware
Amedia: Media Company
Risk to Business: 1.412= Extreme
Amedia, the largest local news publisher in Norway, experienced a suspected ransomware attack last week that shut down several of its essential systems, leaving it unable to publish its 78 printed newspapers until Friday in some cases. Amedia also said that its online news operations were unaffected, but the company suspects that unspecified that personal data belonging to employees may have been accessed during the attack. Vice Society is the ransomware gang purportedly responsible for this attack.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.
Portugal – Impresa
https://www.itp.net/security/portuguese-media-group-impresa-crippled-by-ransomware-attackExploit: Ransomware
Impresa: Media Company
Risk to Business: 1.701 = Severe
Portuguese media company Impresa, the owners of the country’s largest newspaper Expresso and biggest TV channel SIC TV has been hit with a ransomware attack by the Lapsus$ ransomware group. The Impresa attack hit over the New Year holiday weekend. SIC TV’s internet streaming transmission was interrupted but broadcasts remained operational. The cybercriminals responsible also gained access to Expresso’s Twitter account, announcing their success with a pinned tweet: “Lapsus$ is officially the new president of Portugal”.
Customers Impacted: Unknown
How it Could Affect Your Business: Multiple media companies were hit this week, a reminder that cybercriminals sometimes set their sights on many targets in one industry at the same time.
Germany – Sennheiser
https://www.hackread.com/german-audio-tech-sennheiser-expose-customers-data/
Exploit: MisconfigurationSennheiser: Audio Equipment Manufacturer
Risk to Business: 1.688 = Severe
Leading German audio equipment manufacturer, Sennheiser is in hot water after it misconfigured an Amazon Web Services (AWS) server. The unsecured server stored around 55GB of information on over 28,000 Sennheiser customers. The database contained data on customers that was collected between 2015-2018. The exposed AWS server was secured by Sennheiser quickly upon discovery.
Customers Impacted: Unknown
How it Could Affect Your Business: Simple cybersecurity blunders and employee carelessness can create complicated and expensive security incidents.
Ghana – National Service Secretariate (NSS)
https://www.zdnet.com/article/nsw-government-casual-recruiter-suffers-ransomware-hit/Exploit: Misconfiguration
National Service Secretariate (NSS): National Government Agency
Risk to Business: 1.883 = Severe
Ghana’s National Service Secretariate (NSS) exposed 55GB worth of citizens’ data in a misconfigured AWS S3 bucket. The foul-up exposed 55GB of data on up to 700,000 citizens. NSS is a government program that manages a compulsory year of public service for Ghana-based graduates from specific educational institutions. The Computer Emergency Response Team of Ghana (CERT-GH) is investigating the incident and handling response.
Risk to Business: 2.105 = Severe
The exposed database contained program membership cards and identity documents of the participants, including the participant’s details for the Ghana National Health Insurance Scheme and professional IDs for the candidates’ placements. The agency also stored different types of passport photos that the participants submitted in this bucket.
How it Could Affect Your Business: Any entity that is storing large amounts of sensitive data needs to make sure that they have taken reasonable precautions to protect it.
Shutterfly
https://www.bleepingcomputer.com/news/security/shutterfly-services-disrupted-by-conti-ransomware-attack/Exploit: Ransomware
Shutterfly: Digital Image & Photography Services
Risk to Business: 1.876=Severe
Shutterfly has been hit with a Conti ransomware attack that allegedly encrypted over 4,000 devices and 120 VMware ESXi servers. On the Conti leak site, they offer samples of stolen Shutterfly data including legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and customer information, including the last four digits of credit cards. Shutterfly said in a statement that their Shutterfly.com, Snapfish, TinyPrints, or Spoonflower sites were not affected by the attack. However, their corporate network, Lifetouch, BorrowLenses, and Groovebook experienced service disruptions.
Customers Impacted: Unknown
How It Could Affect Your Business: Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses as well as retail users.
Pro Wrestling Tees
https://www.bleepingcomputer.com/news/security/pro-wrestling-tees-discloses-data-breach-after-credit-cards-stolen/Exploit: Hacking (Payment Skimmer)
Pro Wrestling Tees: Merchandise & Fan Experience Platform
Risk to Business: 1.612=Severe
Pro Wrestling Tees has disclosed a data breach incident that has resulted in the compromise of the financial details of tens of thousands of its customers. In a data breach notification sent to affected individuals on December 15, 2021, Pro Wrestling Tees disclosed that it was informed by law enforcement that a small portion of its customers’ credit card numbers had been compromised in a malware infection.
Risk to Business: 1.919=Severe
The unnamed cybercriminals stole full names and credit card numbers of Pro Wrestling Tees customers who processed transactions through the platform including CVV codes. The company contends that they don’t store card info within their software and that only a small number of customers who used the checkout page were affected, although users on Reddit claim that many customers have seen fraudulent charges pile up.
How It Could Affect Your Business: Payment card skimmers and other similar malware are an occupational hazard for any company that processes online payments.
Maryland Department of Health
https://www.washingtonpost.com/dc-md-va/2021/12/05/maryland-health-department-cyberattack/Exploit: Hacking
Maryland Department of Health: State Government Agency
Risk to Business: 1.717= Severe
The Maryland Department of Health experienced a cyberattack in early December that disrupted reporting of COVID-19 cases, deaths, testing and vaccination data. Some outlets are pointing to ransomware as the culprit but that has not been confirmed and state officials offered no details of the incident. The attack also impacted reporting in Baltimore. Systems were restored and the state began reporting COVID-19 data again on January 4.
Customers Impacted: Unknown
How It Could Affect Your Business: State agencies have been high on cybercriminals’ target lists throughout 2021 because they’re likely to pay the ransom and that trend is expected to continue in 2022.
UK – Gloucester City Council
https://www.bbc.com/news/uk-england-gloucestershire-59831468Exploit: Hacking
Gloucester City Council: Municipal Government Body
Risk to Business: 1.809 = Severe
Gloucester City Council is in the process of restoring municipal services in the wake of a December 20 cyberattack. Impacted functions include the council’s online revenue and benefits sections as well as planning and customer services. City residents are also unable to access interactive online application forms for housing benefits, council tax support, test and trace support payments and discretionary housing payments. The council is working with the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) to fix the issue.
Customers Impacted: Unknown
How it Could Affect Your Business: Infrastructure targets and municipalities have been very attractive to cybercriminals looking for quick ransom payments to restore essential services.
Norway – Amedia
https://therecord.media/cyberattack-on-one-of-norways-largest-media-companies-shuts-down-presses/Exploit: Ransomware
Amedia: Media Company
Risk to Business: 1.412= Extreme
Amedia, the largest local news publisher in Norway, experienced a suspected ransomware attack last week that shut down several of its essential systems, leaving it unable to publish its 78 printed newspapers until Friday in some cases. Amedia also said that its online news operations were unaffected, but the company suspects that unspecified that personal data belonging to employees may have been accessed during the attack. Vice Society is the ransomware gang purportedly responsible for this attack.
Customers Impacted: Unknown
How it Could Affect Your Business: Cybercriminals are especially likely to target companies that provide time-sensitive products and services in hopes of a fast extortion payment.
Portugal – Impresa
https://www.itp.net/security/portuguese-media-group-impresa-crippled-by-ransomware-attackExploit: Ransomware
Impresa: Media Company
Risk to Business: 1.701 = Severe
Portuguese media company Impresa, the owners of the country’s largest newspaper Expresso and biggest TV channel SIC TV has been hit with a ransomware attack by the Lapsus$ ransomware group. The Impresa attack hit over the New Year holiday weekend. SIC TV’s internet streaming transmission was interrupted but broadcasts remained operational. The cybercriminals responsible also gained access to Expresso’s Twitter account, announcing their success with a pinned tweet: “Lapsus$ is officially the new president of Portugal”.
Customers Impacted: Unknown
How it Could Affect Your Business: Multiple media companies were hit this week, a reminder that cybercriminals sometimes set their sights on many targets in one industry at the same time.
Germany – Sennheiser
https://www.hackread.com/german-audio-tech-sennheiser-expose-customers-data/
Exploit: MisconfigurationSennheiser: Audio Equipment Manufacturer
Risk to Business: 1.688 = Severe
Leading German audio equipment manufacturer, Sennheiser is in hot water after it misconfigured an Amazon Web Services (AWS) server. The unsecured server stored around 55GB of information on over 28,000 Sennheiser customers. The database contained data on customers that was collected between 2015-2018. The exposed AWS server was secured by Sennheiser quickly upon discovery.
Customers Impacted: Unknown
How it Could Affect Your Business: Simple cybersecurity blunders and employee carelessness can create complicated and expensive security incidents.
Ghana – National Service Secretariate (NSS)
https://www.zdnet.com/article/nsw-government-casual-recruiter-suffers-ransomware-hit/Exploit: Misconfiguration
National Service Secretariate (NSS): National Government Agency
Risk to Business: 1.883 = Severe
Ghana’s National Service Secretariate (NSS) exposed 55GB worth of citizens’ data in a misconfigured AWS S3 bucket. The foul-up exposed 55GB of data on up to 700,000 citizens. NSS is a government program that manages a compulsory year of public service for Ghana-based graduates from specific educational institutions. The Computer Emergency Response Team of Ghana (CERT-GH) is investigating the incident and handling response.
Risk to Business: 2.105 = Severe
The exposed database contained program membership cards and identity documents of the participants, including the participant’s details for the Ghana National Health Insurance Scheme and professional IDs for the candidates’ placements. The agency also stored different types of passport photos that the participants submitted in this bucket.
How it Could Affect Your Business: Any entity that is storing large amounts of sensitive data needs to make sure that they have taken reasonable precautions to protect it.